Merged revisions r515932:540837 from ApacheDS trunk to SASL branch.
git-svn-id: https://svn.apache.org/repos/asf/directory/apacheds/branches/apacheds-sasl-branch@541123 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/NOTICE.txt b/NOTICE.txt
deleted file mode 100644
index 3be0487..0000000
--- a/NOTICE.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-Apache Directory Server
-Copyright 2003-2006 The Apache Software Foundation
-
-This product includes software developed by
-The Apache Software Foundation (http://www.apache.org/).
diff --git a/benchmarks/pom.xml b/benchmarks/pom.xml
index ae51a78..7f5769c 100644
--- a/benchmarks/pom.xml
+++ b/benchmarks/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-benchmarks</artifactId>
<name>ApacheDS Benchmarks</name>
diff --git a/bootstrap-extract/pom.xml b/bootstrap-extract/pom.xml
new file mode 100644
index 0000000..ce97c7f
--- /dev/null
+++ b/bootstrap-extract/pom.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<project>
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>build</artifactId>
+ <version>1.5.1-SNAPSHOT</version>
+ </parent>
+ <artifactId>apacheds-bootstrap-extract</artifactId>
+ <name>ApacheDS Bootstrap Partition File Extractor</name>
+ <packaging>jar</packaging>
+ <description>
+ This artifact contains the classes needed to extract db files into the proper position
+ for the schema partition.
+ </description>
+ <dependencies>
+ <dependency>
+ <groupId>commons-io</groupId>
+ <artifactId>commons-io</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>nlog4j</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-jdbm-store</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ </dependencies>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <configuration>
+ <systemProperties>
+ <property>
+ <name>jarFilePath</name>
+ <value>${basedir}/src/test/resources/test.jar</value>
+ </property>
+ <property>
+ <name>destDirPath</name>
+ <value>${basedir}/target/extracted</value>
+ </property>
+ </systemProperties>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+</project>
diff --git a/bootstrap-extract/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileListing.java b/bootstrap-extract/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileListing.java
new file mode 100644
index 0000000..35c12a6
--- /dev/null
+++ b/bootstrap-extract/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileListing.java
@@ -0,0 +1,166 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.schema.bootstrap.partition;
+
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.InputStream;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+import java.util.Enumeration;
+import java.net.URL;
+
+
+/**
+ * Parses the dbfile listing file within this jar.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public class DbFileListing
+{
+ Map<String, DbFileType> name2type = new HashMap<String, DbFileType>();
+ private static final String BASE_PATH = DbFileListing.class.getName()
+ .substring( 0, DbFileListing.class.getName().lastIndexOf( "." ) + 1 ).replace( '.', '/' );
+
+
+ public DbFileListing() throws IOException
+ {
+ init();
+ }
+
+
+ private void init() throws IOException
+ {
+
+ boolean userIndexMode = false;
+ String line;
+ BufferedReader in = new BufferedReader( new InputStreamReader( getUniqueResourceAsStream( "DBFILES" ) ) );
+ try
+ {
+ while ( ( line = in.readLine() ) != null )
+ {
+ if ( line.indexOf( "master.db" ) != -1 )
+ {
+ name2type.put( line.trim(), DbFileType.MASTER_FILE );
+ continue;
+ }
+
+ if ( line.indexOf( "USER INDICES" ) != -1 )
+ {
+ userIndexMode = true;
+ continue;
+ }
+
+ if ( userIndexMode )
+ {
+ name2type.put( line.trim(), DbFileType.USER_INDEX );
+ } else
+ {
+ name2type.put( line.trim(), DbFileType.SYSTEM_INDEX );
+ }
+ }
+ }
+ finally
+ {
+ in.close();
+ }
+ }
+
+ public static InputStream getUniqueResourceAsStream( String resourceName ) throws IOException
+ {
+ resourceName = BASE_PATH + resourceName;
+ URL result = getUniqueResource( resourceName );
+ return result.openStream();
+ }
+
+ static URL getUniqueResource( String resourceName )
+ throws IOException
+ {
+ Enumeration<URL> resources = DbFileListing.class.getClassLoader().getResources( resourceName );
+ if ( !resources.hasMoreElements() )
+ {
+ throw new IllegalStateException( "No resource named " + resourceName );
+ }
+ URL result = resources.nextElement();
+ if ( resources.hasMoreElements() )
+ {
+ StringBuffer buffer = new StringBuffer( "More than one resource named: " ).append( resourceName );
+ buffer.append( result ).append( "\n" );
+ while ( resources.hasMoreElements() )
+ {
+ buffer.append( resources.nextElement() ).append( "\n" );
+ }
+ throw new IllegalStateException( buffer.toString() );
+ }
+ return result;
+ }
+
+
+ public DbFileType getType( String dbfile )
+ {
+ return name2type.get( dbfile );
+ }
+
+
+ public Iterator<String> iterator()
+ {
+ return name2type.keySet().iterator();
+ }
+
+
+ public String getIndexAttributeName( String dbfile )
+ {
+ if ( dbfile.length() < 10 )
+ {
+ throw new IllegalArgumentException( "db file must have a relative jar path name of over 10 characters" );
+ }
+
+ // remove 'schema/'
+ String dbfileName = dbfile.substring( 7 );
+ return dbfileName.substring( 0, dbfileName.length() - 3 );
+ }
+
+
+ /**
+ * Gets the user indices WITHOUT the system indices.
+ *
+ * @return set of user index names
+ */
+ public Set<Object> getIndexedAttributes()
+ {
+ Set<Object> attributes = new HashSet<Object>();
+ Iterator<String> ii = iterator();
+ while( ii.hasNext() )
+ {
+ String name = ii.next();
+ if ( name2type.get( name ) == DbFileType.USER_INDEX )
+ {
+ attributes.add( getIndexAttributeName( name ) );
+ }
+ }
+ return attributes;
+ }
+}
diff --git a/bootstrap-partition/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileType.java b/bootstrap-extract/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileType.java
similarity index 100%
rename from bootstrap-partition/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileType.java
rename to bootstrap-extract/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileType.java
diff --git a/bootstrap-partition/src/main/java/org/apache/directory/server/schema/bootstrap/partition/SchemaPartitionExtractor.java b/bootstrap-extract/src/main/java/org/apache/directory/server/schema/bootstrap/partition/SchemaPartitionExtractor.java
similarity index 79%
rename from bootstrap-partition/src/main/java/org/apache/directory/server/schema/bootstrap/partition/SchemaPartitionExtractor.java
rename to bootstrap-extract/src/main/java/org/apache/directory/server/schema/bootstrap/partition/SchemaPartitionExtractor.java
index bcdb471..ebed68e 100644
--- a/bootstrap-partition/src/main/java/org/apache/directory/server/schema/bootstrap/partition/SchemaPartitionExtractor.java
+++ b/bootstrap-extract/src/main/java/org/apache/directory/server/schema/bootstrap/partition/SchemaPartitionExtractor.java
@@ -34,23 +34,23 @@
public class SchemaPartitionExtractor
{
private DbFileListing listing;
- private File outputDirectory;
-
-
+ private File outputDirectory;
+
+
public SchemaPartitionExtractor( File outputDirectory ) throws IOException
{
this.outputDirectory = outputDirectory;
this.listing = new DbFileListing();
}
-
-
+
+
public void extract() throws IOException
{
if ( ! outputDirectory.exists() )
{
outputDirectory.mkdirs();
}
-
+
File schemaDirectory = new File( outputDirectory, "schema" );
if ( ! schemaDirectory.exists() )
{
@@ -63,41 +63,38 @@
extract( ii.next() );
}
}
-
-
+
+
public DbFileListing getDbFileListing()
{
return listing;
}
-
-
+
+
private void extract( String resource ) throws IOException
{
byte[] buf = new byte[512];
- InputStream in = getClass().getResourceAsStream( resource );
- FileOutputStream out = null;
+ InputStream in = DbFileListing.getUniqueResourceAsStream( resource );
try
{
- out = new FileOutputStream( new File( outputDirectory, resource ) );
- while( in.available() > 0 )
+ FileOutputStream out = new FileOutputStream( new File( outputDirectory, resource ) );
+ try
{
- int readCount = in.read( buf );
- out.write( buf, 0, readCount );
- }
- out.flush();
- }
- finally
- {
- if ( out != null )
+ while ( in.available() > 0 )
+ {
+ int readCount = in.read( buf );
+ out.write( buf, 0, readCount );
+ }
+ out.flush();
+ } finally
{
out.close();
}
-
- if ( in != null )
- {
- in.close();
- }
+ }
+ finally
+ {
+ in.close();
}
}
}
diff --git a/bootstrap-extract/src/main/resources/META-INF/LICENSE.txt b/bootstrap-extract/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..c13db16
--- /dev/null
+++ b/bootstrap-extract/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,301 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/bootstrap-extract/src/main/resources/META-INF/NOTICE.txt b/bootstrap-extract/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..43a9f3a
--- /dev/null
+++ b/bootstrap-extract/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Server
+Copyright 2003-2006 The Apache Software Foundation
+
+This product includes software developed by
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/bootstrap-extract/src/test/java/org/apache/directory/server/schema/bootstrap/partition/UniqueResourceTest.java b/bootstrap-extract/src/test/java/org/apache/directory/server/schema/bootstrap/partition/UniqueResourceTest.java
new file mode 100644
index 0000000..54dc056
--- /dev/null
+++ b/bootstrap-extract/src/test/java/org/apache/directory/server/schema/bootstrap/partition/UniqueResourceTest.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.directory.server.schema.bootstrap.partition;
+
+import junit.framework.TestCase;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class UniqueResourceTest extends TestCase
+{
+
+ public void testUniqueResource() throws Exception
+ {
+ //look for META-INF/LICENSE.txt which should be in at least two jars
+ try
+ {
+ DbFileListing.getUniqueResource( "META-INF/LICENSE.txt" );
+ fail( "There are at least 2 license files on the classpath, this should have failed" );
+ } catch ( IllegalStateException e )
+ {
+ //ignore
+ }
+
+ }
+}
diff --git a/bootstrap-partition/pom.xml b/bootstrap-partition/pom.xml
index 699c075..928923e 100644
--- a/bootstrap-partition/pom.xml
+++ b/bootstrap-partition/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-bootstrap-partition</artifactId>
<name>ApacheDS Bootstrap Partition</name>
@@ -12,8 +12,9 @@
<description>
A special jar file that contains a pre-loaded partition with schema
information. This schema partition will mount off of the ou=schema
- namingContext. This artifact contains the db files for this partition
- as well as classes needed to extract them into the proper position.
+ namingContext. This artifact contains the db files for this partition.
+ It must be used with the apacheds-bootstrap-extract jar which contains
+ the classes to install these files.
</description>
<dependencies>
<dependency>
@@ -31,6 +32,16 @@
<artifactId>apacheds-jdbm-store</artifactId>
<version>${pom.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-bootstrap-extract</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.server</groupId>
+ <artifactId>apacheds-schema-extras</artifactId>
+ <version>${pom.version}</version>
+ </dependency>
</dependencies>
<build>
<plugins>
diff --git a/bootstrap-partition/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileListing.java b/bootstrap-partition/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileListing.java
deleted file mode 100644
index 2f0b159..0000000
--- a/bootstrap-partition/src/main/java/org/apache/directory/server/schema/bootstrap/partition/DbFileListing.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.schema.bootstrap.partition;
-
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Set;
-
-
-/**
- * Parses the dbfile listing file within this jar.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$
- */
-public class DbFileListing
-{
- Map<String, DbFileType> name2type = new HashMap<String, DbFileType>();
-
-
- public DbFileListing() throws IOException
- {
- init();
- }
-
-
- private void init() throws IOException
- {
- BufferedReader in = new BufferedReader( new InputStreamReader( getClass().getResourceAsStream( "DBFILES" ) ) );
- boolean userIndexMode = false;
- String line = null;
- while ( ( line = in.readLine() ) != null )
- {
- if ( line.indexOf( "master.db" ) != -1 )
- {
- name2type.put( line.trim(), DbFileType.MASTER_FILE );
- continue;
- }
-
- if ( line.indexOf( "USER INDICES" ) != -1 )
- {
- userIndexMode = true;
- continue;
- }
-
- if ( userIndexMode )
- {
- name2type.put( line, DbFileType.USER_INDEX );
- }
- else
- {
- name2type.put( line, DbFileType.SYSTEM_INDEX );
- }
- }
- }
-
-
- public DbFileType getType( String dbfile )
- {
- return name2type.get( dbfile );
- }
-
-
- public Iterator<String> iterator()
- {
- return name2type.keySet().iterator();
- }
-
-
- public String getIndexAttributeName( String dbfile )
- {
- if ( dbfile.length() < 10 )
- {
- throw new IllegalArgumentException( "db file must have a relative jar path name of over 10 characters" );
- }
-
- // remove 'schema/'
- String dbfileName = dbfile.substring( 7 );
- return dbfileName.substring( 0, dbfileName.length() - 3 );
- }
-
-
- /**
- * Gets the user indices WITHOUT the system indices.
- *
- * @return set of user index names
- */
- public Set<Object> getIndexedAttributes()
- {
- Set<Object> attributes = new HashSet<Object>();
- Iterator<String> ii = iterator();
-
- while( ii.hasNext() )
- {
- String name = ii.next();
-
- if ( name2type.get( name ) == DbFileType.USER_INDEX )
- {
- attributes.add( getIndexAttributeName( name ) );
- }
- }
-
- return attributes;
- }
-}
diff --git a/bootstrap-partition/src/main/resources/META-INF/LICENSE.txt b/bootstrap-partition/src/main/resources/META-INF/LICENSE.txt
index 57bc88a..c13db16 100644
--- a/bootstrap-partition/src/main/resources/META-INF/LICENSE.txt
+++ b/bootstrap-partition/src/main/resources/META-INF/LICENSE.txt
@@ -200,3 +200,102 @@
See the License for the specific language governing permissions and
limitations under the License.
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/bootstrap-partition/src/main/resources/META-INF/NOTICE.txt b/bootstrap-partition/src/main/resources/META-INF/NOTICE.txt
index 3be0487..43a9f3a 100644
--- a/bootstrap-partition/src/main/resources/META-INF/NOTICE.txt
+++ b/bootstrap-partition/src/main/resources/META-INF/NOTICE.txt
@@ -3,3 +3,9 @@
This product includes software developed by
The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/bootstrap-plugin/pom.xml b/bootstrap-plugin/pom.xml
index 311f1c7..6d83598 100644
--- a/bootstrap-plugin/pom.xml
+++ b/bootstrap-plugin/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-bootstrap-plugin</artifactId>
<name>ApacheDS Bootstrap Plugin</name>
@@ -42,14 +42,19 @@
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
- <artifactId>apacheds-utils</artifactId>
+ <artifactId>apacheds-schema-bootstrap</artifactId>
<version>${pom.version}</version>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
- <artifactId>apacheds-schema-extras</artifactId>
+ <artifactId>apacheds-utils</artifactId>
<version>${pom.version}</version>
</dependency>
+ <!--<dependency>-->
+ <!--<groupId>org.apache.directory.server</groupId>-->
+ <!--<artifactId>apacheds-schema-extras</artifactId>-->
+ <!--<version>${pom.version}</version>-->
+ <!--</dependency>-->
</dependencies>
<build>
diff --git a/bootstrap-plugin/src/main/java/org/apache/directory/server/core/bootstrap/plugin/BootstrapPlugin.java b/bootstrap-plugin/src/main/java/org/apache/directory/server/core/bootstrap/plugin/BootstrapPlugin.java
index 692d046..d925d03 100644
--- a/bootstrap-plugin/src/main/java/org/apache/directory/server/core/bootstrap/plugin/BootstrapPlugin.java
+++ b/bootstrap-plugin/src/main/java/org/apache/directory/server/core/bootstrap/plugin/BootstrapPlugin.java
@@ -17,28 +17,30 @@
* under the License.
*
*/
-package org.apache.directory.server.core.bootstrap.plugin;
+package org.apache.directory.server.core.bootstrap.plugin;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.io.PrintWriter;
-import java.math.BigInteger;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
+import java.util.Arrays;
+import java.util.List;
+import java.net.URLClassLoader;
+import java.net.URL;
+import java.net.MalformedURLException;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import org.apache.directory.server.constants.ApacheSchemaConstants;
-import org.apache.directory.server.constants.CoreSchemaConstants;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.partition.impl.btree.Index;
import org.apache.directory.server.core.partition.impl.btree.IndexNotFoundException;
import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmStore;
@@ -62,6 +64,7 @@
import org.apache.directory.server.schema.registries.SyntaxCheckerRegistry;
import org.apache.directory.server.schema.registries.SyntaxRegistry;
import org.apache.directory.server.utils.AttributesFactory;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -82,86 +85,104 @@
/**
* A plugin used to pre-load meta schema entries into the schema partition.
*
- * @goal load
- * @description creates and pre-loads ApacheDS schema partition
- * @phase compile
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$
+ * @goal load
+ * @description creates and pre-loads ApacheDS schema partition
+ * @phase compile
+ * @requiresDependencyResolution compile
*/
public class BootstrapPlugin extends AbstractMojo
{
private static final String ADMIN_NORM_NAME = "0.9.2342.19200300.100.1.1=admin,2.5.4.11=system";
/**
+ * The classpath elements of the project being tested.
+ *
+ * @parameter expression="${project.compileClasspathElements}"
+ * @required
+ * @readonly
+ */
+ private List classpathElements;
+
+ /**
* The package to put the db file entry listing info as well as the partition.
- *
+ *
* @parameter expression="org.apache.directory.server.schema.bootstrap.partition"
*/
private String outputPackage;
-
+
/**
* The file name to use for the package listing.
- *
+ *
* @parameter expression="DBFILES"
*/
private String listingFileName;
-
+
/**
* The target directory into which the plugin generates schema partion files
* within the specified outputPackage.
- *
+ *
* @parameter expression="target/classes"
*/
private File outputDirectory;
-
+
/**
* The name of the set of bootstrap schemas to load into the registries
* and ultimately into the schema partition being built.
- *
- * @parameter
+ *
+ * @parameter
*/
private String[] bootstrapSchemaClasses;
-
+
/**
* The set of disabled schema names.
- *
- * @parameter
+ *
+ * @parameter
*/
private String[] disabledSchemas;
-
+
/**
* The names of Attributes to index.
- *
- * @parameter
+ *
+ * @parameter
*/
private String[] indexedAttributes;
-
- /** Facotry used to create attributes objects from schema entities. */
+
+ /**
+ * Facotry used to create attributes objects from schema entities.
+ */
private AttributesFactory attributesFactory = new AttributesFactory();
-
- /** Registries of objects used to load the schema partition. */
+
+ /**
+ * Registries of objects used to load the schema partition.
+ */
private Registries registries;
- /** The store to load schema entities into. */
- private JdbmStore store = new JdbmStore();
-
- /** Map of schemas by name */
- private Map schemas = new HashMap();
-
-
/**
- * Loads a bunch of bootstrap classes into memory then adds them to a new
+ * The store to load schema entities into.
+ */
+ private JdbmStore store = new JdbmStore();
+
+ /**
+ * Map of schemas by name
+ */
+ private Map schemas = new HashMap();
+
+
+ /**
+ * Loads a bunch of bootstrap classes into memory then adds them to a new
* schema partition within the target area. The db files for this partition
* are then packaged into the jar by the jar plugin.
*/
public void execute() throws MojoExecutionException, MojoFailureException
{
File packageDirectory = new File( outputDirectory, outputPackage.replace( '.', File.separatorChar ) );
- if ( ! packageDirectory.exists() )
+ if ( !packageDirectory.exists() )
{
packageDirectory.mkdirs();
}
-
+
// delete output directory if it exists
File schemaDirectory = new File( packageDirectory, "schema" );
if ( schemaDirectory.exists() )
@@ -172,30 +193,30 @@
}
catch ( IOException e )
{
- throw new MojoFailureException( "Failed to delete old schema partition folder "
- + schemaDirectory.getAbsolutePath() + ": " + e.getMessage() );
+ throw new MojoFailureException( "Failed to delete old schema partition folder "
+ + schemaDirectory.getAbsolutePath() + ": " + e.getMessage() );
}
}
-
+
initializeSchemas();
initializePartition( schemaDirectory );
-
+
try
{
- LdapDN dn = new LdapDN( CoreSchemaConstants.OU_AT + "=schema" );
+ LdapDN dn = new LdapDN( SchemaConstants.OU_AT + "=schema" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
-
- if ( ! hasEntry( dn ) )
+
+ if ( !hasEntry( dn ) )
{
Attributes entry = new AttributesImpl();
- entry.put( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "organizationalUnit" );
- entry.put( CoreSchemaConstants.OU_AT, "schema" );
+ entry.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
+ entry.put( SchemaConstants.OU_AT, "schema" );
store.add( dn, entry );
}
createSchemasAndContainers();
-
+
addSyntaxCheckers();
addSyntaxes();
addNormalizers();
@@ -216,7 +237,7 @@
disableSchema( disabledSchemas[ii] );
getLog().info( "\t\t o " + disabledSchemas[ii] );
}
-
+
getLog().info( "" );
getLog().info( "------------------------------------------------------------------------" );
}
@@ -228,7 +249,7 @@
e.printStackTrace();
throw new MojoFailureException( "Failed to add syntaxCheckers to partition: " + e.getMessage() );
}
-
+
try
{
store.sync();
@@ -237,12 +258,12 @@
{
e.printStackTrace();
}
-
+
// ------------------------------------------------------------------
// Create db file listing and place it into the right package on disk
// ------------------------------------------------------------------
-
-
+
+
File listingFile = new File( packageDirectory, listingFileName );
PrintWriter out = null;
try
@@ -310,8 +331,8 @@
private void createSchemaAndContainers( Schema schema ) throws NamingException
{
- LdapDN dn = new LdapDN( SystemSchemaConstants.CN_AT + "="
- + schema.getSchemaName() + "," + CoreSchemaConstants.OU_AT + "=schema" );
+ LdapDN dn = new LdapDN( SchemaConstants.CN_AT + "="
+ + schema.getSchemaName() + "," + SchemaConstants.OU_AT + "=schema" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
if ( hasEntry( dn ) )
@@ -322,57 +343,57 @@
Attributes entry = attributesFactory.getAttributes( schema );
store.add( dn, entry );
- dn.add( CoreSchemaConstants.OU_AT + "=comparators" );
+ dn.add( SchemaConstants.OU_AT + "=comparators" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=normalizers" );
+ dn.add( SchemaConstants.OU_AT + "=normalizers" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=syntaxCheckers" );
+ dn.add( SchemaConstants.OU_AT + "=syntaxCheckers" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=syntaxes" );
+ dn.add( SchemaConstants.OU_AT + "=syntaxes" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=matchingRules" );
+ dn.add( SchemaConstants.OU_AT + "=matchingRules" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=attributeTypes" );
+ dn.add( SchemaConstants.OU_AT + "=attributeTypes" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=objectClasses" );
+ dn.add( SchemaConstants.OU_AT + "=objectClasses" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=nameForms" );
+ dn.add( SchemaConstants.OU_AT + "=nameForms" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=ditStructureRules" );
+ dn.add( SchemaConstants.OU_AT + "=ditStructureRules" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=ditContentRules" );
+ dn.add( SchemaConstants.OU_AT + "=ditContentRules" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
dn.remove( dn.size() - 1 );
- dn.add( CoreSchemaConstants.OU_AT + "=matchingRuleUse" );
+ dn.add( SchemaConstants.OU_AT + "=matchingRuleUse" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
}
@@ -394,7 +415,7 @@
Schema schema = ( Schema ) registries.getLoadedSchemas().get( schemaName );
getLog().info( "\t\t o [" + schemaName + "] - " + getNameOrNumericoid( at ) );
LdapDN dn = checkCreateSchema( schemaName );
- dn.add( CoreSchemaConstants.OU_AT + "=attributeTypes" );
+ dn.add( SchemaConstants.OU_AT + "=attributeTypes" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
Attributes entry = attributesFactory.getAttributes( at, schema );
@@ -422,7 +443,7 @@
Schema schema = ( Schema ) registries.getLoadedSchemas().get( schemaName );
getLog().info( "\t\t o [" + schemaName + "] - " + getNameOrNumericoid( oc ) );
LdapDN dn = checkCreateSchema( schemaName );
- dn.add( CoreSchemaConstants.OU_AT + "=objectClasses" );
+ dn.add( SchemaConstants.OU_AT + "=objectClasses" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
Attributes entry = attributesFactory.getAttributes( oc, schema );
@@ -450,7 +471,7 @@
Schema schema = ( Schema ) registries.getLoadedSchemas().get( schemaName );
getLog().info( "\t\t o [" + schemaName + "] - " + getNameOrNumericoid( mr ) );
LdapDN dn = checkCreateSchema( schemaName );
- dn.add( CoreSchemaConstants.OU_AT + "=matchingRules" );
+ dn.add( SchemaConstants.OU_AT + "=matchingRules" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
Attributes entry = attributesFactory.getAttributes( mr, schema );
@@ -478,7 +499,7 @@
Schema schema = ( Schema ) registries.getLoadedSchemas().get( schemaName );
getLog().info( "\t\t o [" + schemaName + "] - " + oid );
LdapDN dn = checkCreateSchema( schemaName );
- dn.add( CoreSchemaConstants.OU_AT + "=comparators" );
+ dn.add( SchemaConstants.OU_AT + "=comparators" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
Attributes entry = attributesFactory.getAttributes( oid, comparatorRegistry.lookup( oid ), schema );
@@ -506,7 +527,7 @@
Schema schema = ( Schema ) registries.getLoadedSchemas().get( schemaName );
getLog().info( "\t\t o [" + schemaName + "] - " + oid );
LdapDN dn = checkCreateSchema( schemaName );
- dn.add( CoreSchemaConstants.OU_AT + "=normalizers" );
+ dn.add( SchemaConstants.OU_AT + "=normalizers" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
Attributes entry = attributesFactory.getAttributes( oid, normalizerRegistry.lookup( oid ), schema );
@@ -533,7 +554,7 @@
getLog().info( "\t\t o [" + syntax.getSchema() + "] - " + getNameOrNumericoid( syntax ) );
LdapDN dn = checkCreateSchema( syntax.getSchema() );
Schema schema = ( Schema ) registries.getLoadedSchemas().get( syntax.getSchema() );
- dn.add( CoreSchemaConstants.OU_AT + "=syntaxes" );
+ dn.add( SchemaConstants.OU_AT + "=syntaxes" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
Attributes entry = attributesFactory.getAttributes( syntax, schema );
@@ -561,7 +582,7 @@
Schema schema = ( Schema ) registries.getLoadedSchemas().get( schemaName );
getLog().info( "\t\t o [" + schemaName + "] - " + syntaxChecker.getSyntaxOid() );
LdapDN dn = checkCreateSchema( schemaName );
- dn.add( CoreSchemaConstants.OU_AT + "=syntaxCheckers" );
+ dn.add( SchemaConstants.OU_AT + "=syntaxCheckers" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
checkCreateContainer( dn );
Attributes entry = attributesFactory.getAttributes( syntaxChecker, schema );
@@ -571,12 +592,12 @@
}
getLog().info( "" );
}
-
-
+
+
/**
* Creates the configuration and initializes the partition so we can start
* adding entries into it.
- *
+ *
* @throws MojoFailureException
*/
private void initializePartition( File workingDirectory ) throws MojoFailureException
@@ -587,7 +608,7 @@
storeConfig.setEnableOptimizer( false );
storeConfig.setName( "schema" );
storeConfig.setOidRegistry( registries.getOidRegistry() );
- storeConfig.setSuffixDn( CoreSchemaConstants.OU_AT + "=schema" );
+ storeConfig.setSuffixDn( SchemaConstants.OU_AT + "=schema" );
storeConfig.setSyncOnWrite( false );
storeConfig.setWorkingDirectory( workingDirectory );
@@ -599,10 +620,11 @@
}
storeConfig.setIndexedAttributes( indexSet );
- Attributes rootEntry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "organizationalUnit", true );
- rootEntry.put( CoreSchemaConstants.OU_AT, "schema" );
+ Attributes rootEntry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT,
+ SchemaConstants.ORGANIZATIONAL_UNIT_OC, true );
+ rootEntry.put( SchemaConstants.OU_AT, "schema" );
storeConfig.setContextEntry( rootEntry );
-
+
try
{
store.init( storeConfig );
@@ -613,8 +635,8 @@
throw new MojoFailureException( "Failed to initialize parition: " + e.getMessage() );
}
}
-
-
+
+
/**
* Creates the special schemaModificationsAttribute entry used to
* store the modification attributes for the schema. The current
@@ -626,20 +648,20 @@
private void createSchemaModificationAttributesEntry() throws NamingException
{
Attributes entry = new AttributesImpl(
- SystemSchemaConstants.OBJECT_CLASS_AT,
+ SchemaConstants.OBJECT_CLASS_AT,
ApacheSchemaConstants.SCHEMA_MODIFICATION_ATTRIBUTES_OC,
true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "top" );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( SchemaConstants.TOP_OC );
entry.put( ApacheSchemaConstants.SCHEMA_MODIFIERS_NAME_AT, ADMIN_NORM_NAME );
- entry.put( SystemSchemaConstants.MODIFIERS_NAME_AT, ADMIN_NORM_NAME );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, ADMIN_NORM_NAME );
+ entry.put( SchemaConstants.MODIFIERS_NAME_AT, ADMIN_NORM_NAME );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, ADMIN_NORM_NAME );
entry.put( ApacheSchemaConstants.SCHEMA_MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- entry.put( SystemSchemaConstants.MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ entry.put( SchemaConstants.MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- entry.put( SystemSchemaConstants.CN_AT, "schemaModifications" );
+ entry.put( SchemaConstants.CN_AT, "schemaModifications" );
entry.put( ApacheSchemaConstants.SUBSCHEMA_SUBENTRY_NAME_AT, "cn=schema" );
LdapDN normName = new LdapDN( "cn=schemaModifications,ou=schema" );
@@ -651,7 +673,7 @@
/**
* Loads all the bootstrap schemas into the registries in preparation for
* loading them into the schema partition.
- *
+ *
* @throws MojoFailureException
*/
private void initializeSchemas() throws MojoFailureException
@@ -663,54 +685,70 @@
// always include these core bootstrap schemas
BootstrapSchema schema = new SystemSchema();
schemas.put( schema.getSchemaName(), schema );
-
+
schema = new ApacheSchema();
schemas.put( schema.getSchemaName(), schema );
schema = new ApachemetaSchema();
schemas.put( schema.getSchemaName(), schema );
-
+
schema = new CoreSchema();
schemas.put( schema.getSchemaName(), schema );
-
+
getLog().info( "------------------------------------------------------------------------" );
getLog().info( "Found bootstrap schemas: " );
getLog().info( "------------------------------------------------------------------------" );
getLog().info( "" );
// start loading other schemas from the plugin's configuration section
+ ClassLoader parent = getClass().getClassLoader();
+ URL[] urls = new URL[classpathElements.size()];
+ int i = 0;
+ for ( Iterator it = classpathElements.iterator(); it.hasNext(); )
+ {
+ try
+ {
+ urls[i++] = new File( ( String ) it.next() ).toURL();
+ } catch ( MalformedURLException e )
+ {
+ throw ( MojoFailureException ) new MojoFailureException( "Could not construct classloader: " ).initCause( e );
+ }
+ }
+ ClassLoader cl = new URLClassLoader( urls, parent );
for ( int ii = 0; ii < bootstrapSchemaClasses.length; ii++ )
{
try
{
- Class schemaClass = Class.forName( bootstrapSchemaClasses[ii] );
+ Class schemaClass = cl.loadClass( bootstrapSchemaClasses[ii] );
schema = ( BootstrapSchema ) schemaClass.newInstance();
schemas.put( schema.getSchemaName(), schema );
}
catch ( ClassNotFoundException e )
{
+ getLog().info( "ClassLoader " + getClass().getClassLoader() );
+ getLog().info( "ClassLoader URLs: " + Arrays.asList( ( ( URLClassLoader ) getClass().getClassLoader() ).getURLs() ) );
e.printStackTrace();
- throw new MojoFailureException( "Could not find BootstrapSchema class: "
- + bootstrapSchemaClasses[ii] );
+ throw new MojoFailureException( "Could not find BootstrapSchema class: "
+ + bootstrapSchemaClasses[ii] );
}
catch ( InstantiationException e )
{
e.printStackTrace();
- throw new MojoFailureException( "Could not instantiate BootstrapSchema class: "
- + bootstrapSchemaClasses[ii] );
+ throw new MojoFailureException( "Could not instantiate BootstrapSchema class: "
+ + bootstrapSchemaClasses[ii] );
}
catch ( IllegalAccessException e )
{
e.printStackTrace();
throw new MojoFailureException( "Could not instantiate BootstrapSchema class due to security: "
- + bootstrapSchemaClasses[ii] );
+ + bootstrapSchemaClasses[ii] );
}
-
+
getLog().info( "\t" + bootstrapSchemaClasses[ii] );
}
getLog().info( "" );
-
- BootstrapSchemaLoader loader = new BootstrapSchemaLoader();
+
+ BootstrapSchemaLoader loader = new BootstrapSchemaLoader( cl );
registries = new DefaultRegistries( "bootstrap", loader, new DefaultOidRegistry() );
try
{
@@ -721,10 +759,10 @@
e.printStackTrace();
throw new MojoFailureException( "Failed to load bootstrap registries with schemas: " + e.getMessage() );
}
-
+
SerializableComparator.setRegistry( registries.getComparatorRegistry() );
}
-
+
private void checkCreateContainer( LdapDN dn ) throws NamingException
{
@@ -732,41 +770,41 @@
{
return;
}
-
+
Attributes entry = new AttributesImpl();
- entry.put( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "organizationalUnit" );
- entry.put( CoreSchemaConstants.OU_AT, dn.getRdn().getValue() );
+ entry.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
+ entry.put( SchemaConstants.OU_AT, dn.getRdn().getValue() );
store.add( dn, entry );
}
-
-
+
+
private LdapDN checkCreateSchema( String schemaName ) throws NamingException
{
Schema schema = ( Schema ) schemas.get( schemaName );
- LdapDN dn = new LdapDN( SystemSchemaConstants.CN_AT + "="
- + schemaName + "," + CoreSchemaConstants.OU_AT + "=schema" );
+ LdapDN dn = new LdapDN( SchemaConstants.CN_AT + "="
+ + schemaName + "," + SchemaConstants.OU_AT + "=schema" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
if ( hasEntry( dn ) )
{
return dn;
}
-
+
Attributes entry = attributesFactory.getAttributes( schema );
store.add( dn, entry );
return dn;
}
-
-
+
+
private void disableSchema( String schemaName ) throws NamingException
{
- LdapDN dn = new LdapDN( SystemSchemaConstants.CN_AT + "=" + schemaName
- + "," + CoreSchemaConstants.OU_AT + "=schema" );
+ LdapDN dn = new LdapDN( SchemaConstants.CN_AT + "=" + schemaName
+ + "," + SchemaConstants.OU_AT + "=schema" );
dn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
- ModificationItemImpl mod = new ModificationItemImpl( DirContext.ADD_ATTRIBUTE,
- new AttributeImpl( MetaSchemaConstants.M_DISABLED_AT, "TRUE" ) );
- ModificationItemImpl[] mods = new ModificationItemImpl[] { mod };
+ ModificationItemImpl mod = new ModificationItemImpl( DirContext.ADD_ATTRIBUTE,
+ new AttributeImpl( MetaSchemaConstants.M_DISABLED_AT, "TRUE" ) );
+ ModificationItemImpl[] mods = new ModificationItemImpl[] {mod};
store.modify( dn, mods );
}
@@ -778,29 +816,29 @@
{
return object.getName();
}
-
+
return object.getOid();
}
-
-
+
+
private final boolean hasEntry( LdapDN dn ) throws NamingException
{
- BigInteger id = store.getEntryId( dn.toNormName() );
+ Long id = store.getEntryId( dn.toNormName() );
if ( id == null )
{
return false;
}
return true;
}
-
-
+
+
private final StringBuffer getDbFileListing() throws IndexNotFoundException
{
StringBuffer buf = new StringBuffer();
buf.append( "schema/master.db\n" );
-
+
Iterator systemIndices = store.getSystemIndices();
- while( systemIndices.hasNext() )
+ while ( systemIndices.hasNext() )
{
Index index = store.getSystemIndex( ( String ) systemIndices.next() );
buf.append( "schema/" );
@@ -815,7 +853,7 @@
buf.append( indexedAttributes[ii] );
buf.append( ".db\n" );
}
-
+
return buf;
}
}
diff --git a/bootstrap-plugin/src/main/resources/META-INF/LICENSE.txt b/bootstrap-plugin/src/main/resources/META-INF/LICENSE.txt
index 57bc88a..c13db16 100644
--- a/bootstrap-plugin/src/main/resources/META-INF/LICENSE.txt
+++ b/bootstrap-plugin/src/main/resources/META-INF/LICENSE.txt
@@ -200,3 +200,102 @@
See the License for the specific language governing permissions and
limitations under the License.
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/bootstrap-plugin/src/main/resources/META-INF/NOTICE.txt b/bootstrap-plugin/src/main/resources/META-INF/NOTICE.txt
index 3be0487..1f3dcb8 100644
--- a/bootstrap-plugin/src/main/resources/META-INF/NOTICE.txt
+++ b/bootstrap-plugin/src/main/resources/META-INF/NOTICE.txt
@@ -3,3 +3,12 @@
This product includes software developed by
The Apache Software Foundation (http://www.apache.org/).
+
+This product uses Plexus (http://plexus.codehaus.org/).
+
+This product uses the JUnit
+(http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/btree-base/pom.xml b/btree-base/pom.xml
index 4480a55..aa6e0bc 100644
--- a/btree-base/pom.xml
+++ b/btree-base/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-btree-base</artifactId>
<name>ApacheDS BTree Base</name>
diff --git a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/Index.java b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/Index.java
index 6cf5b91..4b4b6f1 100644
--- a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/Index.java
+++ b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/Index.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
import java.util.regex.Pattern;
import javax.naming.NamingException;
@@ -79,42 +78,42 @@
int count( Object attrVal, boolean isGreaterThan ) throws NamingException;
- BigInteger forwardLookup( Object attrVal ) throws NamingException;
+ Object forwardLookup( Object attrVal ) throws NamingException;
- Object reverseLookup( BigInteger id ) throws NamingException;
+ Object reverseLookup( Object id ) throws NamingException;
- void add( Object attrVal, BigInteger id ) throws NamingException;
+ void add( Object attrVal, Object id ) throws NamingException;
- void add( Attribute attr, BigInteger id ) throws NamingException;
+ void add( Attribute attr, Object id ) throws NamingException;
- void add( Attributes attrs, BigInteger id ) throws NamingException;
+ void add( Attributes attrs, Object id ) throws NamingException;
- void drop( BigInteger entryId ) throws NamingException;
+ void drop( Object entryId ) throws NamingException;
- void drop( Object attrVal, BigInteger id ) throws NamingException;
+ void drop( Object attrVal, Object id ) throws NamingException;
/**
* If the Attribute does not have any values then this reduces to a
* drop(BigInteger) call.
*/
- void drop( Attribute attr, BigInteger id ) throws NamingException;
+ void drop( Attribute attr, Object id ) throws NamingException;
/**
* If the Attribute for this index within the Attributes does not have any
* values then this reduces to a drop(BigInteger) call.
*/
- void drop( Attributes attrs, BigInteger id ) throws NamingException;
+ void drop( Attributes attrs, Object id ) throws NamingException;
- IndexEnumeration listReverseIndices( BigInteger id ) throws NamingException;
+ IndexEnumeration listReverseIndices( Object id ) throws NamingException;
IndexEnumeration listIndices() throws NamingException;
@@ -132,13 +131,13 @@
IndexEnumeration listIndices( Pattern regex, String prefix ) throws NamingException;
- boolean hasValue( Object attrVal, BigInteger id ) throws NamingException;
+ boolean hasValue( Object attrVal, Object id ) throws NamingException;
- boolean hasValue( Object attrVal, BigInteger id, boolean isGreaterThan ) throws NamingException;
+ boolean hasValue( Object attrVal, Object id, boolean isGreaterThan ) throws NamingException;
- boolean hasValue( Pattern regex, BigInteger id ) throws NamingException;
+ boolean hasValue( Pattern regex, Object id ) throws NamingException;
void close() throws NamingException;
diff --git a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexAssertionEnumeration.java b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexAssertionEnumeration.java
index e146a4b..38eac4c 100644
--- a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexAssertionEnumeration.java
+++ b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexAssertionEnumeration.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
import java.util.HashMap;
import java.util.Map;
import java.util.NoSuchElementException;
@@ -45,7 +44,7 @@
/** The iteration cursor */
private final NamingEnumeration underlying;
/** LUT used to avoid returning duplicates */
- private final Map<BigInteger,BigInteger> candidates;
+ private final Map<Object,Object> candidates;
/** */
private final IndexAssertion assertion;
/** */
@@ -72,7 +71,7 @@
throws NamingException
{
this.underlying = underlying;
- candidates = new HashMap<BigInteger,BigInteger>();
+ candidates = new HashMap<Object,Object>();
this.assertion = assertion;
checkDups = enableDupCheck;
prefetch();
diff --git a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexComparator.java b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexComparator.java
index b54e124..4d37904 100644
--- a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexComparator.java
+++ b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexComparator.java
@@ -21,8 +21,6 @@
import org.apache.directory.server.schema.SerializableComparator;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
-
/**
* TupleComparator for index records.
@@ -34,7 +32,7 @@
{
private static final long serialVersionUID = 3257283621751633459L;
- private static final SerializableComparator BIG_INTEGER_COMPARATOR = new SerializableComparator(
+ private static final SerializableComparator LONG_COMPARATOR = new SerializableComparator(
"1.3.6.1.4.1.18060.0.4.1.1.2" )
{
private static final long serialVersionUID = 3690478030414165816L;
@@ -42,11 +40,29 @@
public int compare( Object o1, Object o2 )
{
- return BigIntegerComparator.INSTANCE.compare( o1, o2 );
+ try
+ {
+ long thisVal = (Long)o1;
+ long anotherVal = (Long)o2;
+ return ( thisVal < anotherVal ? -1 : ( thisVal == anotherVal ? 0 : 1 ) );
+ }
+ catch ( NullPointerException npe )
+ {
+ if ( o1 == null )
+ {
+ throw new IllegalArgumentException( "Argument 'obj1' is null" );
+ }
+ else
+ {
+ throw new IllegalArgumentException( "Argument 'obj2' is null" );
+ }
+ }
}
};
+
/** Whether or not the key/value is swapped */
private final boolean isForwardMap;
+
/** The key comparison to use */
private final SerializableComparator keyComp;
@@ -78,7 +94,7 @@
return keyComp;
}
- return BIG_INTEGER_COMPARATOR;
+ return LONG_COMPARATOR;
}
@@ -92,7 +108,7 @@
{
if ( isForwardMap )
{
- return BIG_INTEGER_COMPARATOR;
+ return LONG_COMPARATOR;
}
return keyComp;
diff --git a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexRecord.java b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexRecord.java
index dd2de9e..3e1a27b 100644
--- a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexRecord.java
+++ b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/IndexRecord.java
@@ -20,8 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
-
import javax.naming.directory.Attributes;
@@ -75,9 +73,9 @@
*
* @return the id of the entry indexed
*/
- public BigInteger getEntryId()
+ public Object getEntryId()
{
- return ( BigInteger ) tuple.getValue();
+ return ( Object ) tuple.getValue();
}
@@ -97,7 +95,7 @@
*
* @param id the id of the entry
*/
- public void setEntryId( BigInteger id )
+ public void setEntryId( Object id )
{
tuple.setValue( id );
}
diff --git a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/MasterTable.java b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/MasterTable.java
index 67f017e..0b9d9b9 100644
--- a/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/MasterTable.java
+++ b/btree-base/src/main/java/org/apache/directory/server/core/partition/impl/btree/MasterTable.java
@@ -20,8 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
-
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
@@ -48,7 +46,7 @@
* @return the Attributes of the entry with operational attributes and all.
* @throws NamingException if there is a read error on the underlying Db.
*/
- Attributes get( BigInteger id ) throws NamingException;
+ Attributes get( Object id ) throws NamingException;
/**
@@ -61,7 +59,7 @@
* @return the newly created entry's Attributes
* @throws NamingException if there is a write error on the underlying Db.
*/
- Attributes put( Attributes entry, BigInteger id ) throws NamingException;
+ Attributes put( Attributes entry, Object id ) throws NamingException;
/**
@@ -71,7 +69,7 @@
* @return the Attributes of the deleted entry
* @throws NamingException if there is a write error on the underlying Db
*/
- Attributes delete( BigInteger id ) throws NamingException;
+ Attributes delete( Object id ) throws NamingException;
/**
@@ -82,7 +80,7 @@
* @throws NamingException if the admin table storing sequences cannot be
* read.
*/
- BigInteger getCurrentId() throws NamingException;
+ Object getCurrentId() throws NamingException;
/**
@@ -93,7 +91,7 @@
* @throws NamingException if the admin table storing sequences cannot be
* read and writen to.
*/
- BigInteger getNextId() throws NamingException;
+ Object getNextId() throws NamingException;
/**
diff --git a/btree-base/src/main/resources/META-INF/LICENSE.txt b/btree-base/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..c13db16
--- /dev/null
+++ b/btree-base/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,301 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/btree-base/src/main/resources/META-INF/NOTICE.txt b/btree-base/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/btree-base/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/constants/pom.xml b/constants/pom.xml
index 34f4c6a..eb15063 100644
--- a/constants/pom.xml
+++ b/constants/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-constants</artifactId>
<name>ApacheDS Constants</name>
diff --git a/constants/src/main/java/org/apache/directory/server/constants/ApacheSchemaConstants.java b/constants/src/main/java/org/apache/directory/server/constants/ApacheSchemaConstants.java
index 6d3274e..57c6c07 100644
--- a/constants/src/main/java/org/apache/directory/server/constants/ApacheSchemaConstants.java
+++ b/constants/src/main/java/org/apache/directory/server/constants/ApacheSchemaConstants.java
@@ -28,13 +28,10 @@
*/
public interface ApacheSchemaConstants
{
- String COMPARATORS_AT = "comparators";
- String NORMALIZERS_AT = "normalizers";
- String SYNTAX_CHECKERS_AT = "syntaxCheckers";
-
String SCHEMA_MODIFIERS_NAME_AT = "schemaModifiersName";
String SCHEMA_MODIFY_TIMESTAMP_AT = "schemaModifyTimestamp";
String SUBSCHEMA_SUBENTRY_NAME_AT = "subschemaSubentryName";
String SCHEMA_MODIFICATION_ATTRIBUTES_OC = "schemaModificationAttributes";
+ String SCHEMA_NAME = "apache";
}
diff --git a/constants/src/main/java/org/apache/directory/server/constants/CoreSchemaConstants.java b/constants/src/main/java/org/apache/directory/server/constants/CoreSchemaConstants.java
index 2cc1e5a..52ffe31 100644
--- a/constants/src/main/java/org/apache/directory/server/constants/CoreSchemaConstants.java
+++ b/constants/src/main/java/org/apache/directory/server/constants/CoreSchemaConstants.java
@@ -29,7 +29,4 @@
public interface CoreSchemaConstants
{
String SCHEMA_NAME = "core";
-
- String OU_AT = "ou";
- String ORGANIZATIONAL_UNIT_OC = "organizationalUnit";
}
diff --git a/constants/src/main/java/org/apache/directory/server/constants/MetaSchemaConstants.java b/constants/src/main/java/org/apache/directory/server/constants/MetaSchemaConstants.java
index 80e7190..ef4a53d 100644
--- a/constants/src/main/java/org/apache/directory/server/constants/MetaSchemaConstants.java
+++ b/constants/src/main/java/org/apache/directory/server/constants/MetaSchemaConstants.java
@@ -69,7 +69,7 @@
String M_MUST_AT = "m-must";
String M_MAY_AT = "m-may";
String M_TYPE_OBJECT_CLASS_AT = "m-typeObjectClass";
- String X_HUMAN_READIBLE_AT = "x-humanReadible";
+ String X_HUMAN_READIBLE_AT = "x-humanReadable";
// -- schema extensions & values --
diff --git a/constants/src/main/java/org/apache/directory/server/constants/SystemSchemaConstants.java b/constants/src/main/java/org/apache/directory/server/constants/SystemSchemaConstants.java
index 45e45a2..9f54f48 100644
--- a/constants/src/main/java/org/apache/directory/server/constants/SystemSchemaConstants.java
+++ b/constants/src/main/java/org/apache/directory/server/constants/SystemSchemaConstants.java
@@ -29,20 +29,4 @@
public interface SystemSchemaConstants
{
String SCHEMA_NAME = "system";
-
- String CN_AT = "cn";
- String OBJECT_CLASS_AT = "objectClass";
- String CREATORS_NAME_AT = "creatorsName";
- String CREATE_TIMESTAMP_AT = "createTimestamp";
- String MODIFY_TIMESTAMP_AT = "modifyTimestamp";
- String MODIFIERS_NAME_AT = "modifiersName";
-
- String LDAP_SYNTAXES_AT = "ldapSyntaxes";
- String MATCHING_RULES_AT = "matchingRules";
- String ATTRIBUTE_TYPES_AT = "attributeTypes";
- String OBJECT_CLASSES_AT = "objectClasses";
- String MATCHING_RULE_USE_AT = "matchingRuleUse";
- String DIT_STRUCTURE_RULES_AT = "ditStructureRules";
- String DIT_CONTENT_RULES_AT = "ditContentRules";
- String NAME_FORMS_AT = "nameForms";
}
diff --git a/LICENSE.txt b/constants/src/main/resources/META-INF/LICENSE.txt
similarity index 100%
rename from LICENSE.txt
rename to constants/src/main/resources/META-INF/LICENSE.txt
diff --git a/constants/src/main/resources/META-INF/NOTICE.txt b/constants/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..f3268b6
--- /dev/null
+++ b/constants/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,5 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
diff --git a/core-plugin/pom.xml b/core-plugin/pom.xml
index b3d2d2d..f8e2931 100644
--- a/core-plugin/pom.xml
+++ b/core-plugin/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-core-plugin</artifactId>
<name>ApacheDS Core Plugin (Maven 2)</name>
diff --git a/core-plugin/src/main/java/org/apache/directory/server/core/tools/schema/DirectorySchemaToolMojo.java b/core-plugin/src/main/java/org/apache/directory/server/core/tools/schema/DirectorySchemaToolMojo.java
index af6e761..6074c2b 100644
--- a/core-plugin/src/main/java/org/apache/directory/server/core/tools/schema/DirectorySchemaToolMojo.java
+++ b/core-plugin/src/main/java/org/apache/directory/server/core/tools/schema/DirectorySchemaToolMojo.java
@@ -34,6 +34,7 @@
import org.apache.directory.server.schema.bootstrap.AbstractBootstrapSchema;
import org.apache.directory.server.schema.bootstrap.BootstrapSchema;
import org.apache.directory.server.schema.bootstrap.ProducerTypeEnum;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.maven.plugin.AbstractMojo;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.project.MavenProject;
@@ -266,7 +267,7 @@
context.put( "schemaDepCount", new Integer( schema.getDependencies().length ) );
context.put( "schemaDeps", new String[]
{ "dep1", "dep2" } );
- context.put( "objectClasses", objectClasses );
+ context.put( SchemaConstants.OBJECT_CLASSES_AT, objectClasses );
runVelocity( schema.getPackageName(), schema.getUnqualifiedClassName( type ), context,
"ObjectClasses.template", type );
}
diff --git a/core-plugin/src/main/resources/META-INF/LICENSE.txt b/core-plugin/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..27b5f3b
--- /dev/null
+++ b/core-plugin/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,323 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ ANTLR 2 License
+
+ANTLR 2 License
+
+We reserve no legal rights to the ANTLR--it is fully in the public domain. An
+individual or company may do whatever they wish with source code distributed
+with ANTLR or the code generated by ANTLR, including the incorporation of
+ANTLR, or its output, into commerical software.
+
+We encourage users to develop software with ANTLR. However, we do ask that
+credit is given to us for developing ANTLR. By "credit", we mean that if you
+use ANTLR or incorporate any source code into one of your programs (commercial
+product, research project, or otherwise) that you acknowledge this fact
+somewhere in the documentation, research report, etc... If you like ANTLR
+and have developed a nice tool with the output, please mention that you
+developed it using ANTLR. In addition, we ask that the headers remain intact
+in our source code. As long as these guidelines are kept, we expect to
+continue enhancing this system and expect to make other tools available as
+they are completed.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/core-plugin/src/main/resources/META-INF/NOTICE.txt b/core-plugin/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..ef40b42
--- /dev/null
+++ b/core-plugin/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,16 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses Plexus (http://plexus.codehaus.org)
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
+This product includes a distribution of Antlr 2
+(http://antlr.org).
+
diff --git a/core-shared/pom.xml b/core-shared/pom.xml
index c3da20f..a77eeee 100644
--- a/core-shared/pom.xml
+++ b/core-shared/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-core-shared</artifactId>
<name>ApacheDS Core Shared</name>
diff --git a/core-shared/src/main/resources/META-INF/LICENSE.txt b/core-shared/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..bf8a713
--- /dev/null
+++ b/core-shared/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,208 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
diff --git a/core-shared/src/main/resources/META-INF/NOTICE.txt b/core-shared/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..e6abf6e
--- /dev/null
+++ b/core-shared/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,7 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
diff --git a/core-unit/pom.xml b/core-unit/pom.xml
index 88a2cd8..3c6cee1 100644
--- a/core-unit/pom.xml
+++ b/core-unit/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-core-unit</artifactId>
<name>ApacheDS Core Unit</name>
diff --git a/core-unit/src/main/java/org/apache/directory/server/core/unit/AbstractPerformanceTest.java b/core-unit/src/main/java/org/apache/directory/server/core/unit/AbstractPerformanceTest.java
index 2bb8b9b..34f2a3c 100644
--- a/core-unit/src/main/java/org/apache/directory/server/core/unit/AbstractPerformanceTest.java
+++ b/core-unit/src/main/java/org/apache/directory/server/core/unit/AbstractPerformanceTest.java
@@ -38,6 +38,7 @@
import org.apache.directory.server.core.configuration.MutablePartitionConfiguration;
import org.apache.directory.server.core.configuration.PartitionConfiguration;
import org.apache.directory.server.core.partition.PartitionNexus;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.ldif.Entry;
import org.apache.directory.shared.ldap.ldif.LdifReader;
import org.apache.directory.shared.ldap.message.AttributesImpl;
@@ -141,11 +142,11 @@
HashSet<Object> indexedAttributes = new HashSet<Object>();
indexedAttributes.add( "ou" );
indexedAttributes.add( "uid" );
- indexedAttributes.add( "objectClass" );
+ indexedAttributes.add( SchemaConstants.OBJECT_CLASS_AT );
// Build the root entry for the new partition
- Attributes attributes = new AttributesImpl( "objectClass", "top", true );
- attributes.get( "objectClass" ).add( "organizationalUnit" );
+ Attributes attributes = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, "top", true );
+ attributes.get( SchemaConstants.OBJECT_CLASS_AT ).add( "organizationalUnit" );
attributes.put( "ou", "test" );
// Add apache.org paritition since all work will be done here
diff --git a/core-unit/src/main/java/org/apache/directory/server/core/unit/AbstractTestCase.java b/core-unit/src/main/java/org/apache/directory/server/core/unit/AbstractTestCase.java
index aa0c89c..4bdf2ea 100644
--- a/core-unit/src/main/java/org/apache/directory/server/core/unit/AbstractTestCase.java
+++ b/core-unit/src/main/java/org/apache/directory/server/core/unit/AbstractTestCase.java
@@ -43,6 +43,7 @@
import org.apache.directory.server.core.configuration.Configuration;
import org.apache.directory.server.core.configuration.MutableStartupConfiguration;
import org.apache.directory.server.core.configuration.ShutdownConfiguration;
+import org.apache.directory.server.core.configuration.SyncConfiguration;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.shared.ldap.ldif.Entry;
import org.apache.directory.shared.ldap.ldif.LdifReader;
@@ -217,6 +218,17 @@
registries = DirectoryService.getInstance().getConfiguration().getRegistries();
}
+
+ /**
+ * Restarts the server without loading data when it has been shutdown.
+ */
+ protected void restart() throws NamingException
+ {
+ configuration = new MutableStartupConfiguration();
+ configuration.setShutdownHookEnabled( false );
+ setContextRoots( username, password, configuration );
+ }
+
/**
* Deletes the Eve working directory.
@@ -310,14 +322,10 @@
/**
- * Sets the system context root to null.
- *
- * @see junit.framework.TestCase#tearDown()
+ * Issues a shutdown request to the server.
*/
- protected void tearDown() throws Exception
+ protected void shutdown()
{
- super.tearDown();
-
Hashtable<String,Object> env = new Hashtable<String,Object>();
env.put( Context.PROVIDER_URL, "ou=system" );
@@ -333,9 +341,45 @@
}
catch ( Exception e )
{
- }
+ }
sysRoot = null;
Runtime.getRuntime().gc();
+ }
+
+
+ /**
+ * Issues a sync request to the server.
+ */
+ protected void sync()
+ {
+ Hashtable<String,Object> env = new Hashtable<String,Object>();
+
+ env.put( Context.PROVIDER_URL, "ou=system" );
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+ env.putAll( new SyncConfiguration().toJndiEnvironment() );
+ env.put( Context.SECURITY_PRINCIPAL, "uid=admin,ou=system" );
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+
+ try
+ {
+ new InitialContext( env );
+ }
+ catch ( Exception e )
+ {
+ }
+ }
+
+
+ /**
+ * Sets the system context root to null.
+ *
+ * @see junit.framework.TestCase#tearDown()
+ */
+ protected void tearDown() throws Exception
+ {
+ super.tearDown();
+ shutdown();
testEntries.clear();
ldifPath = null;
loadClass = null;
diff --git a/core-unit/src/main/resources/META-INF/LICENSE.txt b/core-unit/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..675f28a
--- /dev/null
+++ b/core-unit/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,302 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
+
diff --git a/core-unit/src/main/resources/META-INF/NOTICE.txt b/core-unit/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..e7139b8
--- /dev/null
+++ b/core-unit/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,13 @@
+Apache Directory ApacheDS
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses Maven (http://maven.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java b/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java
index 02576f3..a240d82 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticationITest.java
@@ -389,4 +389,264 @@
assertTrue( attrs.get( "facsimiletelephonenumber" ).contains( "+1 408 555 9751" ) );
assertTrue( attrs.get( "roomnumber" ).contains( "4612" ) );
}
+
+ public void testSHA() throws NamingException
+ {
+ Hashtable<String,Object> env = new Hashtable<String,Object>( configuration.toJndiEnvironment() );
+ env.put( Context.PROVIDER_URL, "ou=system" );
+ env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+ InitialDirContext ic = new InitialDirContext( env );
+
+ // Check that we can get the attributes
+ Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // now modify the password for akarasulu : 'secret', encrypted using SHA
+ AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{SHA}5en6G6MezRroT3XKqkdPOmY/BfQ=" );
+ ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] {
+ new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
+
+ // close and try with old password (should fail)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+
+ try
+ {
+ ic = new InitialDirContext( env );
+ fail( "Authentication with old password should fail" );
+ }
+ catch ( NamingException e )
+ {
+ // we should fail
+ }
+
+ // close and try again now with new password (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // close and try again now with new password, to check that the
+ // cache is updated (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+ }
+
+ public void testSSHA() throws NamingException
+ {
+ Hashtable<String,Object> env = new Hashtable<String,Object>( configuration.toJndiEnvironment() );
+ env.put( Context.PROVIDER_URL, "ou=system" );
+ env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+ InitialDirContext ic = new InitialDirContext( env );
+
+ // Check that we can get the attributes
+ Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // now modify the password for akarasulu : 'secret', encrypted using SHA
+ AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{SSHA}mjVVxasFkk59wMW4L1Ldt+YCblfhULHs03WW7g==" );
+ ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] {
+ new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
+
+ // close and try with old password (should fail)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+
+ try
+ {
+ ic = new InitialDirContext( env );
+ fail( "Authentication with old password should fail" );
+ }
+ catch ( NamingException e )
+ {
+ // we should fail
+ }
+
+ // close and try again now with new password (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // close and try again now with new password, to check that the
+ // cache is updated (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+ }
+
+ public void testMD5() throws NamingException
+ {
+ Hashtable<String,Object> env = new Hashtable<String,Object>( configuration.toJndiEnvironment() );
+ env.put( Context.PROVIDER_URL, "ou=system" );
+ env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+ InitialDirContext ic = new InitialDirContext( env );
+
+ // Check that we can get the attributes
+ Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // now modify the password for akarasulu : 'secret', encrypted using MD5
+ AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{MD5}Xr4ilOzQ4PCOq3aQ0qbuaQ==" );
+ ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] {
+ new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
+
+ // close and try with old password (should fail)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+
+ try
+ {
+ ic = new InitialDirContext( env );
+ fail( "Authentication with old password should fail" );
+ }
+ catch ( NamingException e )
+ {
+ // we should fail
+ }
+
+ // close and try again now with new password (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // close and try again now with new password, to check that the
+ // cache is updated (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+ }
+
+ public void testSMD5() throws NamingException
+ {
+ Hashtable<String,Object> env = new Hashtable<String,Object>( configuration.toJndiEnvironment() );
+ env.put( Context.PROVIDER_URL, "ou=system" );
+ env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+ InitialDirContext ic = new InitialDirContext( env );
+
+ // Check that we can get the attributes
+ Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // now modify the password for akarasulu : 'secret', encrypted using SHA
+ AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{SMD5}tQ9wo/VBuKsqBtylMMCcORbnYOJFMyDJ" );
+ ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] {
+ new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
+
+ // close and try with old password (should fail)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+
+ try
+ {
+ ic = new InitialDirContext( env );
+ fail( "Authentication with old password should fail" );
+ }
+ catch ( NamingException e )
+ {
+ // we should fail
+ }
+
+ // close and try again now with new password (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // close and try again now with new password, to check that the
+ // cache is updated (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+ }
+
+ public void testCRYPT() throws NamingException
+ {
+ Hashtable<String,Object> env = new Hashtable<String,Object>( configuration.toJndiEnvironment() );
+ env.put( Context.PROVIDER_URL, "ou=system" );
+ env.put( Context.SECURITY_PRINCIPAL, "uid=akarasulu,ou=users,ou=system" );
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+ InitialDirContext ic = new InitialDirContext( env );
+
+ // Check that we can get the attributes
+ Attributes attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // now modify the password for akarasulu : 'secret', encrypted using CRYPT
+ AttributeImpl userPasswordAttribute = new AttributeImpl( "userPassword", "{crypt}qFkH8Z1woBlXw" );
+ ic.modifyAttributes( "uid=akarasulu,ou=users", new ModificationItemImpl[] {
+ new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute ) } );
+
+ // close and try with old password (should fail)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "test" );
+
+ try
+ {
+ ic = new InitialDirContext( env );
+ fail( "Authentication with old password should fail" );
+ }
+ catch ( NamingException e )
+ {
+ // we should fail
+ }
+
+ // close and try again now with new password (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+
+ // close and try again now with new password, to check that the
+ // cache is updated (should be successfull)
+ ic.close();
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ ic = new InitialDirContext( env );
+ attrs = ic.getAttributes( "uid=akarasulu,ou=users" );
+ assertNotNull( attrs );
+ assertTrue( attrs.get( "uid" ).contains( "akarasulu" ) );
+ }
}
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/authz/AbstractAuthorizationITest.java b/core-unit/src/test/java/org/apache/directory/server/core/authz/AbstractAuthorizationITest.java
index b647dc8..c851a77 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/authz/AbstractAuthorizationITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/authz/AbstractAuthorizationITest.java
@@ -23,6 +23,7 @@
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.core.unit.AbstractTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -298,7 +299,7 @@
Attribute objectClass = new AttributeImpl( "objectClass" );
subentry.put( objectClass );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "accessControlSubentry" );
subentry.put( "subtreeSpecification", subtree );
subentry.put( "prescriptiveACI", aciItem );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/authz/GeneralAuthorizationITest.java b/core-unit/src/test/java/org/apache/directory/server/core/authz/GeneralAuthorizationITest.java
new file mode 100644
index 0000000..5c14006
--- /dev/null
+++ b/core-unit/src/test/java/org/apache/directory/server/core/authz/GeneralAuthorizationITest.java
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.authz;
+
+
+import javax.naming.NamingException;
+
+import org.apache.directory.shared.ldap.exception.LdapInvalidAttributeValueException;
+import org.apache.directory.shared.ldap.message.ResultCodeEnum;
+
+
+/**
+ * Tests various authorization functionality without any specific operation.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 494176 $
+ */
+public class GeneralAuthorizationITest extends AbstractAuthorizationITest
+{
+ /**
+ * Checks to make sure we cannot create a malformed ACI missing two
+ * last brackets.
+ *
+ * @throws NamingException if the test encounters an error
+ */
+ public void testFailureToAddBadACI() throws NamingException
+ {
+ // add a subentry with malformed ACI
+ try
+ {
+ createAccessControlSubentry( "anybodyAdd", "{ " + "identificationTag \"addAci\", " + "precedence 14, "
+ + "authenticationLevel none, " + "itemOrUserFirst userFirst: { " + "userClasses { allUsers }, "
+ + "userPermissions { { " + "protectedItems {entry, allUserAttributeTypesAndValues}, "
+ + "grantsAndDenials { grantAdd, grantBrowse } } }" );
+ fail( "should never get here due to failure to add bad ACIItem" );
+ }
+ catch( LdapInvalidAttributeValueException e )
+ {
+ assertEquals( ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX, e.getResultCode() );
+ }
+ }
+}
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/collective/CollectiveAttributeServiceITest.java b/core-unit/src/test/java/org/apache/directory/server/core/collective/CollectiveAttributeServiceITest.java
index dd10e0b..7e5571a 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/collective/CollectiveAttributeServiceITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/collective/CollectiveAttributeServiceITest.java
@@ -32,6 +32,7 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -63,7 +64,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "collectiveAttributeSubentry" );
subentry.put( objectClass );
subentry.put( "c-ou", "configuration" );
@@ -78,7 +79,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "collectiveAttributeSubentry" );
subentry.put( objectClass );
subentry.put( "c-ou", "configuration2" );
@@ -93,7 +94,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "collectiveAttributeSubentry" );
subentry.put( objectClass );
subentry.put( "c-st", "FL" );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/jndi/AddITest.java b/core-unit/src/test/java/org/apache/directory/server/core/jndi/AddITest.java
index b0ef2e7..aa5df1b 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/jndi/AddITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/jndi/AddITest.java
@@ -21,6 +21,7 @@
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.exception.LdapInvalidAttributeValueException;
import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
@@ -118,4 +119,34 @@
assertTrue( true );
}
}
+
+ /**
+ * Test that we can't add an entry with an attribute with a bad syntax
+ */
+ public void testAddAttributesBadSyntax() throws Exception
+ {
+ Attributes attrs = new AttributesImpl( true );
+ Attribute oc = new AttributeImpl( "ObjectClass", "top" );
+ oc.add( "person" );
+ Attribute cn = new AttributeImpl( "cn", "kevin Spacey" );
+ Attribute sn = new AttributeImpl( "sn", "ke" );
+ Attribute telephone = new AttributeImpl( "telephoneNumber", "0123456abc" );
+ attrs.put( oc );
+ attrs.put( cn );
+ attrs.put( sn );
+ attrs.put( telephone );
+
+ String base = "sn=kevin";
+
+ //create subcontext
+ try
+ {
+ sysRoot.createSubcontext( base, attrs );
+ fail( "Should not reach this state" );
+ }
+ catch ( LdapInvalidAttributeValueException e )
+ {
+ assertTrue( true );
+ }
+ }
}
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/jndi/DIRSERVER169ITest.java b/core-unit/src/test/java/org/apache/directory/server/core/jndi/DIRSERVER169ITest.java
index c3b11f0..8483b75 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/jndi/DIRSERVER169ITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/jndi/DIRSERVER169ITest.java
@@ -57,7 +57,7 @@
Attributes user = new AttributesImpl( "uid", "bob" );
user.put( "cn", "Bob Hamilton" );
- user.put( "userPassword", "bobspassword".getBytes( "UTF-8" ) );
+ user.put( "userPassword", "bobspassword" );
Attribute objectClass = new AttributeImpl( "objectClass" );
user.put( objectClass );
@@ -122,7 +122,7 @@
String filter = "(userPassword={0})";
NamingEnumeration results = ctx.search( "uid=bob,ou=people", filter, new Object[]
- { "bobspassword".getBytes( "UTF-8" ) }, ctls );
+ { "bobspassword" }, ctls );
// We should have a match
assertTrue( results.hasMore() );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/jndi/DIRSERVER759ITest.java b/core-unit/src/test/java/org/apache/directory/server/core/jndi/DIRSERVER759ITest.java
index c0c131d..83407be 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/jndi/DIRSERVER759ITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/jndi/DIRSERVER759ITest.java
@@ -29,6 +29,7 @@
import javax.naming.directory.SearchControls;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.DerefAliasesEnum;
@@ -155,7 +156,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
try
{
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/jndi/ObjStateFactoryITest.java b/core-unit/src/test/java/org/apache/directory/server/core/jndi/ObjStateFactoryITest.java
index ba56e7f..ed55244 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/jndi/ObjStateFactoryITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/jndi/ObjStateFactoryITest.java
@@ -64,14 +64,14 @@
public void testStateFactory() throws NamingException
{
super.sysRoot.addToEnvironment( Context.STATE_FACTORIES, PersonStateFactory.class.getName() );
- Person p = new Person( "Rodriguez", "Mr. Kerberos", "noices", "555-1212", "erodriguez", "committer" );
+ Person p = new Person( "Rodriguez", "Mr. Kerberos", "noices", "555-1212", "sn=erodriguez", "committer" );
super.sysRoot.bind( "uid=erodriguez, ou=users", p );
Attributes attrs = super.sysRoot.getAttributes( "uid=erodriguez, ou=users" );
assertEquals( "Rodriguez", attrs.get( "sn" ).get() );
assertEquals( "Mr. Kerberos", attrs.get( "cn" ).get() );
assertTrue( ArrayUtils.isEquals( attrs.get( "userPassword" ).get(), "noices".getBytes() ) );
assertEquals( "555-1212", attrs.get( "telephonenumber" ).get() );
- assertEquals( "erodriguez", attrs.get( "seealso" ).get() );
+ assertEquals( "sn=erodriguez", attrs.get( "seealso" ).get() );
assertEquals( "committer", attrs.get( "description" ).get() );
}
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/jndi/ReferralITest.java b/core-unit/src/test/java/org/apache/directory/server/core/jndi/ReferralITest.java
index da8bc19..ccdba16 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/jndi/ReferralITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/jndi/ReferralITest.java
@@ -42,6 +42,7 @@
import org.apache.directory.server.core.jndi.ServerLdapContext;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.exception.LdapNamingException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
@@ -118,7 +119,7 @@
}
Hashtable<String,Object> env = new Hashtable<String,Object>();
- env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( JndiPropertyConstants.JNDI_FACTORY_INITIAL, "com.sun.jndi.ldap.LdapCtxFactory" );
env.put( "java.naming.provider.url", "ldap://hertz.karasulu.homeip.net:10390/ou=system" );
env.put( "java.naming.security.principal", "uid=admin,ou=system" );
env.put( "java.naming.security.credentials", "longsecret" );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchContextITest.java b/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchContextITest.java
index 7101e5a..2387492 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchContextITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchContextITest.java
@@ -34,6 +34,7 @@
import org.apache.directory.server.core.enumeration.SearchResultFilteringEnumeration;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.exception.LdapSizeLimitExceededException;
import org.apache.directory.shared.ldap.exception.LdapTimeLimitExceededException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -162,7 +163,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String,Attributes> map = new HashMap<String,Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=*)", controls );
@@ -184,7 +185,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=*)", controls );
@@ -209,7 +210,7 @@
controls.setDerefLinkFlag( false );
controls.setReturningAttributes( new String[]{ "1.1" } );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=testing02)", controls );
@@ -232,7 +233,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(objectClass=organ*)", controls );
@@ -257,7 +258,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(| (ou={0}) (ou={1}))", new Object[]
@@ -280,7 +281,7 @@
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setDerefLinkFlag( false );
controls.setCountLimit( 7 );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=*)", controls );
@@ -307,7 +308,7 @@
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setDerefLinkFlag( false );
controls.setTimeLimit( 200 );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=*)", controls );
@@ -350,7 +351,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(name=testing00)", controls );
@@ -369,7 +370,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(name=*)", controls );
@@ -392,7 +393,7 @@
assertTrue( "contains ou=system", map.containsKey( "ou=system" ) );
assertTrue( "contains ou=users,ou=system", map.containsKey( "ou=users,ou=system" ) );
assertTrue( "contains uid=admin,ou=system", map.containsKey( "uid=admin,ou=system" ) );
- assertTrue( "contains cn=administrators,ou=groups,ou=system", map.containsKey( "cn=administrators,ou=groups,ou=system" ) );
+ assertTrue( "contains cn=administrators,ou=groups,ou=system", map.containsKey( "cn=Administrators,ou=groups,ou=system" ) );
}
@@ -401,7 +402,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(| (name=testing00)(name=testing01))", controls );
@@ -421,7 +422,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(name=testing*)", controls );
@@ -442,7 +443,7 @@
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setDerefLinkFlag( false );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
String filter = "(|(2.5.4.11.1=testing*)(2.5.4.54=testing*)(2.5.4.10=testing*)" +
@@ -469,7 +470,7 @@
controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
controls.setDerefLinkFlag( false );
controls.setReturningAttributes( new String[] { "creatorsName" } );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=testing00)", controls );
@@ -493,7 +494,7 @@
controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
controls.setDerefLinkFlag( false );
controls.setReturningAttributes( new String[] { "creatorsName" } );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=testing00)", controls );
@@ -565,7 +566,7 @@
// SearchControls controls = new SearchControls();
// controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
// controls.setDerefLinkFlag( false );
-// sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+// sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
//
// List map = new ArrayList();
// NamingEnumeration list = sysRoot.search( "", "(name=*)", controls );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchITest.java b/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchITest.java
index ef6cfa8..fe38012 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/jndi/SearchITest.java
@@ -31,6 +31,7 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.DerefAliasesEnum;
@@ -175,7 +176,7 @@
controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
controls.setDerefLinkFlag( false );
controls.setReturningAttributes( new String[] { "+" } );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=testing01)", controls );
@@ -201,7 +202,7 @@
controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
controls.setDerefLinkFlag( false );
controls.setReturningAttributes( new String[] { "*" } );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=testing01)", controls );
@@ -228,7 +229,7 @@
controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
controls.setDerefLinkFlag( false );
controls.setReturningAttributes( new String[] { "+", "*" } );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
HashMap<String, Attributes> map = new HashMap<String, Attributes>();
NamingEnumeration list = sysRoot.search( "", "(ou=testing01)", controls );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/operational/BinaryAttributeFilterITest.java b/core-unit/src/test/java/org/apache/directory/server/core/operational/BinaryAttributeFilterITest.java
index 9e46cb4..6dd3386 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/operational/BinaryAttributeFilterITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/operational/BinaryAttributeFilterITest.java
@@ -65,9 +65,9 @@
value = ou.get();
assertEquals( "test", value );
- // try krb5Key which should be binary automatically - use ou as control
+ // try jpegPhoto which should be binary automatically - use ou as control
byte[] keyValue = new byte[]
- { 0x45, 0x23, 0x7d, 0x7f };
+ { (byte)0xFF, (byte)0xD8, (byte)0xFF, (byte)0xE0, 0x01, 0x02, 'J', 'F', 'I', 'F', 0x00, 0x45, 0x23, 0x7d, 0x7f };
attributes.put( "jpegPhoto", keyValue );
sysRoot.createSubcontext( "ou=anothertest", attributes );
ctx = ( DirContext ) sysRoot.lookup( "ou=anothertest" );
@@ -77,11 +77,11 @@
Attribute jpegPhoto = ctx.getAttributes( "" ).get( "jpegPhoto" );
value = jpegPhoto.get();
assertTrue( value instanceof byte[] );
- assertEquals( "0x45 0x23 0x7D 0x7F ", StringTools.dumpBytes( ( byte[] ) value ) );
+ assertEquals( "0xFF 0xD8 0xFF 0xE0 0x01 0x02 0x4A 0x46 0x49 0x46 0x00 0x45 0x23 0x7D 0x7F ", StringTools.dumpBytes( ( byte[] ) value ) );
// try jpegPhoto which should be binary automatically but use String to
// create so we should still get back a byte[] - use ou as control
- attributes.remove( "jpegPhoto" );
+ /*attributes.remove( "jpegPhoto" );
attributes.put( "jpegPhoto", "testing a string" );
sysRoot.createSubcontext( "ou=yetanothertest", attributes );
ctx = ( DirContext ) sysRoot.lookup( "ou=yetanothertest" );
@@ -90,6 +90,6 @@
assertEquals( "yetanothertest", value );
jpegPhoto = ctx.getAttributes( "" ).get( "jpegPhoto" );
value = jpegPhoto.get();
- assertTrue( value instanceof byte[] );
+ assertTrue( value instanceof byte[] );*/
}
}
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/operational/OperationalAttributeServiceITest.java b/core-unit/src/test/java/org/apache/directory/server/core/operational/OperationalAttributeServiceITest.java
index 5c01853..c22a25f 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/operational/OperationalAttributeServiceITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/operational/OperationalAttributeServiceITest.java
@@ -34,6 +34,7 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.DerefAliasesEnum;
@@ -115,7 +116,7 @@
ctls.setReturningAttributes( new String[]
{ "ou", "createTimestamp", "creatorsName" } );
- sysRoot.addToEnvironment( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.NEVER_DEREF_ALIASES );
+ sysRoot.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.NEVER_DEREF_ALIASES );
NamingEnumeration list;
list = sysRoot.search( "", "(ou=testing00)", ctls );
SearchResult result = ( SearchResult ) list.next();
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/prefs/ServerSystemPreferencesITest.java b/core-unit/src/test/java/org/apache/directory/server/core/prefs/ServerSystemPreferencesITest.java
index b10348f..7f4221f 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/prefs/ServerSystemPreferencesITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/prefs/ServerSystemPreferencesITest.java
@@ -88,13 +88,17 @@
*
* @throws BackingStoreException if there are failures with the store
*/
+ /* TODO: Temporarily commented until we get a clear status about this package
public void testCreateAndSetByteArray() throws BackingStoreException
{
+ byte[] jpegValue = new byte[]
+ { (byte)0xFF, (byte)0xD8, (byte)0xFF, (byte)0xE0, 0x01, 0x02, 'J', 'F', 'I', 'F', 0x00, 0x45, 0x23, 0x7d, 0x7f };
Preferences testNode = prefs.node( "testNode" );
- testNode.put( "jpegPhoto", "testNodeValue" );
+ testNode.putByteArray( "jpegPhoto", jpegValue );
testNode.sync();
testNode = prefs.node( "testNode" );
}
+ */
/**
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaAttributeTypeHandlerITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaAttributeTypeHandlerITest.java
index 5bd77c7..28d112e 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaAttributeTypeHandlerITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaAttributeTypeHandlerITest.java
@@ -26,8 +26,8 @@
import javax.naming.directory.DirContext;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -75,7 +75,7 @@
public void testAddAttributeType() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_ATTRIBUTE_TYPE_OC );
attrs.put( oc );
@@ -252,7 +252,7 @@
private void addDependeeAttributeType() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_ATTRIBUTE_TYPE_OC );
attrs.put( oc );
@@ -430,7 +430,7 @@
public void testAddAttributeTypeToDisabledSchema() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_ATTRIBUTE_TYPE_OC );
attrs.put( oc );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaComparatorHandlerITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaComparatorHandlerITest.java
index 2601cf3..382d702 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaComparatorHandlerITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaComparatorHandlerITest.java
@@ -33,8 +33,8 @@
import jdbm.helper.StringComparator;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -77,7 +77,7 @@
public void testAddComparator() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_COMPARATOR_OC );
attrs.put( oc );
@@ -106,7 +106,7 @@
}
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_COMPARATOR_OC );
attrs.put( oc );
@@ -432,7 +432,7 @@
public void testAddComparatorToDisabledSchema() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_COMPARATOR_OC );
attrs.put( oc );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaMatchingRuleHandlerITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaMatchingRuleHandlerITest.java
index 85a0d6e..1affeba 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaMatchingRuleHandlerITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaMatchingRuleHandlerITest.java
@@ -26,8 +26,8 @@
import javax.naming.directory.DirContext;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
@@ -73,7 +73,7 @@
public void testAddMatchingRule() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_MATCHING_RULE_OC );
attrs.put( oc );
@@ -410,7 +410,7 @@
public void testAddMatchingRuleToDisabledSchema() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_MATCHING_RULE_OC );
attrs.put( oc );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaNormalizerHandlerITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaNormalizerHandlerITest.java
index 129d4bb..3c95b4d 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaNormalizerHandlerITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaNormalizerHandlerITest.java
@@ -30,8 +30,8 @@
import javax.naming.directory.DirContext;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -76,7 +76,7 @@
public void testAddNormalizer() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_NORMALIZER_OC );
attrs.put( oc );
@@ -105,7 +105,7 @@
}
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_NORMALIZER_OC );
attrs.put( oc );
@@ -431,7 +431,7 @@
public void testAddNormalizerToDisabledSchema() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_NORMALIZER_OC );
attrs.put( oc );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaObjectClassHandlerITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaObjectClassHandlerITest.java
index c1047df..586c698 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaObjectClassHandlerITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaObjectClassHandlerITest.java
@@ -26,8 +26,8 @@
import javax.naming.directory.DirContext;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -76,7 +76,7 @@
public void testAddObjectClass() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_OBJECT_CLASS_OC );
attrs.put( oc );
@@ -253,7 +253,7 @@
private void addDependeeObjectClass() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_OBJECT_CLASS_OC );
attrs.put( oc );
@@ -431,7 +431,7 @@
public void testAddObjectClassToDisabledSchema() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_OBJECT_CLASS_OC );
attrs.put( oc );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaSyntaxCheckerHandlerITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaSyntaxCheckerHandlerITest.java
index bd4ac84..e9fa3a1 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaSyntaxCheckerHandlerITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaSyntaxCheckerHandlerITest.java
@@ -29,8 +29,8 @@
import javax.naming.directory.DirContext;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -73,7 +73,7 @@
public void testAddSyntaxChecker() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_SYNTAX_CHECKER_OC );
attrs.put( oc );
@@ -102,7 +102,7 @@
}
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_SYNTAX_CHECKER_OC );
attrs.put( oc );
@@ -428,7 +428,7 @@
public void testAddSyntaxCheckerToDisabledSchema() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_SYNTAX_CHECKER_OC );
attrs.put( oc );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaSyntaxHandlerITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaSyntaxHandlerITest.java
index 16572ce..678aaad 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaSyntaxHandlerITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/MetaSyntaxHandlerITest.java
@@ -32,8 +32,8 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -82,7 +82,7 @@
public void testAddSyntax() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_SYNTAX_OC );
attrs.put( oc );
@@ -332,7 +332,7 @@
private void addDependeeMatchingRule( String oid ) throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_MATCHING_RULE_OC );
attrs.put( oc );
@@ -432,7 +432,7 @@
public void testAddSyntaxToDisabledSchema() throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute oc = new AttributeImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top" );
+ Attribute oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT, "top" );
oc.add( MetaSchemaConstants.META_TOP_OC );
oc.add( MetaSchemaConstants.META_SYNTAX_OC );
attrs.put( oc );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/SchemaPersistenceITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/SchemaPersistenceITest.java
new file mode 100755
index 0000000..56efc6a
--- /dev/null
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/SchemaPersistenceITest.java
@@ -0,0 +1,241 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.schema;
+
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+
+import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.message.AttributeImpl;
+import org.apache.directory.shared.ldap.message.AttributesImpl;
+import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.schema.syntax.AttributeTypeDescription;
+import org.apache.directory.shared.ldap.schema.syntax.parser.AttributeTypeDescriptionSchemaParser;
+
+
+/**
+ * An integration test class for testing persistence for various operations
+ * on the subschemaSubentry with server restarts.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public class SchemaPersistenceITest extends AbstractAdminTestCase
+{
+ private static final String SUBSCHEMA_SUBENTRY = "subschemaSubentry";
+ private static final AttributeTypeDescriptionSchemaParser attributeTypeDescriptionSchemaParser =
+ new AttributeTypeDescriptionSchemaParser();
+
+
+ /**
+ * Tests to see if an attributeType is persisted when added, then server
+ * is shutdown, then restarted again.
+ */
+ public void testAddAttributeTypePersistence() throws Exception
+ {
+ enableSchema( "nis" );
+ List<String> descriptions = new ArrayList<String>();
+
+ // -------------------------------------------------------------------
+ // test successful add with everything
+ // -------------------------------------------------------------------
+
+ modify( DirContext.REMOVE_ATTRIBUTE, descriptions, "attributeTypes" );
+
+ descriptions.clear();
+ descriptions.add( "( 1.3.6.1.4.1.18060.0.4.1.2.10000 NAME 'type0' " +
+ "OBSOLETE SUP 2.5.4.41 " +
+ "EQUALITY caseExactIA5Match " +
+ "ORDERING octetStringOrderingMatch " +
+ "SUBSTR caseExactIA5SubstringsMatch COLLECTIVE " +
+ "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 " +
+ "SINGLE-VALUE USAGE userApplications X-SCHEMA 'nis' )" );
+ descriptions.add( "( 1.3.6.1.4.1.18060.0.4.1.2.10001 NAME ( 'type1' 'altName' ) " +
+ "SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SUP 2.5.4.41 " +
+ "NO-USER-MODIFICATION USAGE directoryOperation X-SCHEMA 'nis' )" );
+
+ modify( DirContext.ADD_ATTRIBUTE, descriptions, "attributeTypes" );
+
+ checkAttributeTypePresent( "1.3.6.1.4.1.18060.0.4.1.2.10000", "nis", true );
+ checkAttributeTypePresent( "1.3.6.1.4.1.18060.0.4.1.2.10001", "nis", true );
+
+ // sync operation happens anyway on shutdowns but just to make sure we can do it again
+ super.sync();
+
+ super.shutdown();
+ super.restart();
+
+ AttributesImpl attrs = new AttributesImpl( "objectClass", "metaSchema" );
+ attrs.put( "cn", "blah" );
+ schemaRoot.createSubcontext( "cn=blah", attrs );
+
+ checkAttributeTypePresent( "1.3.6.1.4.1.18060.0.4.1.2.10000", "nis", true );
+ checkAttributeTypePresent( "1.3.6.1.4.1.18060.0.4.1.2.10001", "nis", true );
+ }
+
+
+ // -----------------------------------------------------------------------
+ // Private Utility Methods
+ // -----------------------------------------------------------------------
+
+
+ private void modify( int op, List<String> descriptions, String opAttr ) throws Exception
+ {
+ LdapDN dn = new LdapDN( getSubschemaSubentryDN() );
+ Attribute attr = new AttributeImpl( opAttr );
+ for ( String description : descriptions )
+ {
+ attr.add( description );
+ }
+
+ Attributes mods = new AttributesImpl();
+ mods.put( attr );
+
+ rootDSE.modifyAttributes( dn, op, mods );
+ }
+
+
+ private void enableSchema( String schemaName ) throws NamingException
+ {
+ // now enable the test schema
+ ModificationItemImpl[] mods = new ModificationItemImpl[1];
+ Attribute attr = new AttributeImpl( "m-disabled", "FALSE" );
+ mods[0] = new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, attr );
+ super.schemaRoot.modifyAttributes( "cn=" + schemaName, mods );
+ }
+
+
+ /**
+ * Get's the subschemaSubentry attribute value from the rootDSE.
+ *
+ * @return the subschemaSubentry distinguished name
+ * @throws NamingException if there are problems accessing the RootDSE
+ */
+ private String getSubschemaSubentryDN() throws NamingException
+ {
+ SearchControls controls = new SearchControls();
+ controls.setSearchScope( SearchControls.OBJECT_SCOPE );
+ controls.setReturningAttributes( new String[]{ SUBSCHEMA_SUBENTRY } );
+
+ NamingEnumeration<SearchResult> results = rootDSE.search( "", "(objectClass=*)", controls );
+ SearchResult result = results.next();
+ results.close();
+ Attribute subschemaSubentry = result.getAttributes().get( SUBSCHEMA_SUBENTRY );
+ return ( String ) subschemaSubentry.get();
+ }
+
+
+ /**
+ * Gets the subschemaSubentry attributes for the global schema.
+ *
+ * @return all operational attributes of the subschemaSubentry
+ * @throws NamingException if there are problems accessing this entry
+ */
+ private Attributes getSubschemaSubentryAttributes() throws NamingException
+ {
+ SearchControls controls = new SearchControls();
+ controls.setSearchScope( SearchControls.OBJECT_SCOPE );
+ controls.setReturningAttributes( new String[]{ "+", "*" } );
+
+ NamingEnumeration<SearchResult> results = rootDSE.search( getSubschemaSubentryDN(),
+ "(objectClass=*)", controls );
+ SearchResult result = results.next();
+ results.close();
+ return result.getAttributes();
+ }
+
+
+ private void checkAttributeTypePresent( String oid, String schemaName, boolean isPresent ) throws Exception
+ {
+ // -------------------------------------------------------------------
+ // check first to see if it is present in the subschemaSubentry
+ // -------------------------------------------------------------------
+
+ Attributes attrs = getSubschemaSubentryAttributes();
+ Attribute attrTypes = attrs.get( "attributeTypes" );
+ AttributeTypeDescription attributeTypeDescription = null;
+ for ( int ii = 0; ii < attrTypes.size(); ii++ )
+ {
+ String desc = ( String ) attrTypes.get( ii );
+ if ( desc.indexOf( oid ) != -1 )
+ {
+ attributeTypeDescription = attributeTypeDescriptionSchemaParser.parseAttributeTypeDescription( desc );
+ break;
+ }
+ }
+
+ if ( isPresent )
+ {
+ assertNotNull( attributeTypeDescription );
+ assertEquals( oid, attributeTypeDescription.getNumericOid() );
+ }
+ else
+ {
+ assertNull( attributeTypeDescription );
+ }
+
+ // -------------------------------------------------------------------
+ // check next to see if it is present in the schema partition
+ // -------------------------------------------------------------------
+
+ attrs = null;
+
+ if ( isPresent )
+ {
+ attrs = schemaRoot.getAttributes( "m-oid=" + oid + ",ou=attributeTypes,cn=" + schemaName );
+ assertNotNull( attrs );
+ }
+ else
+ {
+ try
+ {
+ attrs = schemaRoot.getAttributes( "m-oid=" + oid + ",ou=attributeTypes,cn=" + schemaName );
+ fail( "should never get here" );
+ }
+ catch( NamingException e )
+ {
+ }
+ assertNull( attrs );
+ }
+
+ // -------------------------------------------------------------------
+ // check to see if it is present in the attributeTypeRegistry
+ // -------------------------------------------------------------------
+
+ if ( isPresent )
+ {
+ assertTrue( registries.getAttributeTypeRegistry().hasAttributeType( oid ) );
+ }
+ else
+ {
+ assertFalse( registries.getAttributeTypeRegistry().hasAttributeType( oid ) );
+ }
+ }
+}
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/SchemaServiceITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/SchemaServiceITest.java
index 131d76e..516cde9 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/schema/SchemaServiceITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/SchemaServiceITest.java
@@ -507,4 +507,137 @@
assertTrue( seeAlso.contains( "cn=Bad E\u00e9k\u00e0,ou=people,o=sevenSeas" ) );
}
+ /**
+ * Doing a search with filtering attributes should work even if the attribute
+ * is not valid
+ *
+ */
+ public void testSearchForUnknownAttributes() throws NamingException
+ {
+ SearchControls controls = new SearchControls();
+ controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
+ Map<String, Attributes> persons = new HashMap<String, Attributes>();
+ controls.setReturningAttributes( new String[] { "9.9.9" } );
+
+ NamingEnumeration results = sysRoot.search( "", "(objectClass=person)", controls );
+
+ while ( results.hasMore() )
+ {
+ SearchResult result = ( SearchResult ) results.next();
+ persons.put( result.getName(), result.getAttributes() );
+ }
+
+ // admin is extra
+ assertEquals( 4, persons.size() );
+
+ Attributes person = null;
+ Attribute ocs = null;
+
+ person = persons.get( "cn=person0,ou=system" );
+ assertNotNull( person );
+ ocs = person.get( "objectClass" );
+ assertNull( ocs );
+
+ ocs = person.get( "9.9.9" );
+ assertNull( ocs );
+
+ person = persons.get( "cn=person1,ou=system" );
+ assertNotNull( person );
+ ocs = person.get( "objectClass" );
+ assertNull( ocs );
+
+ person = persons.get( "cn=person2,ou=system" );
+ assertNotNull( person );
+ ocs = person.get( "objectClass" );
+ assertNull( ocs );
+ }
+
+ /**
+ * Check that if we request a Attribute which is not an AttributeType,
+ * we still get a result
+ */
+ public void testSearchAttributesOIDObjectClass() throws NamingException
+ {
+ SearchControls controls = new SearchControls();
+ controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
+ Map<String, Attributes> persons = new HashMap<String, Attributes>();
+ controls.setReturningAttributes( new String[] { "2.5.6.6" } );
+
+ NamingEnumeration results = sysRoot.search( "", "(objectClass=person)", controls );
+
+ while ( results.hasMore() )
+ {
+ SearchResult result = ( SearchResult ) results.next();
+ persons.put( result.getName(), result.getAttributes() );
+ }
+
+ // admin is extra
+ assertEquals( 4, persons.size() );
+
+ Attributes person = null;
+ Attribute ocs = null;
+
+ person = persons.get( "cn=person0,ou=system" );
+ assertNotNull( person );
+ ocs = person.get( "objectClass" );
+ assertNull( ocs );
+
+ // We should not get this attribute (it's an ObjectClass)
+ ocs = person.get( "2.5.6.6" );
+ assertNull( ocs );
+
+ person = persons.get( "cn=person1,ou=system" );
+ assertNotNull( person );
+ ocs = person.get( "objectClass" );
+ assertNull( ocs );
+
+ person = persons.get( "cn=person2,ou=system" );
+ assertNotNull( person );
+ ocs = person.get( "objectClass" );
+ assertNull( ocs );
+ }
+
+ /**
+ * Check that if we request a Attribute which is an ObjectClass.
+ */
+ public void testSearchAttributesOIDObjectClassName() throws NamingException
+ {
+ SearchControls controls = new SearchControls();
+ controls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
+ Map<String, Attributes> persons = new HashMap<String, Attributes>();
+ controls.setReturningAttributes( new String[] { "person" } );
+
+ NamingEnumeration results = sysRoot.search( "", "(objectClass=person)", controls );
+
+ while ( results.hasMore() )
+ {
+ SearchResult result = ( SearchResult ) results.next();
+ persons.put( result.getName(), result.getAttributes() );
+ }
+
+ // admin is extra
+ assertEquals( 4, persons.size() );
+
+ Attributes person = null;
+ Attribute ocs = null;
+
+ person = persons.get( "cn=person0,ou=system" );
+ assertNotNull( person );
+ ocs = person.get( "objectClass" );
+ assertNull( ocs );
+
+ // We should not get this attrinute (it's an ObjectClass)
+ ocs = person.get( "2.5.4.46" );
+ assertNull( ocs );
+
+ person = persons.get( "cn=person1,ou=system" );
+ assertNotNull( person );
+ ocs = person.get( "objectClass" );
+ assertNull( ocs );
+
+ person = persons.get( "cn=person2,ou=system" );
+ assertNotNull( person );
+ ocs = person.get( "objectClass" );
+ assertNull( ocs );
+ }
}
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/schema/SubschemaSubentryITest.java b/core-unit/src/test/java/org/apache/directory/server/core/schema/SubschemaSubentryITest.java
index 0876e20..da95381 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/schema/SubschemaSubentryITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/schema/SubschemaSubentryITest.java
@@ -24,18 +24,25 @@
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
+import java.util.Calendar;
+import java.util.Hashtable;
import java.util.List;
+import java.util.TimeZone;
+import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import jdbm.helper.IntegerComparator;
+import org.apache.directory.server.core.configuration.Configuration;
+import org.apache.directory.server.core.configuration.StartupConfiguration;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
import org.apache.directory.shared.ldap.exception.LdapNameAlreadyBoundException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
@@ -63,6 +70,7 @@
import org.apache.directory.shared.ldap.schema.syntax.parser.ObjectClassDescriptionSchemaParser;
import org.apache.directory.shared.ldap.schema.syntax.parser.SyntaxCheckerDescriptionSchemaParser;
import org.apache.directory.shared.ldap.util.Base64;
+import org.apache.directory.shared.ldap.util.DateUtils;
/**
@@ -1725,6 +1733,141 @@
// -----------------------------------------------------------------------
+ // Test Modifier and Timestamp Updates
+ // -----------------------------------------------------------------------
+
+
+ /**
+ * This method checks the modifiersName, and the modifyTimestamp on the schema
+ * subentry then modifies a schema. It then checks it again to make sure these
+ * values have been updated properly to reflect the modification time and the
+ * modifier.
+ */
+ public void testTimestampAndModifierUpdates() throws NamingException, InterruptedException
+ {
+ TimeZone tz = TimeZone.getTimeZone( "GMT" );
+
+ Attributes subentry = this.getSubschemaSubentryAttributes();
+
+ // check first that everything that is required is present
+
+ Attribute creatorsNameAttr = subentry.get( "creatorsName" );
+ Attribute createTimestampAttr = subentry.get( "createTimestamp" );
+ assertNotNull( creatorsNameAttr );
+ assertNotNull( createTimestampAttr );
+
+ Attribute modifiersNameAttr = subentry.get( "modifiersName" );
+ Attribute modifiersTimestampAttr = subentry.get( "modifyTimestamp" );
+ assertNotNull( modifiersNameAttr );
+ LdapDN expectedDN = new LdapDN( "uid=admin,ou=system" );
+ expectedDN.normalize( super.registries.getAttributeTypeRegistry().getNormalizerMapping() );
+ assertEquals( expectedDN.getNormName(), modifiersNameAttr.get() );
+ assertNotNull( modifiersTimestampAttr );
+
+ Calendar cal = Calendar.getInstance( tz );
+ assertTrue( DateUtils.getDate( ( String ) modifiersTimestampAttr.get() ) .before( cal.getTime() ) );
+
+ // now update the schema information: add a new attribute type
+
+ enableSchema( "nis" );
+ LdapDN dn = new LdapDN( getSubschemaSubentryDN() );
+ String substrate = "( 1.3.6.1.4.1.18060.0.4.0.2.10000 NAME ( 'bogus' 'bogusName' ) " +
+ "DESC 'bogus description' SUP name SINGLE-VALUE X-SCHEMA 'nis' )";
+ ModificationItemImpl[] mods = new ModificationItemImpl[1];
+ mods[0] = new ModificationItemImpl( DirContext.ADD_ATTRIBUTE,
+ new AttributeImpl( "attributeTypes", substrate ) );
+
+ rootDSE.modifyAttributes( dn, mods );
+
+ // now check the modification timestamp and the modifiers name
+
+ subentry = this.getSubschemaSubentryAttributes();
+
+ // check first that everything that is required is present
+
+ Attribute creatorsNameAttrAfter = subentry.get( "creatorsName" );
+ Attribute createTimestampAttrAfter = subentry.get( "createTimestamp" );
+ assertNotNull( creatorsNameAttrAfter );
+ assertNotNull( createTimestampAttrAfter );
+
+ Attribute modifiersNameAttrAfter = subentry.get( "modifiersName" );
+ Attribute modifiersTimestampAttrAfter = subentry.get( "modifyTimestamp" );
+ assertNotNull( modifiersNameAttrAfter );
+ expectedDN = new LdapDN( "uid=admin,ou=system" );
+ expectedDN.normalize( super.registries.getAttributeTypeRegistry().getNormalizerMapping() );
+ assertEquals( expectedDN.getNormName(), modifiersNameAttrAfter.get() );
+ assertNotNull( modifiersTimestampAttrAfter );
+
+ // generalized time is correct up to the last second so we should
+ // wait a second just to avoid rounding errors that may show sys
+ // time to be around same time as generalized time for after modify
+ Thread.sleep( 1000 );
+
+ cal = Calendar.getInstance( tz );
+ assertTrue( DateUtils.getDate( ( String ) modifiersTimestampAttrAfter.get() ).before( cal.getTime() ) );
+ assertTrue( DateUtils.getDate( ( String ) modifiersTimestampAttrAfter.get() )
+ .after( DateUtils.getDate( ( String ) modifiersTimestampAttr.get() ) ) );
+
+ // now let's test the modifiersName update with another user besides
+ // the administrator - we'll create a dummy user for that ...
+
+ AttributesImpl user = new AttributesImpl( "objectClass", "person", true );
+ user.put( "sn", "bogus" );
+ user.put( "cn", "bogus user" );
+ user.put( "userPassword", "secret" );
+ sysRoot.createSubcontext( "cn=bogus user", user );
+
+ // now let's get a context for this user
+
+ Hashtable<String,Object> env = new Hashtable<String,Object>();
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.directory.server.core.jndi.CoreContextFactory" );
+ env.put( Context.PROVIDER_URL, "" );
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ env.put( Context.SECURITY_PRINCIPAL, "cn=bogus user,ou=system" );
+ env.put( Configuration.JNDI_KEY, new StartupConfiguration() );
+ InitialDirContext ctx = new InitialDirContext( env );
+
+ // now let's add another attribute type definition to the schema but
+ // with this newly created user and check that the modifiers name is his
+
+ substrate = "( 1.3.6.1.4.1.18060.0.4.0.2.10001 NAME ( 'bogus2' 'bogusName2' ) " +
+ "DESC 'bogus description' SUP name SINGLE-VALUE X-SCHEMA 'nis' )";
+ mods[0] = new ModificationItemImpl( DirContext.ADD_ATTRIBUTE,
+ new AttributeImpl( "attributeTypes", substrate ) );
+ ctx.modifyAttributes( dn, mods );
+
+ // now let's verify the new values for the modification attributes
+
+ subentry = this.getSubschemaSubentryAttributes();
+
+ creatorsNameAttrAfter = subentry.get( "creatorsName" );
+ createTimestampAttrAfter = subentry.get( "createTimestamp" );
+ assertNotNull( creatorsNameAttrAfter );
+ assertNotNull( createTimestampAttrAfter );
+
+ modifiersNameAttrAfter = subentry.get( "modifiersName" );
+ modifiersTimestampAttrAfter = subentry.get( "modifyTimestamp" );
+ assertNotNull( modifiersNameAttrAfter );
+ expectedDN = new LdapDN( "cn=bogus user,ou=system" );
+ expectedDN.normalize( super.registries.getAttributeTypeRegistry().getNormalizerMapping() );
+ assertEquals( expectedDN.getNormName(), modifiersNameAttrAfter.get() );
+ assertNotNull( modifiersTimestampAttrAfter );
+
+ // generalized time is correct up to the last second so we should
+ // wait a second just to avoid rounding errors that may show sys
+ // time to be around same time as generalized time for after modify
+ Thread.sleep( 1000 );
+
+ cal = Calendar.getInstance( tz );
+ assertTrue( DateUtils.getDate( ( String ) modifiersTimestampAttrAfter.get() ).before( cal.getTime() ) );
+ assertTrue( DateUtils.getDate( ( String ) modifiersTimestampAttrAfter.get() )
+ .after( DateUtils.getDate( ( String ) modifiersTimestampAttr.get() ) ) );
+
+ }
+
+
+ // -----------------------------------------------------------------------
// Private Utility Methods
// -----------------------------------------------------------------------
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/subtree/BadSubentryServiceITest.java b/core-unit/src/test/java/org/apache/directory/server/core/subtree/BadSubentryServiceITest.java
index 7cbbef1..806d7f7 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/subtree/BadSubentryServiceITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/subtree/BadSubentryServiceITest.java
@@ -33,6 +33,7 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -64,7 +65,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "collectiveAttributeSubentry" );
subentry.put( objectClass );
subentry.put( "subtreeSpecification", "{ }" );
@@ -79,7 +80,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "accessControlSubentry" );
subentry.put( objectClass );
subentry.put( "subtreeSpecification", "{ }" );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceEntryModificationHandlingITest.java b/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceEntryModificationHandlingITest.java
index ad9bfdb..471406c 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceEntryModificationHandlingITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceEntryModificationHandlingITest.java
@@ -33,6 +33,7 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -66,7 +67,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "collectiveAttributeSubentry" );
subentry.put( objectClass );
subentry.put( "subtreeSpecification", "{ specificationFilter (sn=" + sn + ") }" );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceITest.java b/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceITest.java
index 0df0a44..da40874 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceITest.java
@@ -19,9 +19,9 @@
*/
package org.apache.directory.server.core.subtree;
-
import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNoSuchAttributeException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
@@ -67,7 +67,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "collectiveAttributeSubentry" );
subentry.put( objectClass );
subentry.put( "subtreeSpecification", "{ base \"ou=configuration\" }" );
@@ -82,7 +82,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "collectiveAttributeSubentry" );
subentry.put( objectClass );
String spec = "{ base \"ou=configuration\", specificExclusions { chopBefore:\"cn=unmarked\" } }";
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceObjectClassChangeHandlingITest.java b/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceObjectClassChangeHandlingITest.java
index 914caad..4b5a617 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceObjectClassChangeHandlingITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/subtree/SubentryServiceObjectClassChangeHandlingITest.java
@@ -33,6 +33,7 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -76,7 +77,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "collectiveAttributeSubentry" );
subentry.put( objectClass );
subentry.put( "subtreeSpecification", "{ specificationFilter item:organizationalPerson }" );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/trigger/AbstractTriggerServiceTest.java b/core-unit/src/test/java/org/apache/directory/server/core/trigger/AbstractTriggerServiceTest.java
index 8d732c6..79bc146 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/trigger/AbstractTriggerServiceTest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/trigger/AbstractTriggerServiceTest.java
@@ -33,6 +33,7 @@
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.core.unit.AbstractTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
@@ -171,7 +172,7 @@
Attribute objectClass = new AttributeImpl( "objectClass" );
subentry.put( objectClass );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "triggerExecutionSubentry" );
subentry.put( "subtreeSpecification", subtree );
subentry.put( "prescriptiveTriggerSpecification", triggerSpec );
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/trigger/BackupUtilities.java b/core-unit/src/test/java/org/apache/directory/server/core/trigger/BackupUtilities.java
index 9436b48..1701df0 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/trigger/BackupUtilities.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/trigger/BackupUtilities.java
@@ -22,4 +22,11 @@
backupCtx.createSubcontext( deletedEntryRdn, deletedEntry );
log.info( "Backed up deleted entry to \"" + ( ( LdapContext ) backupCtx.lookup( deletedEntryRdn ) ).getNameInNamespace() + "\"" );
}
+
+ public static void duplicateDeletedEntry( LdapContext ctx, Name deletedEntryName, Name operationPrincipal, Attributes deletedEntry ) throws NamingException
+ {
+ LdapContext backupCtx = ( LdapContext ) ctx.lookup( "ou=backupContext,ou=system" );
+ String deletedEntryRdn = deletedEntryName.get( deletedEntryName.size() - 1 );
+ backupCtx.createSubcontext( deletedEntryRdn + "," + deletedEntryRdn, deletedEntry );
+ }
}
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/trigger/DefaulTriggerServiceITest.java b/core-unit/src/test/java/org/apache/directory/server/core/trigger/DefaulTriggerServiceITest.java
index a376600..f071f58 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/trigger/DefaulTriggerServiceITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/trigger/DefaulTriggerServiceITest.java
@@ -54,7 +54,9 @@
// Create the Triger Specification within a Trigger Subentry.
createTriggerSubentry( "triggerSubentry1",
- "AFTER Delete CALL \"" + BackupUtilities.class.getName() + ".backupDeleted\" ( $ldapContext \"\", $name, $operationPrincipal, $deletedEntry )" );
+ "AFTER Delete " +
+ " CALL \"" + BackupUtilities.class.getName() + ".backupDeleted\" ( $ldapContext \"\", $name, $operationPrincipal, $deletedEntry );" +
+ "CALL \"" + BackupUtilities.class.getName() + ".duplicateDeletedEntry\" ( $ldapContext \"\", $name, $operationPrincipal, $deletedEntry ); " );
// Create a test entry which is selected by the Trigger Subentry.
Attributes testEntry = new AttributesImpl( "ou", "testou", true );
@@ -73,6 +75,7 @@
// Check if the Trigger really worked (backed up the deleted entry).
assertNotNull( sysRoot.lookup( "ou=testou,ou=backupContext" ) );
+ assertNotNull( sysRoot.lookup( "ou=testou,ou=testou,ou=backupContext" ) );
}
/*public void testBeforeDeleteLogWarning() throws NamingException
diff --git a/core-unit/src/test/java/org/apache/directory/server/core/trigger/SubentryServiceForTriggersITest.java b/core-unit/src/test/java/org/apache/directory/server/core/trigger/SubentryServiceForTriggersITest.java
index dd77945..3debeb9 100644
--- a/core-unit/src/test/java/org/apache/directory/server/core/trigger/SubentryServiceForTriggersITest.java
+++ b/core-unit/src/test/java/org/apache/directory/server/core/trigger/SubentryServiceForTriggersITest.java
@@ -34,6 +34,7 @@
import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.core.unit.AbstractAdminTestCase;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNoSuchAttributeException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
@@ -66,11 +67,11 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "triggerExecutionSubentry" );
subentry.put( objectClass );
subentry.put( "subtreeSpecification", "{ base \"ou=configuration\" }" );
- subentry.put( "prescriptiveTriggerSpecification", "AFTER Delete CALL \"LogUtils.logDelete\"($name)" );
+ subentry.put( "prescriptiveTriggerSpecification", "AFTER Delete CALL \"LogUtils.logDelete\"($name);" );
subentry.put( "cn", "testsubentry" );
return subentry;
}
@@ -80,12 +81,12 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "triggerExecutionSubentry" );
subentry.put( objectClass );
String spec = "{ base \"ou=configuration\", specificExclusions { chopBefore:\"cn=unmarked\" } }";
subentry.put( "subtreeSpecification", spec );
- subentry.put( "prescriptiveTriggerSpecification", "AFTER Delete CALL \"LogUtils.logDelete\"($name)" );
+ subentry.put( "prescriptiveTriggerSpecification", "AFTER Delete CALL \"LogUtils.logDelete\"($name);" );
subentry.put( "cn", "testsubentry" );
return subentry;
}
diff --git a/core/pom.xml b/core/pom.xml
index 761bde6..b5999ad 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-core</artifactId>
<name>ApacheDS Core</name>
diff --git a/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java b/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
index 9d4e41b..89b31a1 100644
--- a/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
+++ b/core/src/main/java/org/apache/directory/server/core/DefaultDirectoryService.java
@@ -20,6 +20,7 @@
package org.apache.directory.server.core;
+import java.io.File;
import java.io.IOException;
import java.util.HashSet;
import java.util.Hashtable;
@@ -40,6 +41,10 @@
import org.apache.directory.server.core.configuration.StartupConfiguration;
import org.apache.directory.server.core.interceptor.Interceptor;
import org.apache.directory.server.core.interceptor.InterceptorChain;
+import org.apache.directory.server.core.interceptor.context.AddContextPartitionOperationContext;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.EntryOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.jndi.AbstractContextFactory;
import org.apache.directory.server.core.jndi.DeadContext;
import org.apache.directory.server.core.jndi.PropertyKeys;
@@ -57,14 +62,19 @@
import org.apache.directory.server.schema.bootstrap.CoreSchema;
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.bootstrap.SystemSchema;
+import org.apache.directory.server.schema.bootstrap.partition.DbFileListing;
import org.apache.directory.server.schema.bootstrap.partition.SchemaPartitionExtractor;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.DefaultOidRegistry;
import org.apache.directory.server.schema.registries.DefaultRegistries;
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
+import org.apache.directory.shared.ldap.constants.ServerDNConstants;
import org.apache.directory.shared.ldap.exception.LdapAuthenticationNotSupportedException;
import org.apache.directory.shared.ldap.exception.LdapConfigurationException;
+import org.apache.directory.shared.ldap.exception.LdapNamingException;
import org.apache.directory.shared.ldap.exception.LdapNoPermissionException;
import org.apache.directory.shared.ldap.ldif.Entry;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -87,7 +97,7 @@
class DefaultDirectoryService extends DirectoryService
{
private static final Logger log = LoggerFactory.getLogger( DefaultDirectoryService.class );
- private static final String BINARY_KEY = "java.naming.ldap.attributes.binary";
+ private static final String BINARY_KEY = JndiPropertyConstants.JNDI_LDAP_ATTRIBUTES_BINARY;
private final String instanceId;
@@ -461,29 +471,29 @@
/*
* If the admin entry is there, then the database was already created
*/
- if ( !partitionNexus.hasEntry( PartitionNexus.getAdminName() ) )
+ if ( !partitionNexus.hasEntry( new EntryOperationContext( PartitionNexus.getAdminName() ) ) )
{
firstStart = true;
Attributes attributes = new AttributesImpl();
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
- objectClass.add( "person" );
- objectClass.add( "organizationalPerson" );
- objectClass.add( "inetOrgPerson" );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.PERSON_OC );
+ objectClass.add( SchemaConstants.ORGANIZATIONAL_PERSON_OC );
+ objectClass.add( SchemaConstants.INET_ORG_PERSON_OC );
attributes.put( objectClass );
- attributes.put( "uid", PartitionNexus.ADMIN_UID );
- attributes.put( "userPassword", PartitionNexus.ADMIN_PASSWORD );
- attributes.put( "displayName", "Directory Superuser" );
- attributes.put( "cn", "system administrator" );
- attributes.put( "sn", "administrator" );
- attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
- attributes.put( "displayName", "Directory Superuser" );
+ attributes.put( SchemaConstants.UID_AT, PartitionNexus.ADMIN_UID );
+ attributes.put( SchemaConstants.USER_PASSWORD_AT, PartitionNexus.ADMIN_PASSWORD );
+ attributes.put( SchemaConstants.DISPLAY_NAME_AT, "Directory Superuser" );
+ attributes.put( SchemaConstants.CN_AT, "system administrator" );
+ attributes.put( SchemaConstants.SN_AT, "administrator" );
+ attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ attributes.put( SchemaConstants.DISPLAY_NAME_AT, "Directory Superuser" );
- partitionNexus.add(PartitionNexus.getAdminName(),
- attributes );
+ partitionNexus.add( new AddOperationContext( PartitionNexus.getAdminName(),
+ attributes ) );
}
// -------------------------------------------------------------------
@@ -494,21 +504,21 @@
LdapDN userDn = new LdapDN( "ou=users,ou=system" );
userDn.normalize( oidsMap );
- if ( !partitionNexus.hasEntry( userDn ) )
+ if ( !partitionNexus.hasEntry( new EntryOperationContext( userDn ) ) )
{
firstStart = true;
Attributes attributes = new AttributesImpl();
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
- objectClass.add( "organizationalUnit" );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
attributes.put( objectClass );
- attributes.put( "ou", "users" );
- attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ attributes.put( SchemaConstants.OU_AT, "users" );
+ attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- partitionNexus.add( userDn, attributes );
+ partitionNexus.add( new AddOperationContext( userDn, attributes ) );
}
// -------------------------------------------------------------------
@@ -518,48 +528,47 @@
LdapDN groupDn = new LdapDN( "ou=groups,ou=system" );
groupDn.normalize( oidsMap );
- if ( !partitionNexus.hasEntry( groupDn ) )
+ if ( !partitionNexus.hasEntry( new EntryOperationContext( groupDn ) ) )
{
firstStart = true;
Attributes attributes = new AttributesImpl();
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
- objectClass.add( "organizationalUnit" );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
attributes.put( objectClass );
- attributes.put( "ou", "groups" );
- attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ attributes.put( SchemaConstants.OU_AT, "groups" );
+ attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- partitionNexus.add( groupDn, attributes );
+ partitionNexus.add( new AddOperationContext( groupDn, attributes ) );
}
// -------------------------------------------------------------------
// create administrator group
// -------------------------------------------------------------------
- String upName = "cn=Administrators,ou=groups,ou=system";
- LdapDN normName = new LdapDN( "cn=administrators,ou=groups,ou=system" );
- normName.normalize( oidsMap );
+ LdapDN name = new LdapDN( ServerDNConstants.ADMINISTRATORS_GROUP_DN );
+ name.normalize( oidsMap );
- if ( !partitionNexus.hasEntry( normName ) )
+ if ( !partitionNexus.hasEntry( new EntryOperationContext( name ) ) )
{
firstStart = true;
Attributes attributes = new AttributesImpl();
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
- objectClass.add( "groupOfUniqueNames" );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC );
attributes.put( objectClass );
- attributes.put( "cn", "Administrators" );
- attributes.put( "uniqueMember", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ attributes.put( SchemaConstants.CN_AT, "Administrators" );
+ attributes.put( SchemaConstants.UNIQUE_MEMBER_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- partitionNexus.add(normName, attributes );
+ partitionNexus.add( new AddOperationContext( name, attributes ) );
- Interceptor authzInterceptor = interceptorChain.get( "authorizationService" );
+ Interceptor authzInterceptor = interceptorChain.get( AuthorizationService.NAME );
if ( authzInterceptor == null )
{
@@ -576,7 +585,7 @@
}
AuthorizationService authzSrvc = ( AuthorizationService ) authzInterceptor;
- authzSrvc.cacheNewGroup( upName, normName, attributes );
+ authzSrvc.cacheNewGroup( name, attributes );
}
@@ -587,21 +596,21 @@
LdapDN configurationDn = new LdapDN( "ou=configuration,ou=system" );
configurationDn.normalize( oidsMap );
- if ( !partitionNexus.hasEntry( configurationDn ) )
+ if ( !partitionNexus.hasEntry( new EntryOperationContext( configurationDn ) ) )
{
firstStart = true;
Attributes attributes = new AttributesImpl();
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
- objectClass.add( "organizationalUnit" );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
attributes.put( objectClass );
- attributes.put( "ou", "configuration" );
- attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ attributes.put( SchemaConstants.OU_AT, "configuration" );
+ attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- partitionNexus.add( configurationDn, attributes );
+ partitionNexus.add( new AddOperationContext( configurationDn, attributes ) );
}
// -------------------------------------------------------------------
@@ -611,21 +620,21 @@
LdapDN partitionsDn = new LdapDN( "ou=partitions,ou=configuration,ou=system" );
partitionsDn.normalize( oidsMap );
- if ( !partitionNexus.hasEntry( partitionsDn ) )
+ if ( !partitionNexus.hasEntry( new EntryOperationContext( partitionsDn ) ) )
{
firstStart = true;
Attributes attributes = new AttributesImpl();
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
- objectClass.add( "organizationalUnit" );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
attributes.put( objectClass );
- attributes.put( "ou", "partitions" );
- attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ attributes.put( SchemaConstants.OU_AT, "partitions" );
+ attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- partitionNexus.add( partitionsDn, attributes );
+ partitionNexus.add( new AddOperationContext( partitionsDn, attributes ) );
}
// -------------------------------------------------------------------
@@ -635,21 +644,21 @@
LdapDN servicesDn = new LdapDN( "ou=services,ou=configuration,ou=system" );
servicesDn.normalize( oidsMap );
- if ( !partitionNexus.hasEntry( servicesDn ) )
+ if ( !partitionNexus.hasEntry( new EntryOperationContext( servicesDn ) ) )
{
firstStart = true;
Attributes attributes = new AttributesImpl();
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
- objectClass.add( "organizationalUnit" );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
attributes.put( objectClass );
- attributes.put( "ou", "services" );
- attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ attributes.put( SchemaConstants.OU_AT, "services" );
+ attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- partitionNexus.add( servicesDn, attributes );
+ partitionNexus.add( new AddOperationContext( servicesDn, attributes ) );
}
// -------------------------------------------------------------------
@@ -659,21 +668,21 @@
LdapDN interceptorsDn = new LdapDN( "ou=interceptors,ou=configuration,ou=system" );
interceptorsDn.normalize( oidsMap );
- if ( !partitionNexus.hasEntry( interceptorsDn ) )
+ if ( !partitionNexus.hasEntry( new EntryOperationContext( interceptorsDn ) ) )
{
firstStart = true;
Attributes attributes = new AttributesImpl();
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
- objectClass.add( "organizationalUnit" );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
attributes.put( objectClass );
- attributes.put( "ou", "interceptors" );
- attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ attributes.put( SchemaConstants.OU_AT, "interceptors" );
+ attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- partitionNexus.add( interceptorsDn, attributes );
+ partitionNexus.add( new AddOperationContext( interceptorsDn, attributes ) );
}
// -------------------------------------------------------------------
@@ -683,22 +692,22 @@
LdapDN sysPrefRootDn = new LdapDN( "prefNodeName=sysPrefRoot,ou=system");
sysPrefRootDn.normalize( oidsMap );
- if ( !partitionNexus.hasEntry( sysPrefRootDn ) )
+ if ( !partitionNexus.hasEntry( new EntryOperationContext( sysPrefRootDn ) ) )
{
firstStart = true;
Attributes attributes = new AttributesImpl();
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
- objectClass.add( "organizationalUnit" );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
attributes.put( objectClass );
- attributes.put( "objectClass", "extensibleObject" );
+ attributes.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.EXTENSIBLE_OBJECT_OC );
attributes.put( "prefNodeName", "sysPrefRoot" );
- attributes.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
- attributes.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ attributes.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ attributes.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
- partitionNexus.add( sysPrefRootDn, attributes );
+ partitionNexus.add( new AddOperationContext( sysPrefRootDn, attributes ) );
}
return firstStart;
@@ -716,8 +725,8 @@
LdapDN adminDn = new LdapDN( PartitionNexus.ADMIN_PRINCIPAL );
adminDn.normalize( configuration.getRegistries().getAttributeTypeRegistry().getNormalizerMapping() );
- Attributes adminEntry = partitionNexus.lookup( adminDn );
- Object userPassword = adminEntry.get( "userPassword" ).get();
+ Attributes adminEntry = partitionNexus.lookup( new LookupOperationContext( adminDn ) );
+ Object userPassword = adminEntry.get( SchemaConstants.USER_PASSWORD_AT ).get();
if ( userPassword instanceof byte[] )
{
needToChangeAdminPassword = PartitionNexus.ADMIN_PASSWORD.equals( new String(
@@ -816,17 +825,21 @@
// If not present extract schema partition from jar
// --------------------------------------------------------------------
- SchemaPartitionExtractor extractor = null;
- try
+ File schemaDirectory = new File( startupConfiguration.getWorkingDirectory(), "schema" );
+ SchemaPartitionExtractor extractor = null;
+ if ( ! schemaDirectory.exists() )
{
- extractor = new SchemaPartitionExtractor( startupConfiguration.getWorkingDirectory() );
- extractor.extract();
- }
- catch ( IOException e )
- {
- NamingException ne = new NamingException( "Failed to extract pre-loaded schema partition." );
- ne.setRootCause( e );
- throw ne;
+ try
+ {
+ extractor = new SchemaPartitionExtractor( startupConfiguration.getWorkingDirectory() );
+ extractor.extract();
+ }
+ catch ( IOException e )
+ {
+ NamingException ne = new NamingException( "Failed to extract pre-loaded schema partition." );
+ ne.setRootCause( e );
+ throw ne;
+ }
}
// --------------------------------------------------------------------
@@ -836,14 +849,26 @@
MutablePartitionConfiguration schemaPartitionConfig = new MutablePartitionConfiguration();
schemaPartitionConfig.setName( "schema" );
schemaPartitionConfig.setCacheSize( 1000 );
- schemaPartitionConfig.setIndexedAttributes( extractor.getDbFileListing().getIndexedAttributes() );
+
+ DbFileListing listing = null;
+ try
+ {
+ listing = new DbFileListing();
+ }
+ catch( IOException e )
+ {
+ throw new LdapNamingException( "Got IOException while trying to read DBFileListing: " + e.getMessage(),
+ ResultCodeEnum.OTHER );
+ }
+
+ schemaPartitionConfig.setIndexedAttributes( listing.getIndexedAttributes() );
schemaPartitionConfig.setOptimizerEnabled( true );
schemaPartitionConfig.setSuffix( "ou=schema" );
Attributes entry = new AttributesImpl();
- entry.put( "objectClass", "top" );
- entry.get( "objectClass" ).add( "organizationalUnit" );
- entry.put( "ou", "schema" );
+ entry.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
+ entry.put( SchemaConstants.OU_AT, "schema" );
schemaPartitionConfig.setContextEntry( entry );
JdbmPartition schemaPartition = new JdbmPartition();
schemaPartition.init( configuration, schemaPartitionConfig );
@@ -931,7 +956,7 @@
for ( int i = 0; i < binaryArray.length; i++ )
{
- binaries.add( StringTools.lowerCase( StringTools.trim( binaryArray[i] ) ) );
+ binaries.add( StringTools.lowerCaseAscii( StringTools.trim( binaryArray[i] ) ) );
}
}
@@ -960,9 +985,10 @@
// add the lowercased name for the names for the attributeType
String[] names = type.getNames();
+
for ( int ii = 0; ii < names.length; ii++ )
{
- binaries.add( StringTools.lowerCase( StringTools.trim( names[ii] ) ) );
+ binaries.add( StringTools.lowerCaseAscii( StringTools.trim( names[ii] ) ) );
}
}
}
@@ -975,7 +1001,7 @@
partitionNexus = new DefaultPartitionNexus( new AttributesImpl() );
partitionNexus.init( configuration, null );
- partitionNexus.addContextPartition( schemaPartitionConfig );
+ partitionNexus.addContextPartition( new AddContextPartitionOperationContext( schemaPartitionConfig ) );
interceptorChain = new InterceptorChain();
interceptorChain.init( configuration );
diff --git a/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java b/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
index f7b7f8d..8ce8e0a 100644
--- a/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
+++ b/core/src/main/java/org/apache/directory/server/core/authn/AbstractAuthenticator.java
@@ -98,7 +98,7 @@
/**
* Implement your initialization code here.
*/
- protected void doInit() throws NamingException
+ protected void doInit()
{
}
@@ -150,7 +150,6 @@
* @return the principal for the <tt>name</tt>
* @throws NamingException if there is a problem parsing <tt>name</tt>
*/
- // does not seem to be used
protected static LdapPrincipal createLdapPrincipal( String name, AuthenticationLevel authenticationLeve )
throws NamingException
{
diff --git a/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java b/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java
index fb081e5..8f70c37 100644
--- a/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java
+++ b/core/src/main/java/org/apache/directory/server/core/authn/AuthenticationService.java
@@ -33,7 +33,7 @@
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.AuthenticatorConfiguration;
@@ -41,16 +41,21 @@
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.Interceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.BindOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.LdapJndiProperties;
import org.apache.directory.server.core.jndi.ServerContext;
import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
-import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.util.AttributeUtils;
import org.apache.directory.shared.ldap.message.MessageTypeEnum;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
-
+import org.apache.directory.shared.ldap.util.AttributeUtils;
+import org.apache.directory.shared.ldap.util.StringTools;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -65,6 +70,9 @@
{
private static final Logger log = LoggerFactory.getLogger( AuthenticationService.class );
+ /** The service name */
+ public static final String NAME = "authenticationService";
+
/** Speedup for logs */
private static final boolean IS_DEBUG = log.isDebugEnabled();
@@ -80,7 +88,6 @@
{
}
-
/**
* Registers and initializes all {@link Authenticator}s to this service.
*/
@@ -107,7 +114,6 @@
/**
* Deinitializes and deregisters all {@link Authenticator}s from this service.
*/
- @SuppressWarnings("unchecked")
public void destroy()
{
Set<Collection<Authenticator>> clonedAuthenticatorCollections = new HashSet<Collection<Authenticator>>();
@@ -194,45 +200,46 @@
}
- public void add( NextInterceptor next, LdapDN normName, Attributes entry ) throws NamingException
+ public void add( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Adding the entry " + AttributeUtils.toString( entry ) + " for DN = '"
- + normName.getUpName() + "'" );
+ log.debug( "Adding the entry " +
+ AttributeUtils.toString( ((AddOperationContext)opContext).getEntry() ) +
+ " for DN = '" + opContext.getDn().getUpName() + "'" );
}
checkAuthenticated( MessageTypeEnum.ADD_REQUEST );
- next.add(normName, entry );
+ next.add( opContext );
}
- public void delete( NextInterceptor next, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Deleting name = '" + name.toString() + "'" );
+ log.debug( "Deleting name = '" + opContext.getDn().getUpName() + "'" );
}
checkAuthenticated( MessageTypeEnum.DEL_REQUEST );
- next.delete( name );
- invalidateAuthenticatorCaches( name );
+ next.delete( opContext );
+ invalidateAuthenticatorCaches( opContext.getDn() );
}
- public LdapDN getMatchedName ( NextInterceptor next, LdapDN dn ) throws NamingException
+ public LdapDN getMatchedName ( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Matching name = '" + dn.toString() + "'" );
+ log.debug( "Matching name = '" + opContext.getDn().getUpName() + "'" );
}
checkAuthenticated();
- return next.getMatchedName( dn );
+ return next.getMatchedName( opContext );
}
- public Attributes getRootDSE( NextInterceptor next ) throws NamingException
+ public Attributes getRootDSE( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
@@ -240,59 +247,47 @@
}
checkAuthenticated();
- return next.getRootDSE();
+ return next.getRootDSE( opContext );
}
- public LdapDN getSuffix ( NextInterceptor next, LdapDN dn ) throws NamingException
+ public LdapDN getSuffix ( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Getting suffix for name = '" + dn.toString() + "'" );
+ log.debug( "Getting suffix for name = '" + opContext.getDn().getUpName() + "'" );
}
checkAuthenticated();
- return next.getSuffix( dn );
+ return next.getSuffix( opContext );
}
- public boolean hasEntry( NextInterceptor next, LdapDN name ) throws NamingException
+ public boolean hasEntry( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Testing if entry name = '" + name.toString() + "' exists" );
+ log.debug( "Testing if entry name = '" + opContext.getDn().getUpName() + "' exists" );
}
checkAuthenticated();
- return next.hasEntry( name );
+ return next.hasEntry( opContext );
}
- public boolean isSuffix( NextInterceptor next, LdapDN name ) throws NamingException
+ public NamingEnumeration list( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Testing suffix for name = '" + name.toString() + "'" );
+ log.debug( "Listing base = '" + opContext.getDn().getUpName() + "'" );
}
checkAuthenticated();
- return next.isSuffix( name );
+ return next.list( opContext );
}
- public NamingEnumeration list( NextInterceptor next, LdapDN base ) throws NamingException
- {
- if ( IS_DEBUG )
- {
- log.debug( "Listing base = '" + base.toString() + "'" );
- }
-
- checkAuthenticated();
- return next.list( base );
- }
-
-
- public Iterator listSuffixes ( NextInterceptor next ) throws NamingException
+ public Iterator listSuffixes ( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
@@ -300,34 +295,33 @@
}
checkAuthenticated();
- return next.listSuffixes();
+ return next.listSuffixes( opContext );
}
- public Attributes lookup( NextInterceptor next, LdapDN dn, String[] attrIds ) throws NamingException
+ public Attributes lookup( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Lookup name = '" + dn.toString() + "', attributes = " + attrIds );
+ LookupOperationContext ctx = (LookupOperationContext)opContext;
+
+ List<String> attrIds = ctx.getAttrsId();
+
+ if ( ( attrIds != null ) && ( attrIds.size() != 0 ) )
+ {
+ String attrs = StringTools.listToString( attrIds );
+ log.debug( "Lookup name = '" + ctx.getDn().getUpName() + "', attributes = " + attrs );
+ }
+ else
+ {
+ log.debug( "Lookup name = '" + ctx.getDn().getUpName() + "', no attributes " );
+ }
}
checkAuthenticated();
- return next.lookup( dn, attrIds );
+ return next.lookup( opContext );
}
-
- public Attributes lookup( NextInterceptor next, LdapDN name ) throws NamingException
- {
- if ( IS_DEBUG )
- {
- log.debug( "Lookup name = '" + name.toString() + "'" );
- }
-
- checkAuthenticated();
- return next.lookup( name );
- }
-
-
private void invalidateAuthenticatorCaches( LdapDN principalDn )
{
for ( String authMech:authenticators.keySet() )
@@ -343,84 +337,74 @@
}
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Modifying name = '" + name.toString() + "', modifs = " + AttributeUtils.toString( mods ) );
+ log.debug( opContext.toString() );
}
checkAuthenticated( MessageTypeEnum.MODIFY_REQUEST );
- next.modify( name, modOp, mods );
- invalidateAuthenticatorCaches( name );
+ next.modify( opContext );
+ invalidateAuthenticatorCaches( opContext.getDn() );
}
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] mods ) throws NamingException
+ public void rename( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Modifying name = '" + name.toString() + "'" );
- }
-
- checkAuthenticated( MessageTypeEnum.MODIFY_REQUEST );
- next.modify( name, mods );
- invalidateAuthenticatorCaches( name );
- }
-
-
- public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
- {
- if ( IS_DEBUG )
- {
- log.debug( "Modifying name = '" + name.toString() + "', new RDN = '" + newRn + "', oldRDN = '"
- + deleteOldRn + "'" );
+ log.debug( "Modifying name = '" + opContext.getDn().getUpName() + "', new RDN = '" +
+ ((RenameOperationContext)opContext).getNewRdn() + "', " +
+ "oldRDN = '" + ((RenameOperationContext)opContext).getDelOldDn() + "'" );
}
checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST );
- next.modifyRn( name, newRn, deleteOldRn );
- invalidateAuthenticatorCaches( name );
+ next.rename( opContext );
+ invalidateAuthenticatorCaches( opContext.getDn() );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Moving name = '" + oriChildName.toString() + "' to name = '" + newParentName + "', new RDN = '"
- + newRn + "', oldRDN = '" + deleteOldRn + "'" );
+ log.debug( "Moving name = '" + opContext.getDn().getUpName() + "' to name = '" +
+ ((MoveAndRenameOperationContext)opContext).getParent() + "', new RDN = '" +
+ ((MoveAndRenameOperationContext)opContext).getNewRdn() + "', oldRDN = '" +
+ ((MoveAndRenameOperationContext)opContext).getDelOldDn() + "'" );
}
checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST );
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
- invalidateAuthenticatorCaches( oriChildName );
+ next.moveAndRename( opContext );
+ invalidateAuthenticatorCaches( opContext.getDn() );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Moving name = '" + oriChildName.toString() + " to name = '" + newParentName + "'" );
+ log.debug( "Moving name = '" + opContext.getDn().getUpName() + " to name = '" +
+ ((MoveOperationContext)opContext).getParent().getUpName() + "'" );
}
checkAuthenticated( MessageTypeEnum.MOD_DN_REQUEST );
- next.move( oriChildName, newParentName );
- invalidateAuthenticatorCaches( oriChildName );
+ next.move( opContext );
+ invalidateAuthenticatorCaches( opContext.getDn() );
}
- public NamingEnumeration search( NextInterceptor next, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor next, OperationContext opContext ) throws NamingException
{
if ( IS_DEBUG )
{
- log.debug( "Search for base = '" + base.toString() + "'" );
+ log.debug( "Search for base = '" + opContext.getDn().getUpName() + "'" );
}
checkAuthenticated( MessageTypeEnum.SEARCH_REQUEST );
- return next.search( base, env, filter, searchCtls );
+ return next.search( opContext );
}
@@ -456,19 +440,22 @@
}
- public void bind( NextInterceptor next, LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId )
- throws NamingException
- {
+ public void bind( NextInterceptor next, OperationContext opContext )
+ throws NamingException
+ {
+ // The DN is always normalized here
+ LdapDN normBindDn = opContext.getDn();
+ String bindUpDn = normBindDn.getUpName();
if ( IS_DEBUG )
{
- log.debug( "Bind operation. bindDn: " + bindDn );
+ log.debug( "Bind operation. bindDn: " + bindUpDn );
}
// check if we are already authenticated and if so we return making
// sure first that the credentials are not exposed within context
ServerContext ctx = ( ServerContext ) InvocationStack.getInstance().peek().getCaller();
-
+
if ( IS_DEBUG )
{
log.debug( "bind: principal: " + ctx.getPrincipal() );
@@ -483,34 +470,38 @@
return;
}
-
+
// pick the first matching authenticator type
Collection<Authenticator> authenticators = null;
- for ( String mechanism:mechanisms )
+ for ( String mechanism:((BindOperationContext)opContext).getMechanisms() )
{
authenticators = getAuthenticators( mechanism );
-
+
if ( authenticators != null )
{
break;
}
}
-
+
if ( authenticators == null )
{
log.debug( "No authenticators found, delegating bind to the nexus." );
+
// as a last resort try binding via the nexus
- next.bind( bindDn, credentials, mechanisms, saslAuthId );
+ next.bind( opContext );
+
log.debug( "Nexus succeeded on bind operation." );
+
// bind succeeded if we got this far
- ctx.setPrincipal( new TrustedPrincipalWrapper( new LdapPrincipal( bindDn, LdapJndiProperties
+ ctx.setPrincipal( new TrustedPrincipalWrapper( new LdapPrincipal( normBindDn, LdapJndiProperties
.getAuthenticationLevel( ctx.getEnvironment() ) ) ) );
+
// remove creds so there is no security risk
ctx.removeFromEnvironment( Context.SECURITY_CREDENTIALS );
return;
}
-
+
// TODO : we should refactor that.
// try each authenticators
for ( Authenticator authenticator:authenticators )
@@ -518,11 +509,14 @@
try
{
// perform the authentication
- LdapPrincipal authorizationId = authenticator.authenticate( bindDn, ctx );
+ LdapPrincipal authorizationId = authenticator.authenticate( normBindDn, ctx );
+
// authentication was successful
ctx.setPrincipal( new TrustedPrincipalWrapper( authorizationId ) );
+
// remove creds so there is no security risk
ctx.removeFromEnvironment( Context.SECURITY_CREDENTIALS );
+
return;
}
catch ( LdapAuthenticationException e )
@@ -530,7 +524,7 @@
// authentication failed, try the next authenticator
if ( log.isInfoEnabled() )
{
- log.info( "Authenticator " + authenticator.getClass() + " failed to authenticate " + bindDn );
+ log.info( "Authenticator " + authenticator.getClass() + " failed to authenticate " + bindUpDn );
}
}
catch ( Exception e )
@@ -538,11 +532,11 @@
// Log other exceptions than LdapAuthenticationException
if ( log.isWarnEnabled() )
{
- log.warn( "Unexpected exception from " + authenticator.getClass() + " for principal " + bindDn, e );
+ log.warn( "Unexpected exception from " + authenticator.getClass() + " for principal " + bindUpDn, e );
}
}
}
-
+
if ( log.isInfoEnabled() )
{
log.info( "Cannot bind to the server " );
diff --git a/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java b/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java
index e74191a..88a3985 100644
--- a/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java
+++ b/core/src/main/java/org/apache/directory/server/core/authn/LdapPrincipal.java
@@ -27,6 +27,7 @@
import org.apache.directory.shared.ldap.aci.AuthenticationLevel;
import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.StringTools;
/**
@@ -41,13 +42,16 @@
private static final long serialVersionUID = 3906650782395676720L;
/** the normalized distinguished name of the principal */
- private final Name name;
+ private final LdapDN name;
/** the no name anonymous user whose DN is the empty String */
public static final LdapPrincipal ANONYMOUS = new LdapPrincipal();
/** the authentication level for this principal */
private final AuthenticationLevel authenticationLevel;
+
+ /** The userPassword */
+ private byte[] userPassword;
/**
@@ -58,10 +62,27 @@
* @param name the normalized distinguished name of the principal
* @param authenticationLevel
*/
- LdapPrincipal( Name name, AuthenticationLevel authenticationLevel )
+ LdapPrincipal( LdapDN name, AuthenticationLevel authenticationLevel )
{
this.name = name;
this.authenticationLevel = authenticationLevel;
+ this.userPassword = null;
+ }
+
+ /**
+ * Creates a new LDAP/X500 principal without any group associations. Keep
+ * this package friendly so only code in the package can create a
+ * trusted principal.
+ *
+ * @param name the normalized distinguished name of the principal
+ * @param authenticationLevel
+ * @param userPassword The user password
+ */
+ LdapPrincipal( LdapDN name, AuthenticationLevel authenticationLevel, byte[] userPassword )
+ {
+ this.name = name;
+ this.authenticationLevel = authenticationLevel;
+ this.userPassword = userPassword;
}
@@ -71,8 +92,9 @@
*/
private LdapPrincipal()
{
- this.name = new LdapDN();
- this.authenticationLevel = AuthenticationLevel.NONE;
+ name = new LdapDN();
+ authenticationLevel = AuthenticationLevel.NONE;
+ userPassword = null;
}
@@ -93,7 +115,7 @@
*/
public String getName()
{
- return name.toString();
+ return name.getNormName();
}
@@ -114,6 +136,18 @@
*/
public String toString()
{
- return name.toString();
+ return "['" + name.getUpName() + "', '" + StringTools.utf8ToString( userPassword ) +"']'";
+ }
+
+
+ public byte[] getUserPassword()
+ {
+ return userPassword;
+ }
+
+
+ public void setUserPassword( byte[] userPassword )
+ {
+ this.userPassword = userPassword;
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java b/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
index 154d12e..b5ac049 100644
--- a/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
+++ b/core/src/main/java/org/apache/directory/server/core/authn/SimpleAuthenticator.java
@@ -20,31 +20,47 @@
package org.apache.directory.server.core.authn;
+import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
-import java.util.WeakHashMap;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import org.apache.commons.collections.map.LRUMap;
+import org.apache.directory.server.core.authz.AuthorizationService;
+import org.apache.directory.server.core.authz.DefaultAuthorizationService;
+import org.apache.directory.server.core.collective.CollectiveAttributeService;
+import org.apache.directory.server.core.event.EventService;
+import org.apache.directory.server.core.exception.ExceptionService;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.ServerContext;
+import org.apache.directory.server.core.normalization.NormalizationService;
+import org.apache.directory.server.core.operational.OperationalAttributeService;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.server.core.referral.ReferralService;
+import org.apache.directory.server.core.schema.SchemaService;
+import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.core.trigger.TriggerService;
import org.apache.directory.shared.ldap.aci.AuthenticationLevel;
+import org.apache.directory.shared.ldap.constants.LdapSecurityConstants;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.util.ArrayUtils;
import org.apache.directory.shared.ldap.util.Base64;
import org.apache.directory.shared.ldap.util.StringTools;
+import org.apache.directory.shared.ldap.util.UnixCrypt;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -56,125 +72,532 @@
* password is stored with a one-way encryption applied (e.g. SHA), the password
* is hashed the same way before comparison.
*
+ * We use a cache to speedup authentication, where the DN/password are stored.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
*/
public class SimpleAuthenticator extends AbstractAuthenticator
{
private static final Logger log = LoggerFactory.getLogger( SimpleAuthenticator.class );
- private static final Collection USERLOOKUP_BYPASS;
-
- private WeakHashMap<String, byte[]> credentialCache = new WeakHashMap<String, byte[]>( 1000 );
+ /** A speedup for logger in debug mode */
+ private static final boolean IS_DEBUG = log.isDebugEnabled();
+
+ /**
+ * A cache to store passwords. It's a speedup, we will be able to avoid backend lookups.
+ *
+ * Note that the backend also use a cache mechanism, but for performance gain, it's good
+ * to manage a cache here. The main problem is that when a user modify his password, we will
+ * have to update it at three different places :
+ * - in the backend,
+ * - in the partition cache,
+ * - in this cache.
+ *
+ * The update of the backend and partition cache is already correctly handled, so we will
+ * just have to offer an access to refresh the local cache.
+ *
+ * We need to be sure that frequently used passwords be always in cache, and not discarded.
+ * We will use a LRU cache for this purpose.
+ */
+ private LRUMap credentialCache;
+
+ /** Declare a default for this cache. 100 entries seems to be enough */
+ private static final int DEFAULT_CACHE_SIZE = 100;
+
+ /**
+ * Define the interceptors we should *not* go through when we will have to request the backend
+ * about a userPassword.
+ */
+ private static final Collection USERLOOKUP_BYPASS;
static
{
Set<String> c = new HashSet<String>();
- c.add( "normalizationService" );
- c.add( "collectiveAttributeService" );
- c.add( "authenticationService" );
- c.add( "authorizationService" );
- c.add( "defaultAuthorizationService" );
- c.add( "schemaService" );
- c.add( "subentryService" );
- c.add( "operationalAttributeService" );
- c.add( "eventService" );
- c.add( TriggerService.SERVICE_NAME );
+ c.add( NormalizationService.NAME );
+ c.add( AuthenticationService.NAME );
+ c.add( ReferralService.NAME );
+ c.add( AuthorizationService.NAME );
+ c.add( DefaultAuthorizationService.NAME );
+ c.add( ExceptionService.NAME );
+ c.add( OperationalAttributeService.NAME );
+ c.add( SchemaService.NAME );
+ c.add( SubentryService.NAME );
+ c.add( CollectiveAttributeService.NAME );
+ c.add( EventService.NAME );
+ c.add( TriggerService.NAME );
USERLOOKUP_BYPASS = Collections.unmodifiableCollection( c );
}
/**
* Creates a new instance.
+ * @
*/
+ @SuppressWarnings( "unchecked" )
public SimpleAuthenticator()
{
super( "simple" );
+
+ credentialCache = new LRUMap( DEFAULT_CACHE_SIZE );
}
+ /**
+ * Creates a new instance, with an initial cache size
+ */
+ @SuppressWarnings( "unchecked" )
+ public SimpleAuthenticator( int cacheSize)
+ {
+ super( "simple" );
+
+ credentialCache = new LRUMap( cacheSize > 0 ? cacheSize : DEFAULT_CACHE_SIZE );
+ }
+
+ /**
+ * A private class to store all informations about the existing
+ * password found in the cache or get from the backend.
+ *
+ * This is necessary as we have to compute :
+ * - the used algorithm
+ * - the salt if any
+ * - the password itself.
+ *
+ * If we have a on-way encrypted password, it is stored using this
+ * format :
+ * {<algorithm>}<encrypted password>
+ * where the encrypted password format can be :
+ * - MD5/SHA : base64([<salt (8 bytes)>]<password>)
+ * - crypt : <salt (2 btytes)><password>
+ *
+ * Algorithm are currently MD5, SMD5, SHA, SSHA, CRYPT and empty
+ */
+ private class EncryptionMethod
+ {
+ private byte[] salt;
+ private String algorithm;
+
+ private EncryptionMethod( String algorithm, byte[] salt )
+ {
+ this.algorithm = algorithm;
+ this.salt = salt;
+ }
+ }
/**
+ * Get the password either from cache or from backend.
+ * @param principalDN The DN from which we want the password
+ * @return A byte array which can be empty if the password was not found
+ * @throws NamingException If we have a problem during the lookup operation
+ */
+ private LdapPrincipal getStoredPassword( LdapDN principalDN ) throws NamingException
+ {
+ LdapPrincipal principal = null;
+ String principalNorm = principalDN.getNormName();
+
+ synchronized( credentialCache )
+ {
+ principal = (LdapPrincipal)credentialCache.get( principalNorm );
+ }
+
+ byte[] storedPassword = null;
+
+ if ( principal == null )
+ {
+ // Not found in the cache
+ // Get the user password from the backend
+ storedPassword = lookupUserPassword( principalDN );
+
+
+ // Deal with the special case where the user didn't enter a password
+ // We will compare the empty array with the credentials. Sometime,
+ // a user does not set a password. This is bad, but there is nothing
+ // we can do against that, except education ...
+ if ( storedPassword == null )
+ {
+ storedPassword = ArrayUtils.EMPTY_BYTE_ARRAY;
+ }
+
+ // Create the new principal before storing it in the cache
+ principal = new LdapPrincipal( principalDN, AuthenticationLevel.SIMPLE, storedPassword );
+
+ // Now, update the local cache.
+ synchronized( credentialCache )
+ {
+ credentialCache.put( principalDN.getNormName(), principal );
+ }
+ }
+ else
+ {
+ // Found !
+ storedPassword = principal.getUserPassword();
+ }
+
+ return principal;
+ }
+
+ /**
+ * Get the user credentials from the environment. It is stored into the
+ * ServcerContext.
+ * @param ctx
+ * @param principalDn
+ * @return
+ * @throws LdapAuthenticationException
+ */
+ private byte[] getCredentials( ServerContext ctx, LdapDN principalDn ) throws LdapAuthenticationException
+ {
+ Object creds = ctx.getEnvironment().get( Context.SECURITY_CREDENTIALS );
+ byte[] credentials = null;
+
+ if ( creds == null )
+ {
+ credentials = ArrayUtils.EMPTY_BYTE_ARRAY;
+ }
+ else if ( creds instanceof String )
+ {
+ credentials = StringTools.getBytesUtf8( ( String ) creds );
+ }
+ else if ( creds instanceof byte[] )
+ {
+ // This is the general case. When dealing with a BindRequest operation,
+ // received by the server, the credentials are always stored into a byte array
+ credentials = (byte[])creds;
+ }
+ else
+ {
+ log.info( "Incorrect credentials stored in {}", Context.SECURITY_CREDENTIALS );
+ throw new LdapAuthenticationException();
+ }
+
+ return credentials;
+ }
+
+
+ /**
* Looks up <tt>userPassword</tt> attribute of the entry whose name is the
* value of {@link Context#SECURITY_PRINCIPAL} environment variable, and
* authenticates a user with the plain-text password.
+ *
+ * We have at least 6 algorithms to encrypt the password :
+ * - SHA
+ * - SSHA (salted SHA)
+ * - MD5
+ * - SMD5 (slated MD5)
+ * - crypt (unix crypt)
+ * - plain text, ie no encryption.
+ *
+ * If we get an encrypted password, it is prefixed by the used algorithm, between
+ * brackets : {SSHA}password ...
+ *
+ * If the password is using SSHA, SMD5 or crypt, some 'salt' is added to the password :
+ * - length(password) - 20, starting at 21th position for SSHA
+ * - length(password) - 16, starting at 16th position for SMD5
+ * - length(password) - 2, starting at 3rd position for crypt
+ *
+ * For (S)SHA and (S)MD5, we have to transform the password from Base64 encoded text
+ * to a byte[] before comparing the password with the stored one.
+ * For crypt, we only have to remove the salt.
+ *
+ * At the end, we use the digest() method for (S)SHA and (S)MD5, the crypt() method for
+ * the CRYPT algorithm and a straight comparison for PLAIN TEXT passwords.
+ *
+ * The stored password is always using the unsalted form, and is stored as a bytes array.
*/
public LdapPrincipal authenticate( LdapDN principalDn, ServerContext ctx ) throws NamingException
{
+ if ( IS_DEBUG )
+ {
+ log.debug( "Authenticating {}", principalDn );
+ }
+
// ---- extract password from JNDI environment
-
- Object creds = ctx.getEnvironment().get( Context.SECURITY_CREDENTIALS );
-
- if ( creds == null )
+ byte[] credentials = getCredentials( ctx, principalDn );
+
+ LdapPrincipal principal = getStoredPassword( principalDn );
+
+ // Get the stored password, either from cache or from backend
+ byte[] storedPassword = principal.getUserPassword();
+
+ // Short circuit for PLAIN TEXT passwords : we compare the byte array directly
+ // Are the passwords equal ?
+ if ( Arrays.equals( credentials, storedPassword ) )
{
- creds = ArrayUtils.EMPTY_BYTE_ARRAY;
- }
- else if ( creds instanceof String )
- {
- creds = StringTools.getBytesUtf8( ( String ) creds );
- }
-
- byte[] userPassword = null;
- if ( credentialCache.containsKey( principalDn.getNormName() ) )
- {
- userPassword = credentialCache.get( principalDn.getNormName() );
- }
- else
- {
- userPassword = lookupUserPassword( principalDn );
- }
-
- boolean credentialsMatch = false;
-
- // Check if password is stored as a message digest, i.e. one-way
- // encrypted
- if ( this.isPasswordOneWayEncrypted( userPassword ) )
- {
- try
+ if ( IS_DEBUG )
{
- // create a corresponding digested password from creds
- String algorithm = this.getAlgorithmForHashedPassword( userPassword );
- String digestedCredits = this.createDigestedPassword( algorithm, creds );
-
- credentialsMatch = Arrays.equals( StringTools.getBytesUtf8( digestedCredits ), userPassword );
+ log.debug( "{} Authenticated", principalDn );
}
- catch ( NoSuchAlgorithmException nsae )
+
+ return principal;
+ }
+
+ // Let's see if the stored password was encrypted
+ String algorithm = findAlgorithm( storedPassword );
+
+ if ( algorithm != null )
+ {
+ EncryptionMethod encryptionMethod = new EncryptionMethod( algorithm, null );
+
+ // Let's get the encrypted part of the stored password
+ // We should just keep the password, excluding the algorithm
+ // and the salt, if any.
+ // But we should also get the algorithm and salt to
+ // be able to encrypt the submitted user password in the next step
+ byte[] encryptedStored = splitCredentials( storedPassword, encryptionMethod );
+
+ // Reuse the slatedPassword informations to construct the encrypted
+ // password given by the user.
+ byte[] userPassword = encryptPassword( credentials, encryptionMethod );
+
+ // Now, compare the two passwords.
+ if ( Arrays.equals( userPassword, encryptedStored ) )
{
- log.warn( "Password stored with unknown algorithm.", nsae );
+ if ( IS_DEBUG )
+ {
+ log.debug( "{} Authenticated", principalDn );
+ }
+
+ return principal;
}
- catch ( IllegalArgumentException e )
+ else
{
- log.warn( "Exception during authentication", e );
+ // Bad password ...
+ String message = "Password not correct for user '" + principalDn.getUpName() + "'";
+ log.info( message );
+ throw new LdapAuthenticationException(message);
}
}
else
{
- // password is not stored one-way encrypted
- credentialsMatch = Arrays.equals( (byte[])creds, userPassword );
- }
-
- if ( credentialsMatch )
- {
- LdapPrincipal principal = new LdapPrincipal( principalDn, AuthenticationLevel.SIMPLE );
- credentialCache.put( principalDn.getNormName(), userPassword );
- return principal;
- }
- else
- {
- throw new LdapAuthenticationException();
+ // Bad password ...
+ String message = "Password not correct for user '" + principalDn.getUpName() + "'";
+ log.info( message );
+ throw new LdapAuthenticationException(message);
}
}
+ private static void split( byte[] all, int offset, byte[] left, byte[] right )
+ {
+ System.arraycopy( all, offset, left, 0, left.length );
+ System.arraycopy( all, offset + left.length, right, 0, right.length );
+ }
+
+ /**
+ * Decopose the stored password in an algorithm, an eventual salt
+ * and the password itself.
+ *
+ * If the algorithm is SHA, SSHA, MD5 or SMD5, the part following the algorithm
+ * is base64 encoded
+ *
+ * @param encryptionMethod The structure to feed
+ * @return The password
+ */
+ private byte[] splitCredentials( byte[] credentials, EncryptionMethod encryptionMethod )
+ {
+ String algorithm = encryptionMethod.algorithm;
+
+ int pos = algorithm.length() + 2;
+
+ if ( ( LdapSecurityConstants.HASH_METHOD_MD5.equals( algorithm ) ) ||
+ ( LdapSecurityConstants.HASH_METHOD_SHA.equals( algorithm ) ) )
+ {
+ try
+ {
+ // We just have the password just after the algorithm, base64 encoded.
+ // Just decode the password and return it.
+ return Base64.decode( new String( credentials, pos, credentials.length - pos, "UTF-8" ).toCharArray() );
+ }
+ catch ( UnsupportedEncodingException uee )
+ {
+ // do nothing
+ return credentials;
+ }
+ }
+ else if ( ( LdapSecurityConstants.HASH_METHOD_SMD5.equals( algorithm ) ) ||
+ ( LdapSecurityConstants.HASH_METHOD_SSHA.equals( algorithm ) ) )
+ {
+ try
+ {
+ // The password is associated with a salt. Decompose it
+ // in two parts, after having decoded the password.
+ // The salt will be stored into the EncryptionMethod structure
+ // The salt is at the end of the credentials, and is 8 bytes long
+ byte[] passwordAndSalt = Base64.decode( new String( credentials, pos, credentials.length - pos, "UTF-8" ).toCharArray() );
+
+ encryptionMethod.salt = new byte[8];
+ byte[] password = new byte[passwordAndSalt.length - encryptionMethod.salt.length];
+ split( passwordAndSalt, 0, password, encryptionMethod.salt );
+
+ return password;
+ }
+ catch ( UnsupportedEncodingException uee )
+ {
+ // do nothing
+ return credentials;
+ }
+ }
+ else if ( LdapSecurityConstants.HASH_METHOD_CRYPT.equals( algorithm ) )
+ {
+ // The password is associated with a salt. Decompose it
+ // in two parts, storing the salt into the EncryptionMethod structure.
+ // The salt comes first, not like for SSHA and SMD5, and is 2 bytes long
+ encryptionMethod.salt = new byte[2];
+ byte[] password = new byte[credentials.length - encryptionMethod.salt.length - pos];
+ split( credentials, pos, encryptionMethod.salt, password );
+
+ return password;
+ }
+ else
+ {
+ // unknown method
+ return credentials;
+ }
+ }
- protected byte[] lookupUserPassword( LdapDN principalDn ) throws NamingException
+ /**
+ * Get the algorithm from the stored password.
+ * It can be found on the beginning of the stored password, between
+ * curly brackets.
+ */
+ private String findAlgorithm( byte[] credentials )
+ {
+ if ( ( credentials == null ) || ( credentials.length == 0 ) )
+ {
+ return null;
+ }
+
+ if ( credentials[0] == '{' )
+ {
+ // get the algorithm
+ int pos = 1;
+
+ while ( pos < credentials.length )
+ {
+ if ( credentials[pos] == '}' )
+ {
+ break;
+ }
+
+ pos++;
+ }
+
+ if ( pos < credentials.length )
+ {
+ if ( pos == 1 )
+ {
+ // We don't have an algorithm : return the credentials as is
+ return null;
+ }
+
+ String algorithm = new String( credentials, 1, pos - 1 ).toLowerCase();
+
+ if ( ( LdapSecurityConstants.HASH_METHOD_MD5.equals( algorithm ) ) ||
+ ( LdapSecurityConstants.HASH_METHOD_SHA.equals( algorithm ) ) ||
+ ( LdapSecurityConstants.HASH_METHOD_SMD5.equals( algorithm ) ) ||
+ ( LdapSecurityConstants.HASH_METHOD_SSHA.equals( algorithm ) ) ||
+ ( LdapSecurityConstants.HASH_METHOD_CRYPT.equals( algorithm ) ) )
+ {
+ return algorithm;
+ }
+ else
+ {
+ // unknown method
+ return null;
+ }
+ }
+ else
+ {
+ // We don't have an algorithm
+ return null;
+ }
+ }
+ else
+ {
+ // No '{algo}' part
+ return null;
+ }
+ }
+
+ /**
+ * Compute the hashed password given an algorithm, the credentials and
+ * an optional salt.
+ */
+ private static byte[] digest( String algorithm, byte[] password, byte[] salt )
+ {
+ MessageDigest digest;
+
+ try
+ {
+ digest = MessageDigest.getInstance( algorithm );
+ }
+ catch ( NoSuchAlgorithmException e1 )
+ {
+ return null;
+ }
+
+ if ( salt != null )
+ {
+ digest.update( password );
+ digest.update( salt );
+ return digest.digest();
+ }
+ else
+ {
+ return digest.digest( password );
+ }
+ }
+
+ private byte[] encryptPassword( byte[] credentials, EncryptionMethod encryptionMethod )
+ {
+ String algorithm = encryptionMethod.algorithm;
+ byte[] salt = encryptionMethod.salt;
+
+ if ( LdapSecurityConstants.HASH_METHOD_SHA.equals( algorithm ) ||
+ LdapSecurityConstants.HASH_METHOD_SSHA.equals( algorithm ) )
+ {
+ return digest( LdapSecurityConstants.HASH_METHOD_SHA, credentials, salt );
+ }
+ else if ( LdapSecurityConstants.HASH_METHOD_MD5.equals( algorithm ) ||
+ LdapSecurityConstants.HASH_METHOD_SMD5.equals( algorithm ) )
+ {
+ return digest( LdapSecurityConstants.HASH_METHOD_MD5, credentials, salt );
+ }
+ else if ( LdapSecurityConstants.HASH_METHOD_CRYPT.equals( algorithm ) )
+ {
+ if ( salt == null )
+ {
+ salt = new byte[2];
+ SecureRandom sr = new SecureRandom();
+ int i1 = sr.nextInt( 64 );
+ int i2 = sr.nextInt( 64 );
+
+ salt[0] = ( byte ) ( i1 < 12 ? ( i1 + '.' ) : i1 < 38 ? ( i1 + 'A' - 12 ) : ( i1 + 'a' - 38 ) );
+ salt[1] = ( byte ) ( i2 < 12 ? ( i2 + '.' ) : i2 < 38 ? ( i2 + 'A' - 12 ) : ( i2 + 'a' - 38 ) );
+ }
+
+ String saltWithCrypted = UnixCrypt.crypt( StringTools.utf8ToString( credentials ), StringTools.utf8ToString( salt ) );
+ String crypted = saltWithCrypted.substring( 2 );
+
+ return StringTools.getBytesUtf8( crypted );
+ }
+ else
+ {
+ return credentials;
+ }
+ }
+
+ /**
+ * Local function which request the password from the backend
+ */
+ private byte[] lookupUserPassword( LdapDN principalDn ) throws NamingException
{
// ---- lookup the principal entry's userPassword attribute
-
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
Attributes userEntry;
try
{
- userEntry = proxy.lookup( principalDn, new String[]
- { "userPassword" }, USERLOOKUP_BYPASS );
+ LookupOperationContext lookupContex = new LookupOperationContext( new String[] { SchemaConstants.USER_PASSWORD_AT } );
+ lookupContex.setDn( principalDn );
+
+ userEntry = proxy.lookup( lookupContex, USERLOOKUP_BYPASS );
if ( userEntry == null )
{
@@ -191,10 +614,9 @@
Object userPassword;
- Attribute userPasswordAttr = userEntry.get( "userPassword" );
+ Attribute userPasswordAttr = userEntry.get( SchemaConstants.USER_PASSWORD_AT );
// ---- assert that credentials match
-
if ( userPasswordAttr == null )
{
userPassword = ArrayUtils.EMPTY_BYTE_ARRAY;
@@ -212,66 +634,35 @@
return ( byte[] ) userPassword;
}
-
- /**
- * Checks if the argument is one-way encryped. If it is a string or a
- * byte-array which looks like "{XYZ}...", and XYZ is a known lessage
- * digest, the method returns true. The method does not throw an exception
- * otherwise, e.g. if the algorithm XYZ is not known to the runtime.
- *
- * @param password
- * agument, either a string or a byte-array
- * @return true, if the value is a digested password with algorithm included
- */
- protected boolean isPasswordOneWayEncrypted( Object password )
- {
- boolean result = false;
- try
- {
- String algorithm = getAlgorithmForHashedPassword( password );
- result = ( algorithm != null );
- }
- catch ( IllegalArgumentException ignored )
- {
- }
- return result;
- }
-
-
/**
* Get the algorithm of a password, which is stored in the form "{XYZ}...".
* The method returns null, if the argument is not in this form. It returns
* XYZ, if XYZ is an algorithm known to the MessageDigest class of
* java.security.
*
- * @param password
- * either a String or a byte[]
+ * @param password a byte[]
* @return included message digest alorithm, if any
*/
- protected String getAlgorithmForHashedPassword( Object password ) throws IllegalArgumentException
+ protected String getAlgorithmForHashedPassword( byte[] password ) throws IllegalArgumentException
{
String result = null;
// Check if password arg is string or byte[]
- String sPassword = null;
- if ( password instanceof byte[] )
- {
- sPassword = new String( ( byte[] ) password );
- }
- else if ( password instanceof String )
- {
- sPassword = ( String ) password;
- }
- else
- {
- throw new IllegalArgumentException( "password is neither a String nor a byte-Array." );
- }
+ String sPassword = StringTools.utf8ToString( password );
+ int rightParen = sPassword.indexOf( '}' );
- if ( sPassword != null && sPassword.length() > 2 && sPassword.charAt( 0 ) == '{'
- && sPassword.indexOf( '}' ) > -1 )
+ if ( ( sPassword != null ) &&
+ ( sPassword.length() > 2 ) &&
+ ( sPassword.charAt( 0 ) == '{' ) &&
+ ( rightParen > -1 ) )
{
- int algPosEnd = sPassword.indexOf( '}' );
- String algorithm = sPassword.substring( 1, algPosEnd );
+ String algorithm = sPassword.substring( 1, rightParen );
+
+ if ( "crypt".equals( algorithm ) )
+ {
+ return algorithm;
+ }
+
try
{
MessageDigest.getInstance( algorithm );
@@ -298,7 +689,7 @@
* an algorithm which is supported by
* java.security.MessageDigest, e.g. SHA
* @param password
- * password value, either a string or a byte[]
+ * password value, a byte[]
*
* @return a digested password, which looks like
* {SHA}LhkDrSoM6qr0fW6hzlfOJQW61tc=
@@ -307,52 +698,45 @@
* if password is neither a String nor a byte[], or algorithm is
* not known to java.security.MessageDigest class
*/
- protected String createDigestedPassword( String algorithm, Object password ) throws NoSuchAlgorithmException,
- IllegalArgumentException
+ protected String createDigestedPassword( String algorithm, byte[] password ) throws IllegalArgumentException
{
- // Check if password arg is string or byte[]
- byte[] data = null;
- if ( password instanceof byte[] )
- {
- data = ( byte[] ) password;
- }
- else if ( password instanceof String )
- {
- data = StringTools.getBytesUtf8( ( String ) password );
- }
- else
- {
- throw new IllegalArgumentException( "password is neither a String nor a byte-Array." );
- }
-
// create message digest object
- MessageDigest digest = null;
try
{
- digest = MessageDigest.getInstance( algorithm );
+ if ( "crypt".equalsIgnoreCase( algorithm ) )
+ {
+ String saltWithCrypted = UnixCrypt.crypt( StringTools.utf8ToString( password ), "" );
+ String crypted = saltWithCrypted.substring( 2 );
+ return '{' + algorithm + '}' + StringTools.getBytesUtf8( crypted );
+ }
+ else
+ {
+ MessageDigest digest = MessageDigest.getInstance( algorithm );
+
+ // calculate hashed value of password
+ byte[] fingerPrint = digest.digest( password );
+ char[] encoded = Base64.encode( fingerPrint );
+
+ // create return result of form "{alg}bbbbbbb"
+ return '{' + algorithm + '}' + new String( encoded );
+ }
}
catch ( NoSuchAlgorithmException nsae )
{
+ log.error( "Cannot create a digested password for algorithm '{}'", algorithm );
throw new IllegalArgumentException( nsae.getMessage() );
}
-
- // calculate hashed value of password
- byte[] fingerPrint = digest.digest( data );
- char[] encoded = Base64.encode( fingerPrint );
-
- // create return result of form "{alg}bbbbbbb"
- StringBuffer result = new StringBuffer();
- result.append( '{' );
- result.append( algorithm );
- result.append( '}' );
- result.append( encoded );
-
- return result.toString();
}
-
+ /**
+ * Remove the principal form the cache. This is used when the user changes
+ * his password.
+ */
public void invalidateCache( LdapDN bindDn )
{
- credentialCache.remove( bindDn.getNormName() );
+ synchronized( credentialCache )
+ {
+ credentialCache.remove( bindDn.getNormName() );
+ }
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java b/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java
index 6b9470b..0bedf6a 100644
--- a/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java
+++ b/core/src/main/java/org/apache/directory/server/core/authz/AuthorizationService.java
@@ -20,6 +20,21 @@
package org.apache.directory.server.core.authz;
+
+import java.text.ParseException;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.authn.LdapPrincipal;
import org.apache.directory.server.core.authz.support.ACDFEngine;
@@ -29,6 +44,15 @@
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.InterceptorChain;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.CompareOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.ServerContext;
@@ -42,32 +66,16 @@
import org.apache.directory.shared.ldap.aci.ACIItemParser;
import org.apache.directory.shared.ldap.aci.ACITuple;
import org.apache.directory.shared.ldap.aci.MicroOperation;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNamingException;
-import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.util.AttributeUtils;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import javax.naming.NamingException;
-import javax.naming.NamingEnumeration;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-
-import java.text.ParseException;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
/**
* An ACI based authorization service.
@@ -79,10 +87,10 @@
{
/** the logger for this class */
private static final Logger log = LoggerFactory.getLogger( AuthorizationService.class );
- /** the entry ACI attribute string: entryACI */
- private static final String ENTRYACI_ATTR = "entryACI";
- /** the subentry ACI attribute string: subentryACI */
- private static final String SUBENTRYACI_ATTR = "subentryACI";
+
+ /** The service name */
+ public static final String NAME = "authorizationService";
+
/**
* the multivalued op attr used to track the perscriptive access control
* subentries that apply to an entry.
@@ -140,18 +148,25 @@
/** a tupleCache that responds to add, delete, and modify attempts */
private TupleCache tupleCache;
+
/** a groupCache that responds to add, delete, and modify attempts */
private GroupCache groupCache;
+
/** a normalizing ACIItem parser */
private ACIItemParser aciParser;
+
/** use and instance of the ACDF engine */
private ACDFEngine engine;
+
/** interceptor chain */
private InterceptorChain chain;
+
/** attribute type registry */
private AttributeTypeRegistry attrRegistry;
+
/** whether or not this interceptor is activated */
private boolean enabled = false;
+
/** the system wide subschemaSubentryDn */
private String subschemaSubentryDn;
@@ -162,7 +177,14 @@
private String subentryOid;
private String acSubentryOid;
+ /** A storage for the entryACI attributeType */
+ private AttributeType entryAciType;
+
+ /** the subentry ACI attribute type */
+ private AttributeType subentryAciType;
+ public static final SearchControls DEFAULT_SEARCH_CONTROLS = new SearchControls();
+
/**
* Initializes this interceptor based service by getting a handle on the nexus, setting up
* the tupe and group membership caches and the ACIItem parser and the ACDF engine.
@@ -180,11 +202,13 @@
OidRegistry oidRegistry = factoryCfg.getRegistries().getOidRegistry();
// look up some constant information
- objectClassOid = oidRegistry.getOid( "objectClass" );
- subentryOid = oidRegistry.getOid( "subentry" );
+ objectClassOid = oidRegistry.getOid( SchemaConstants.OBJECT_CLASS_AT );
+ subentryOid = oidRegistry.getOid( SchemaConstants.SUBENTRY_OC );
acSubentryOid = oidRegistry.getOid( AC_SUBENTRY_ATTR );
objectClassType = attrRegistry.lookup( objectClassOid );
acSubentryType = attrRegistry.lookup( acSubentryOid );
+ entryAciType = attrRegistry.lookup( SchemaConstants.ENTRY_ACI_AT_OID );
+ subentryAciType = attrRegistry.lookup( SchemaConstants.SUBENTRY_ACI_AT_OID );
aciParser = new ACIItemParser( new ConcreteNameComponentNormalizer( attrRegistry, oidRegistry ), attrRegistry.getNormalizerMapping() );
engine = new ACDFEngine( factoryCfg.getRegistries().getOidRegistry(), attrRegistry );
@@ -192,8 +216,8 @@
enabled = factoryCfg.getStartupConfiguration().isAccessControlEnabled();
// stuff for dealing with subentries (garbage for now)
- String subschemaSubentry = ( String ) factoryCfg.getPartitionNexus().getRootDSE().get( "subschemaSubentry" )
- .get();
+ String subschemaSubentry = ( String ) factoryCfg.getPartitionNexus().getRootDSE( null ).
+ get( "subschemaSubentry" ).get();
LdapDN subschemaSubentryDnName = new LdapDN( subschemaSubentry );
subschemaSubentryDnName.normalize( attrRegistry.getNormalizerMapping() );
subschemaSubentryDn = subschemaSubentryDnName.toNormName();
@@ -235,18 +259,21 @@
* to be in the same naming context as their access point so the subentries
* effecting their parent entry applies to them as well.
*/
- if ( AttributeUtils.containsValue( oc, "subentry", objectClassType ) || oc.contains( subentryOid ) )
+ if ( AttributeUtils.containsValue( oc, SchemaConstants.SUBENTRY_OC, objectClassType ) ||
+ AttributeUtils.containsValue( oc, subentryOid, objectClassType ) )
{
LdapDN parentDn = ( LdapDN ) dn.clone();
parentDn.remove( dn.size() - 1 );
- entry = proxy.lookup( parentDn, PartitionNexusProxy.LOOKUP_BYPASS );
+ entry = proxy.lookup( new LookupOperationContext( parentDn), PartitionNexusProxy.LOOKUP_BYPASS );
}
Attribute subentries = AttributeUtils.getAttribute( entry, acSubentryType );
+
if ( subentries == null )
{
return;
}
+
for ( int ii = 0; ii < subentries.size(); ii++ )
{
String subentryDn = ( String ) subentries.get( ii );
@@ -265,7 +292,8 @@
*/
private void addEntryAciTuples( Collection<ACITuple> tuples, Attributes entry ) throws NamingException
{
- Attribute entryAci = entry.get( ENTRYACI_ATTR );
+ Attribute entryAci = AttributeUtils.getAttribute( entry, entryAciType );
+
if ( entryAci == null )
{
return;
@@ -305,7 +333,7 @@
throws NamingException
{
// only perform this for subentries
- if ( !entry.get( "objectClass" ).contains( "subentry" ) )
+ if ( !AttributeUtils.containsValueCaseIgnore( entry.get( SchemaConstants.OBJECT_CLASS_AT ), SchemaConstants.SUBENTRY_OC ) )
{
return;
}
@@ -314,9 +342,10 @@
// will contain the subentryACI attributes that effect subentries
LdapDN parentDn = ( LdapDN ) dn.clone();
parentDn.remove( dn.size() - 1 );
- Attributes administrativeEntry = proxy.lookup( parentDn, new String[]
- { SUBENTRYACI_ATTR }, PartitionNexusProxy.LOOKUP_BYPASS );
- Attribute subentryAci = administrativeEntry.get( SUBENTRYACI_ATTR );
+ Attributes administrativeEntry = proxy.lookup(
+ new LookupOperationContext( parentDn, new String[]
+ { SchemaConstants.SUBENTRY_ACI_AT }) , PartitionNexusProxy.LOOKUP_BYPASS );
+ Attribute subentryAci = AttributeUtils.getAttribute( administrativeEntry, subentryAciType );
if ( subentryAci == null )
{
@@ -365,33 +394,37 @@
* -------------------------------------------------------------------------------
*/
- public void add( NextInterceptor next, LdapDN normName, Attributes entry ) throws NamingException
+ public void add( NextInterceptor next, OperationContext addContext ) throws NamingException
{
// Access the principal requesting the operation, and bypass checks if it is the admin
Invocation invocation = InvocationStack.getInstance().peek();
LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
LdapDN principalDn = principal.getJndiName();
+
+ Attributes entry = ((AddOperationContext)addContext).getEntry();
+ LdapDN name = addContext.getDn();
// bypass authz code if we are disabled
if ( !enabled )
{
- next.add( normName, entry );
+ next.add( addContext );
return;
}
// bypass authz code but manage caches if operation is performed by the admin
if ( isPrincipalAnAdministrator( principalDn ) )
{
- next.add( normName, entry );
- tupleCache.subentryAdded( normName.toNormName(), normName, entry );
- groupCache.groupAdded( normName.toNormName(), normName, entry );
+ next.add( addContext );
+ tupleCache.subentryAdded( name.getUpName(), name, entry );
+ groupCache.groupAdded( name, entry );
return;
}
// perform checks below here for all non-admin users
- SubentryService subentryService = ( SubentryService ) chain.get( "subentryService" );
- Attributes subentryAttrs = subentryService.getSubentryAttributes( normName, entry );
+ SubentryService subentryService = ( SubentryService ) chain.get( SubentryService.NAME );
+ Attributes subentryAttrs = subentryService.getSubentryAttributes( name, entry );
NamingEnumeration attrList = entry.getAll();
+
while ( attrList.hasMore() )
{
subentryAttrs.put( ( Attribute ) attrList.next() );
@@ -403,56 +436,60 @@
// Build the total collection of tuples to be considered for add rights
// NOTE: entryACI are NOT considered in adds (it would be a security breech)
- addPerscriptiveAciTuples( invocation.getProxy(), tuples, normName, subentryAttrs );
- addSubentryAciTuples( invocation.getProxy(), tuples, normName, subentryAttrs );
+ addPerscriptiveAciTuples( invocation.getProxy(), tuples, name, subentryAttrs );
+ addSubentryAciTuples( invocation.getProxy(), tuples, name, subentryAttrs );
// check if entry scope permission is granted
PartitionNexusProxy proxy = invocation.getProxy();
- engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), normName, null, null,
+ engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
ADD_PERMS, tuples, subentryAttrs );
// now we must check if attribute type and value scope permission is granted
NamingEnumeration attributeList = entry.getAll();
+
while ( attributeList.hasMore() )
{
Attribute attr = ( Attribute ) attributeList.next();
+
for ( int ii = 0; ii < attr.size(); ii++ )
{
- engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), normName, attr
+ engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, attr
.getID(), attr.get( ii ), ADD_PERMS, tuples, entry );
}
}
// if we've gotten this far then access has been granted
- next.add( normName, entry );
+ next.add( addContext );
// if the entry added is a subentry or a groupOf[Unique]Names we must
// update the ACITuple cache and the groups cache to keep them in sync
- tupleCache.subentryAdded( normName.toNormName(), normName, entry );
- groupCache.groupAdded( normName.toNormName(), normName, entry );
+ tupleCache.subentryAdded( name.getUpName(), name, entry );
+ groupCache.groupAdded( name, entry );
}
- public void delete( NextInterceptor next, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext deleteContext ) throws NamingException
{
+ LdapDN name = deleteContext.getDn();
+
// Access the principal requesting the operation, and bypass checks if it is the admin
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes entry = proxy.lookup( new LookupOperationContext( name ) , PartitionNexusProxy.LOOKUP_BYPASS );
LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
LdapDN principalDn = principal.getJndiName();
// bypass authz code if we are disabled
if ( !enabled )
{
- next.delete( name );
+ next.delete( deleteContext );
return;
}
// bypass authz code but manage caches if operation is performed by the admin
if ( isPrincipalAnAdministrator( principalDn ) )
{
- next.delete( name );
+ next.delete( deleteContext );
tupleCache.subentryDeleted( name, entry );
groupCache.groupDeleted( name, entry );
return;
@@ -467,97 +504,38 @@
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
REMOVE_PERMS, tuples, entry );
- next.delete( name );
+ next.delete( deleteContext );
tupleCache.subentryDeleted( name, entry );
groupCache.groupDeleted( name, entry );
}
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
// Access the principal requesting the operation, and bypass checks if it is the admin
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
+ LdapDN name = opContext.getDn();
+
+ // Access the principal requesting the operation, and bypass checks if it is the admin
+ Attributes entry = proxy.lookup( new LookupOperationContext( name ), PartitionNexusProxy.LOOKUP_BYPASS );
LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
LdapDN principalDn = principal.getJndiName();
// bypass authz code if we are disabled
if ( !enabled )
{
- next.modify( name, modOp, mods );
+ next.modify( opContext );
return;
}
+ ModificationItemImpl[] mods =((ModifyOperationContext)opContext).getModItems();
+
// bypass authz code but manage caches if operation is performed by the admin
if ( isPrincipalAnAdministrator( principalDn ) )
{
- next.modify( name, modOp, mods );
- tupleCache.subentryModified( name, modOp, mods, entry );
- groupCache.groupModified( name, modOp, mods, entry );
- return;
- }
-
- Set userGroups = groupCache.getGroups( principalDn.toString() );
- Collection<ACITuple> tuples = new HashSet<ACITuple>();
- addPerscriptiveAciTuples( proxy, tuples, name, entry );
- addEntryAciTuples( tuples, entry );
- addSubentryAciTuples( proxy, tuples, name, entry );
-
- engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
- Collections.singleton( MicroOperation.MODIFY ), tuples, entry );
-
- NamingEnumeration attrList = mods.getAll();
- Collection<MicroOperation> perms = null;
- switch ( modOp )
- {
- case ( DirContext.ADD_ATTRIBUTE ):
- perms = ADD_PERMS;
- break;
- case ( DirContext.REMOVE_ATTRIBUTE ):
- perms = REMOVE_PERMS;
- break;
- case ( DirContext.REPLACE_ATTRIBUTE ):
- perms = REPLACE_PERMS;
- break;
- }
-
- while ( attrList.hasMore() )
- {
- Attribute attr = ( Attribute ) attrList.next();
- for ( int ii = 0; ii < attr.size(); ii++ )
- {
- engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, attr
- .getID(), attr.get( ii ), perms, tuples, entry );
- }
- }
-
- next.modify( name, modOp, mods );
- tupleCache.subentryModified( name, modOp, mods, entry );
- groupCache.groupModified( name, modOp, mods, entry );
- }
-
-
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] mods ) throws NamingException
- {
- // Access the principal requesting the operation, and bypass checks if it is the admin
- Invocation invocation = InvocationStack.getInstance().peek();
- PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
- LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
- LdapDN principalDn = principal.getJndiName();
-
- // bypass authz code if we are disabled
- if ( !enabled )
- {
- next.modify( name, mods );
- return;
- }
-
- // bypass authz code but manage caches if operation is performed by the admin
- if ( isPrincipalAnAdministrator( principalDn ) )
- {
- next.modify( name, mods );
+
+ next.modify( opContext );
tupleCache.subentryModified( name, mods, entry );
groupCache.groupModified( name, mods, entry );
return;
@@ -573,6 +551,7 @@
Collections.singleton( MicroOperation.MODIFY ), tuples, entry );
Collection<MicroOperation> perms = null;
+
for ( int ii = 0; ii < mods.length; ii++ )
{
switch ( mods[ii].getModificationOp() )
@@ -580,15 +559,18 @@
case ( DirContext.ADD_ATTRIBUTE ):
perms = ADD_PERMS;
break;
+
case ( DirContext.REMOVE_ATTRIBUTE ):
perms = REMOVE_PERMS;
break;
+
case ( DirContext.REPLACE_ATTRIBUTE ):
perms = REPLACE_PERMS;
break;
}
Attribute attr = mods[ii].getAttribute();
+
for ( int jj = 0; jj < attr.size(); jj++ )
{
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, attr
@@ -596,23 +578,33 @@
}
}
- next.modify( name, mods );
+
+
+ next.modify( opContext );
tupleCache.subentryModified( name, mods, entry );
groupCache.groupModified( name, mods, entry );
}
-
- public boolean hasEntry( NextInterceptor next, LdapDN name ) throws NamingException
+ public boolean hasEntry( NextInterceptor next, OperationContext entryContext ) throws NamingException
{
+ LdapDN name = entryContext.getDn();
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes entry = proxy.lookup( new LookupOperationContext( name ), PartitionNexusProxy.LOOKUP_BYPASS );
LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
LdapDN principalDn = principal.getJndiName();
- if ( isPrincipalAnAdministrator( principalDn ) || !enabled || name.toString().trim().equals( "" ) ) // no checks on the rootdse
+ if ( isPrincipalAnAdministrator( principalDn ) || !enabled || ( name.size() == 0 ) ) // no checks on the rootdse
{
- return next.hasEntry( name );
+ // No need to go down to the stack, if the dn is empty : it's the rootDSE, and it exists !
+ if ( name.size() == 0 )
+ {
+ return true;
+ }
+ else
+ {
+ return next.hasEntry( entryContext );
+ }
}
Set userGroups = groupCache.getGroups( principalDn.toNormName() );
@@ -625,7 +617,7 @@
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
BROWSE_PERMS, tuples, entry );
- return next.hasEntry( name );
+ return next.hasEntry( entryContext );
}
@@ -678,71 +670,59 @@
}
- public Attributes lookup( NextInterceptor next, LdapDN dn, String[] attrIds ) throws NamingException
+ public Attributes lookup( NextInterceptor next, OperationContext lookupContext ) throws NamingException
{
Invocation invocation = InvocationStack.getInstance().peek();
LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
- LdapDN principalDn = new LdapDN( principal.getName() );
- principalDn.normalize( attrRegistry.getNormalizerMapping() );
+ LdapDN principalDn = principal.getJndiName();
+
+ if ( !principalDn.isNormalized() )
+ {
+ principalDn.normalize( attrRegistry.getNormalizerMapping() );
+ }
if ( isPrincipalAnAdministrator( principalDn ) || !enabled )
{
- return next.lookup( dn, attrIds );
+ return next.lookup( lookupContext );
}
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( dn, PartitionNexusProxy.LOOKUP_BYPASS );
- checkLookupAccess( principal, dn, entry );
- return next.lookup( dn, attrIds );
+ Attributes entry = proxy.lookup( lookupContext, PartitionNexusProxy.LOOKUP_BYPASS );
+ checkLookupAccess( principal, ((LookupOperationContext)lookupContext).getDn(), entry );
+ return next.lookup( lookupContext );
}
-
- public Attributes lookup( NextInterceptor next, LdapDN name ) throws NamingException
+ public void rename( NextInterceptor next, OperationContext renameContext ) throws NamingException
{
- Invocation invocation = InvocationStack.getInstance().peek();
- PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
- LdapPrincipal user = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
- LdapDN principalDn = (LdapDN)user.getJndiName();
- principalDn.normalize( attrRegistry.getNormalizerMapping() );
+ LdapDN name = renameContext.getDn();
+ String newRdn = ((RenameOperationContext)renameContext).getNewRdn();
- if ( isPrincipalAnAdministrator( principalDn ) || !enabled )
- {
- return next.lookup( name );
- }
-
- checkLookupAccess( user, name, entry );
- return next.lookup( name );
- }
-
-
- public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
- {
// Access the principal requesting the operation, and bypass checks if it is the admin
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes entry = proxy.lookup( new LookupOperationContext( name ), PartitionNexusProxy.LOOKUP_BYPASS );
LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
LdapDN principalDn = principal.getJndiName();
LdapDN newName = ( LdapDN ) name.clone();
newName.remove( name.size() - 1 );
- newName.add( parseNormalized( newRn ).get( 0 ) );
+ newName.add( parseNormalized( newRdn ).get( 0 ) );
// bypass authz code if we are disabled
if ( !enabled )
{
- next.modifyRn( name, newRn, deleteOldRn );
+ next.rename( renameContext );
return;
}
// bypass authz code but manage caches if operation is performed by the admin
if ( isPrincipalAnAdministrator( principalDn ) )
{
- next.modifyRn( name, newRn, deleteOldRn );
+ next.rename( renameContext );
tupleCache.subentryRenamed( name, newName );
- if ( groupCache.groupRenamed( name, newName ) )
- {
- }
+
+ // TODO : this method returns a boolean : what should we do with the result ?
+ groupCache.groupRenamed( name, newName );
+
return;
}
@@ -755,46 +735,23 @@
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, null, null,
RENAME_PERMS, tuples, entry );
- // if ( deleteOldRn )
- // {
- // String oldRn = name.get( name.size() - 1 );
- // if ( NamespaceTools.hasCompositeComponents( oldRn ) )
- // {
- // String[] comps = NamespaceTools.getCompositeComponents( oldRn );
- // for ( int ii = 0; ii < comps.length; ii++ )
- // {
- // String id = NamespaceTools.getRdnAttribute( comps[ii] );
- // String value = NamespaceTools.getRdnValue( comps[ii] );
- // engine.checkPermission( next, userGroups, user.getJndiName(),
- // user.getAuthenticationLevel(), name, id,
- // value, Collections.singleton( MicroOperation.REMOVE ),
- // tuples, entry );
- // }
- // }
- // else
- // {
- // String id = NamespaceTools.getRdnAttribute( oldRn );
- // String value = NamespaceTools.getRdnValue( oldRn );
- // engine.checkPermission( next, userGroups, user.getJndiName(),
- // user.getAuthenticationLevel(), name, id,
- // value, Collections.singleton( MicroOperation.REMOVE ),
- // tuples, entry );
- // }
- // }
-
- next.modifyRn( name, newRn, deleteOldRn );
+ next.rename( renameContext );
tupleCache.subentryRenamed( name, newName );
groupCache.groupRenamed( name, newName );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor next, OperationContext moveAndRenameContext )
throws NamingException
{
+ LdapDN oriChildName = moveAndRenameContext.getDn();
+ LdapDN newParentName = ((MoveAndRenameOperationContext)moveAndRenameContext).getParent();
+ String newRn = ((MoveAndRenameOperationContext)moveAndRenameContext).getNewRdn();
+
// Access the principal requesting the operation, and bypass checks if it is the admin
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes entry = proxy.lookup( new LookupOperationContext( oriChildName ), PartitionNexusProxy.LOOKUP_BYPASS );
LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
LdapDN principalDn = principal.getJndiName();
LdapDN newName = ( LdapDN ) newParentName.clone();
@@ -803,14 +760,14 @@
// bypass authz code if we are disabled
if ( !enabled )
{
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
+ next.moveAndRename( moveAndRenameContext );
return;
}
// bypass authz code but manage caches if operation is performed by the admin
if ( isPrincipalAnAdministrator( principalDn ) )
{
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
+ next.moveAndRename( moveAndRenameContext );
tupleCache.subentryRenamed( oriChildName, newName );
groupCache.groupRenamed( oriChildName, newName );
return;
@@ -830,15 +787,18 @@
// will not be valid at the new location.
// This will certainly be fixed by the SubentryService,
// but after this service.
- Attributes importedEntry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
+ Attributes importedEntry = proxy.lookup( new LookupOperationContext( oriChildName ),
+ PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
+
// As the target entry does not exist yet and so
// its subentry operational attributes are not there,
// we need to construct an entry to represent it
// at least with minimal requirements which are object class
// and access control subentry operational attributes.
- SubentryService subentryService = ( SubentryService ) chain.get( "subentryService" );
+ SubentryService subentryService = ( SubentryService ) chain.get( SubentryService.NAME );
Attributes subentryAttrs = subentryService.getSubentryAttributes( newName, importedEntry );
NamingEnumeration attrList = importedEntry.getAll();
+
while ( attrList.hasMore() )
{
subentryAttrs.put( ( Attribute ) attrList.next() );
@@ -852,45 +812,22 @@
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), newName, null,
null, IMPORT_PERMS, destTuples, subentryAttrs );
- // if ( deleteOldRn )
- // {
- // String oldRn = oriChildName.get( oriChildName.size() - 1 );
- // if ( NamespaceTools.hasCompositeComponents( oldRn ) )
- // {
- // String[] comps = NamespaceTools.getCompositeComponents( oldRn );
- // for ( int ii = 0; ii < comps.length; ii++ )
- // {
- // String id = NamespaceTools.getRdnAttribute( comps[ii] );
- // String value = NamespaceTools.getRdnValue( comps[ii] );
- // engine.checkPermission( next, userGroups, user.getJndiName(),
- // user.getAuthenticationLevel(), oriChildName, id,
- // value, Collections.singleton( MicroOperation.REMOVE ),
- // tuples, entry );
- // }
- // }
- // else
- // {
- // String id = NamespaceTools.getRdnAttribute( oldRn );
- // String value = NamespaceTools.getRdnValue( oldRn );
- // engine.checkPermission( next, userGroups, user.getJndiName(),
- // user.getAuthenticationLevel(), oriChildName, id,
- // value, Collections.singleton( MicroOperation.REMOVE ),
- // tuples, entry );
- // }
- // }
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
+ next.moveAndRename( moveAndRenameContext );
tupleCache.subentryRenamed( oriChildName, newName );
groupCache.groupRenamed( oriChildName, newName );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor next, OperationContext moveContext ) throws NamingException
{
+ LdapDN oriChildName = moveContext.getDn();
+ LdapDN newParentName = ((MoveOperationContext)moveContext).getParent();
+
// Access the principal requesting the operation, and bypass checks if it is the admin
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes entry = proxy.lookup( new LookupOperationContext( oriChildName ), PartitionNexusProxy.LOOKUP_BYPASS );
LdapDN newName = ( LdapDN ) newParentName.clone();
newName.add( oriChildName.get( oriChildName.size() - 1 ) );
LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
@@ -899,14 +836,14 @@
// bypass authz code if we are disabled
if ( !enabled )
{
- next.move( oriChildName, newParentName );
+ next.move( moveContext );
return;
}
// bypass authz code but manage caches if operation is performed by the admin
if ( isPrincipalAnAdministrator( principalDn ) )
{
- next.move( oriChildName, newParentName );
+ next.move( moveContext );
tupleCache.subentryRenamed( oriChildName, newName );
groupCache.groupRenamed( oriChildName, newName );
return;
@@ -926,15 +863,17 @@
// will not be valid at the new location.
// This will certainly be fixed by the SubentryService,
// but after this service.
- Attributes importedEntry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
+ Attributes importedEntry = proxy.lookup( new LookupOperationContext( oriChildName ),
+ PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
// As the target entry does not exist yet and so
// its subentry operational attributes are not there,
// we need to construct an entry to represent it
// at least with minimal requirements which are object class
// and access control subentry operational attributes.
- SubentryService subentryService = ( SubentryService ) chain.get( "subentryService" );
+ SubentryService subentryService = ( SubentryService ) chain.get( SubentryService.NAME );
Attributes subentryAttrs = subentryService.getSubentryAttributes( newName, importedEntry );
NamingEnumeration attrList = importedEntry.getAll();
+
while ( attrList.hasMore() )
{
subentryAttrs.put( ( Attribute ) attrList.next() );
@@ -948,46 +887,47 @@
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), newName, null,
null, IMPORT_PERMS, destTuples, subentryAttrs );
- next.move( oriChildName, newParentName );
+ next.move( moveContext );
tupleCache.subentryRenamed( oriChildName, newName );
groupCache.groupRenamed( oriChildName, newName );
}
- public static final SearchControls DEFAULT_SEARCH_CONTROLS = new SearchControls();
-
-
- public NamingEnumeration list( NextInterceptor next, LdapDN base ) throws NamingException
+ public NamingEnumeration list( NextInterceptor next, OperationContext opContext ) throws NamingException
{
Invocation invocation = InvocationStack.getInstance().peek();
ServerLdapContext ctx = ( ServerLdapContext ) invocation.getCaller();
LdapPrincipal user = ctx.getPrincipal();
- NamingEnumeration e = next.list( base );
+ NamingEnumeration e = next.list( opContext );
+
if ( isPrincipalAnAdministrator( user.getJndiName() ) || !enabled )
{
return e;
}
+
AuthorizationFilter authzFilter = new AuthorizationFilter();
- return new SearchResultFilteringEnumeration( e, DEFAULT_SEARCH_CONTROLS, invocation, authzFilter );
+ return new SearchResultFilteringEnumeration( e, DEFAULT_SEARCH_CONTROLS, invocation, authzFilter, "List authorization Filter" );
}
- public NamingEnumeration search( NextInterceptor next, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor next, OperationContext opContext ) throws NamingException
{
Invocation invocation = InvocationStack.getInstance().peek();
ServerLdapContext ctx = ( ServerLdapContext ) invocation.getCaller();
LdapPrincipal user = ctx.getPrincipal();
LdapDN principalDn = user.getJndiName();
- NamingEnumeration e = next.search( base, env, filter, searchCtls );
+ NamingEnumeration<SearchResult> e = next.search( opContext );
- boolean isSubschemaSubentryLookup = subschemaSubentryDn.equals( base.toNormName() );
- boolean isRootDSELookup = base.size() == 0 && searchCtls.getSearchScope() == SearchControls.OBJECT_SCOPE;
+ boolean isSubschemaSubentryLookup = subschemaSubentryDn.equals( opContext.getDn().getNormName() );
+ SearchControls searchCtls = ((SearchOperationContext)opContext).getSearchControls();
+ boolean isRootDSELookup = opContext.getDn().size() == 0 && searchCtls.getSearchScope() == SearchControls.OBJECT_SCOPE;
+
if ( isPrincipalAnAdministrator( principalDn ) || !enabled || isRootDSELookup || isSubschemaSubentryLookup )
{
return e;
}
+
AuthorizationFilter authzFilter = new AuthorizationFilter();
- return new SearchResultFilteringEnumeration( e, searchCtls, invocation, authzFilter );
+ return new SearchResultFilteringEnumeration( e, searchCtls, invocation, authzFilter, "Search authorization Filter" );
}
@@ -997,18 +937,26 @@
}
- public boolean compare( NextInterceptor next, LdapDN name, String oid, Object value ) throws NamingException
+ public boolean compare( NextInterceptor next, OperationContext opContext ) throws NamingException
{
+ CompareOperationContext ctx = (CompareOperationContext)opContext;
+ LdapDN name = ctx.getDn();
+ String oid = ctx.getOid();
+ Object value = ctx.getValue();
+
// Access the principal requesting the operation, and bypass checks if it is the admin
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes entry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes entry = proxy.lookup(
+ new LookupOperationContext( name ),
+ PartitionNexusProxy.LOOKUP_BYPASS );
+
LdapPrincipal principal = ( ( ServerContext ) invocation.getCaller() ).getPrincipal();
LdapDN principalDn = principal.getJndiName();
if ( isPrincipalAnAdministrator( principalDn ) || !enabled )
{
- return next.compare( name, oid, value );
+ return next.compare( opContext );
}
Set userGroups = groupCache.getGroups( principalDn.toNormName() );
@@ -1022,11 +970,11 @@
engine.checkPermission( proxy, userGroups, principalDn, principal.getAuthenticationLevel(), name, oid, value,
COMPARE_PERMS, tuples, entry );
- return next.compare( name, oid, value );
+ return next.compare( opContext );
}
- public LdapDN getMatchedName ( NextInterceptor next, LdapDN dn ) throws NamingException
+ public LdapDN getMatchedName ( NextInterceptor next, OperationContext opContext ) throws NamingException
{
// Access the principal requesting the operation, and bypass checks if it is the admin
Invocation invocation = InvocationStack.getInstance().peek();
@@ -1036,19 +984,19 @@
if ( isPrincipalAnAdministrator( principalDn ) || !enabled )
{
- return next.getMatchedName( dn );
+ return next.getMatchedName( opContext );
}
// get the present matched name
Attributes entry;
- LdapDN matched = next.getMatchedName( dn );
+ LdapDN matched = next.getMatchedName( opContext );
// check if we have disclose on error permission for the entry at the matched dn
// if not remove rdn and check that until nothing is left in the name and return
// that but if permission is granted then short the process and return the dn
while ( matched.size() > 0 )
{
- entry = proxy.lookup( matched, PartitionNexusProxy.GETMATCHEDDN_BYPASS );
+ entry = proxy.lookup( new LookupOperationContext( matched ), PartitionNexusProxy.GETMATCHEDDN_BYPASS );
Set userGroups = groupCache.getGroups( principalDn.toString() );
Collection<ACITuple> tuples = new HashSet<ACITuple>();
addPerscriptiveAciTuples( proxy, tuples, matched, entry );
@@ -1068,9 +1016,9 @@
}
- public void cacheNewGroup( String upName, LdapDN normName, Attributes entry ) throws NamingException
+ public void cacheNewGroup( LdapDN name, Attributes entry ) throws NamingException
{
- this.groupCache.groupAdded( upName, normName, entry );
+ groupCache.groupAdded( name, entry );
}
@@ -1081,7 +1029,7 @@
* tests. If we hasPermission() returns false we immediately short the
* process and return false.
*/
- Attributes entry = invocation.getProxy().lookup( normName, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes entry = invocation.getProxy().lookup( new LookupOperationContext( normName ), PartitionNexusProxy.LOOKUP_BYPASS );
ServerLdapContext ctx = ( ServerLdapContext ) invocation.getCaller();
LdapDN userDn = ctx.getPrincipal().getJndiName();
Set userGroups = groupCache.getGroups( userDn.toNormName() );
@@ -1104,11 +1052,13 @@
* values remaining then the entire attribute is removed.
*/
NamingEnumeration idList = result.getAttributes().getIDs();
+
while ( idList.hasMore() )
{
// if attribute type scope access is not allowed then remove the attribute and continue
String id = ( String ) idList.next();
Attribute attr = result.getAttributes().get( id );
+
if ( !engine.hasPermission( invocation.getProxy(), userGroups, userDn, ctx.getPrincipal()
.getAuthenticationLevel(), normName, attr.getID(), null, SEARCH_ATTRVAL_PERMS, tuples, entry ) )
{
diff --git a/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java b/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java
index 90f106d..bf43caa 100644
--- a/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java
+++ b/core/src/main/java/org/apache/directory/server/core/authz/DefaultAuthorizationService.java
@@ -41,15 +41,24 @@
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.Interceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.ServerContext;
import org.apache.directory.server.core.partition.PartitionNexus;
+import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
+import org.apache.directory.shared.ldap.constants.ServerDNConstants;
import org.apache.directory.shared.ldap.exception.LdapNoPermissionException;
-import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.shared.ldap.message.ServerSearchResult;
import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.schema.OidNormalizer;
+import org.apache.directory.shared.ldap.util.AttributeUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
@@ -63,23 +72,26 @@
*/
public class DefaultAuthorizationService extends BaseInterceptor
{
+ /** the logger for this class */
+ private static final Logger log = LoggerFactory.getLogger( DefaultAuthorizationService.class );
+
+ /** The service name */
+ public static final String NAME = "defaultAuthorizationService";
+
/**
* the base distinguished {@link Name} for all users
*/
private static LdapDN USER_BASE_DN;
- private static LdapDN USER_BASE_DN_NORMALIZED;
/**
* the base distinguished {@link Name} for all groups
*/
private static LdapDN GROUP_BASE_DN;
- private static LdapDN GROUP_BASE_DN_NORMALIZED;
/**
* the distinguished {@link Name} for the administrator group
*/
private static LdapDN ADMIN_GROUP_DN;
- private static LdapDN ADMIN_GROUP_DN_NORMALIZED;
/**
* the name parser used by this service
@@ -92,6 +104,13 @@
private Map<String, OidNormalizer> normalizerMapping;
private PartitionNexus nexus;
+
+ /** attribute type registry */
+ private AttributeTypeRegistry attrRegistry;
+
+ /** A starage for the uniqueMember attributeType */
+ private AttributeType uniqueMemberAT;
+
/**
* Creates a new instance.
@@ -110,14 +129,18 @@
enabled = !factoryCfg.getStartupConfiguration().isAccessControlEnabled();
USER_BASE_DN = PartitionNexus.getUsersBaseName();
- USER_BASE_DN_NORMALIZED = LdapDN.normalize( USER_BASE_DN, normalizerMapping );
+ USER_BASE_DN.normalize( normalizerMapping );
GROUP_BASE_DN = PartitionNexus.getGroupsBaseName();
- GROUP_BASE_DN_NORMALIZED = LdapDN.normalize( GROUP_BASE_DN, normalizerMapping );
+ GROUP_BASE_DN.normalize( normalizerMapping );
- ADMIN_GROUP_DN = new LdapDN( "cn=Administrators,ou=groups,ou=system" );
- ADMIN_GROUP_DN_NORMALIZED = ( LdapDN ) ADMIN_GROUP_DN.clone();
- ADMIN_GROUP_DN_NORMALIZED.normalize( normalizerMapping );
+ ADMIN_GROUP_DN = new LdapDN( ServerDNConstants.ADMINISTRATORS_GROUP_DN );
+ ADMIN_GROUP_DN.normalize( normalizerMapping );
+
+ attrRegistry = factoryCfg.getRegistries().getAttributeTypeRegistry();
+
+ uniqueMemberAT = attrRegistry.lookup( SchemaConstants.UNIQUE_MEMBER_AT_OID );
+
loadAdministrators();
}
@@ -126,20 +149,22 @@
{
// read in the administrators and cache their normalized names
Set<String> newAdministrators = new HashSet<String>( 2 );
- Attributes adminGroup = nexus.lookup( ADMIN_GROUP_DN_NORMALIZED );
+ Attributes adminGroup = nexus.lookup( new LookupOperationContext( ADMIN_GROUP_DN ) );
if ( adminGroup == null )
{
return;
}
- Attribute uniqueMember = adminGroup.get( "uniqueMember" );
+ Attribute uniqueMember = AttributeUtils.getAttribute( adminGroup, uniqueMemberAT );
+
for ( int ii = 0; ii < uniqueMember.size(); ii++ )
{
LdapDN memberDn = new LdapDN( ( String ) uniqueMember.get( ii ) );
memberDn.normalize( normalizerMapping );
- newAdministrators.add( memberDn.toNormName() );
+ newAdministrators.add( memberDn.getNormName() );
}
+
administrators = newAdministrators;
}
@@ -148,86 +173,86 @@
// Lookup, search and list operations need to be handled using a filter
// and so we need access to the filter service.
- public void delete( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
+ LdapDN name = opContext.getDn();
+
if ( !enabled )
{
- nextInterceptor.delete( name );
+ nextInterceptor.delete( opContext );
return;
}
LdapDN principalDn = getPrincipal().getJndiName();
- if ( name.toString().equals( "" ) )
+ if ( name.isEmpty() )
{
String msg = "The rootDSE cannot be deleted!";
+ log.error( msg );
throw new LdapNoPermissionException( msg );
}
- if ( name.toNormName().equals( ADMIN_GROUP_DN_NORMALIZED.toNormName() ) )
+ if ( name.getNormName().equals( ADMIN_GROUP_DN.getNormName() ) )
{
String msg = "The Administrators group cannot be deleted!";
+ log.error( msg );
throw new LdapNoPermissionException( msg );
}
if ( isTheAdministrator( name ) )
{
- String msg = "User " + principalDn;
+ String msg = "User " + principalDn.getUpName();
msg += " does not have permission to delete the admin account.";
msg += " No one not even the admin can delete this account!";
+ log.error( msg );
throw new LdapNoPermissionException( msg );
}
- if ( name.size() > 2 && name.startsWith( USER_BASE_DN ) && !isAnAdministrator( principalDn ) )
+ if ( name.size() > 2 )
{
- String msg = "User " + principalDn;
- msg += " does not have permission to delete the user account: ";
- msg += name + ". Only the admin can delete user accounts.";
- throw new LdapNoPermissionException( msg );
+ if ( !isAnAdministrator( principalDn ) )
+ {
+ if ( name.startsWith( USER_BASE_DN ) )
+ {
+ String msg = "User " + principalDn.getUpName();
+ msg += " does not have permission to delete the user account: ";
+ msg += name.getUpName() + ". Only the admin can delete user accounts.";
+ log.error( msg );
+ throw new LdapNoPermissionException( msg );
+ }
+
+ if ( name.startsWith( GROUP_BASE_DN ) )
+ {
+ String msg = "User " + principalDn.getUpName();
+ msg += " does not have permission to delete the group entry: ";
+ msg += name.getUpName() + ". Only the admin can delete groups.";
+ log.error( msg );
+ throw new LdapNoPermissionException( msg );
+ }
+ }
}
- if ( name.size() > 2 && name.startsWith( GROUP_BASE_DN ) && !isAnAdministrator( principalDn ) )
- {
- String msg = "User " + principalDn;
- msg += " does not have permission to delete the group entry: ";
- msg += name + ". Only the admin can delete groups.";
- throw new LdapNoPermissionException( msg );
- }
-
- nextInterceptor.delete( name );
+ nextInterceptor.delete( opContext );
}
private final boolean isTheAdministrator( LdapDN normalizedDn )
{
- return normalizedDn.toNormName() == PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ||
- normalizedDn.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
+ return normalizedDn.getNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED );
}
- private final boolean isAnAdministrator( LdapDN normalizedDn ) throws NamingException
+ private final boolean isAnAdministrator( LdapDN normalizedDn )
{
if ( isTheAdministrator( normalizedDn ) )
{
return true;
}
- return administrators.contains( normalizedDn.toNormName() );
+ return administrators.contains( normalizedDn.getNormName() );
}
- /**
- * Note that we do nothing here. First because this is not an externally
- * exposed function via the JNDI interfaces. It is used internally by
- * the provider for optimization purposes so there is no reason for us to
- * start to constrain it.
- */
- public boolean hasEntry( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
- {
- return super.hasEntry( nextInterceptor, name );
- }
-
-
// ------------------------------------------------------------------------
// Entry Modification Operations
// ------------------------------------------------------------------------
@@ -238,48 +263,26 @@
* users to self access these resources. As far as we're concerned no one but
* the admin needs access.
*/
- public void modify( NextInterceptor nextInterceptor, LdapDN name, int modOp, Attributes attrs )
+ public void modify( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
if ( enabled )
{
- protectModifyAlterations( name );
- nextInterceptor.modify( name, modOp, attrs );
+ LdapDN dn = opContext.getDn();
+
+ protectModifyAlterations( dn );
+ nextInterceptor.modify( opContext );
// update administrators if we change administrators group
- if ( name.toNormName().equals( ADMIN_GROUP_DN_NORMALIZED.toNormName() ) )
+ if ( dn.getNormName().equals( ADMIN_GROUP_DN.getNormName() ) )
{
loadAdministrators();
}
- return;
}
-
- nextInterceptor.modify( name, modOp, attrs );
- }
-
-
- /**
- * This policy needs to be really tight too because some attributes may take part
- * in giving the user permissions to protected resources. We do not want users to
- * self access these resources. As far as we're concerned no one but the admin
- * needs access.
- */
- public void modify( NextInterceptor nextInterceptor, LdapDN name, ModificationItemImpl[] items ) throws NamingException
- {
- if ( enabled )
+ else
{
- protectModifyAlterations( name );
- nextInterceptor.modify( name, items );
-
- // update administrators if we change administrators group
- if ( name.toNormName().equals( ADMIN_GROUP_DN_NORMALIZED.toNormName() ) )
- {
- loadAdministrators();
- }
- return;
+ nextInterceptor.modify( opContext );
}
-
- nextInterceptor.modify( name, items );
}
@@ -287,44 +290,51 @@
{
LdapDN principalDn = getPrincipal().getJndiName();
- if ( dn.size() == 0 )
+ if ( dn.isEmpty() )
{
String msg = "The rootDSE cannot be modified!";
+ log.error( msg );
throw new LdapNoPermissionException( msg );
}
if ( ! isAnAdministrator( principalDn ) )
{
// allow self modifications
- if ( dn.toNormName().equals( getPrincipal().getJndiName().toNormName() ) )
+ if ( dn.getNormName().equals( getPrincipal().getJndiName().getNormName() ) )
{
return;
}
- if ( dn.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) )
+ if ( dn.getNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) )
{
- String msg = "User " + principalDn;
+ String msg = "User " + principalDn.getUpName();
msg += " does not have permission to modify the account of the";
msg += " admin user.";
+ log.error( msg );
throw new LdapNoPermissionException( msg );
}
- if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN_NORMALIZED ) )
- {
- String msg = "User " + principalDn;
- msg += " does not have permission to modify the account of the";
- msg += " user " + dn + ".\nEven the owner of an account cannot";
- msg += " modify it.\nUser accounts can only be modified by the";
- msg += " administrator.";
- throw new LdapNoPermissionException( msg );
- }
-
- if ( dn.size() > 2 && dn.startsWith( GROUP_BASE_DN_NORMALIZED ) )
- {
- String msg = "User " + principalDn;
- msg += " does not have permission to modify the group entry ";
- msg += dn.getUpName() + ".\nGroups can only be modified by the admin.";
- throw new LdapNoPermissionException( msg );
+ if ( dn.size() > 2 )
+ {
+ if ( dn.startsWith( USER_BASE_DN ) )
+ {
+ String msg = "User " + principalDn.getUpName();
+ msg += " does not have permission to modify the account of the";
+ msg += " user " + dn.getUpName() + ".\nEven the owner of an account cannot";
+ msg += " modify it.\nUser accounts can only be modified by the";
+ msg += " administrator.";
+ log.error( msg );
+ throw new LdapNoPermissionException( msg );
+ }
+
+ if ( dn.startsWith( GROUP_BASE_DN ) )
+ {
+ String msg = "User " + principalDn.getUpName();
+ msg += " does not have permission to modify the group entry ";
+ msg += dn.getUpName() + ".\nGroups can only be modified by the admin.";
+ log.error( msg );
+ throw new LdapNoPermissionException( msg );
+ }
}
}
}
@@ -339,35 +349,37 @@
// o The administrator entry cannot be moved or renamed by anyone
// ------------------------------------------------------------------------
- public void modifyRn( NextInterceptor nextInterceptor, LdapDN name, String newRn, boolean deleteOldRn )
+ public void rename( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
if ( enabled )
{
- protectDnAlterations( name );
+ protectDnAlterations( opContext.getDn() );
}
- nextInterceptor.modifyRn( name, newRn, deleteOldRn );
+
+ nextInterceptor.rename( opContext );
}
- public void move( NextInterceptor nextInterceptor, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
if ( enabled )
{
- protectDnAlterations( oriChildName );
+ protectDnAlterations( opContext.getDn() );
}
- nextInterceptor.move( oriChildName, newParentName );
+
+ nextInterceptor.move( opContext );
}
- public void move( NextInterceptor nextInterceptor, LdapDN oriChildName, LdapDN newParentName, String newRn,
- boolean deleteOldRn ) throws NamingException
+ public void moveAndRename( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
if ( enabled )
{
- protectDnAlterations( oriChildName );
+ protectDnAlterations( opContext.getDn() );
}
- nextInterceptor.move( oriChildName, newParentName, newRn, deleteOldRn );
+
+ nextInterceptor.moveAndRename( opContext );
}
@@ -375,15 +387,18 @@
{
LdapDN principalDn = getPrincipal().getJndiName();
- if ( dn.toString().equals( "" ) )
+ if ( dn.isEmpty() )
{
String msg = "The rootDSE cannot be moved or renamed!";
+ log.error( msg );
throw new LdapNoPermissionException( msg );
}
- if ( dn.toNormName().equals( ADMIN_GROUP_DN_NORMALIZED.toNormName() ) )
+ if ( dn.getNormName().equals( ADMIN_GROUP_DN.getNormName() ) )
{
- throw new LdapNoPermissionException( "The Administrators group cannot be moved or renamed!" );
+ String msg = "The Administrators group cannot be moved or renamed!";
+ log.error( msg );
+ throw new LdapNoPermissionException( msg );
}
if ( isTheAdministrator( dn ) )
@@ -391,51 +406,41 @@
String msg = "User '" + principalDn.getUpName();
msg += "' does not have permission to move or rename the admin";
msg += " account. No one not even the admin can move or";
- msg += " rename " + dn + "!";
+ msg += " rename " + dn.getUpName() + "!";
+ log.error( msg );
throw new LdapNoPermissionException( msg );
}
- if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN_NORMALIZED ) && !isAnAdministrator( principalDn ) )
+ if ( dn.size() > 2 && dn.startsWith( USER_BASE_DN ) && !isAnAdministrator( principalDn ) )
{
- String msg = "User '" + principalDn;
+ String msg = "User '" + principalDn.getUpName();
msg += "' does not have permission to move or rename the user";
- msg += " account: " + dn + ". Only the admin can move or";
+ msg += " account: " + dn.getUpName() + ". Only the admin can move or";
msg += " rename user accounts.";
+ log.error( msg );
throw new LdapNoPermissionException( msg );
}
- if ( dn.size() > 2 && dn.startsWith( GROUP_BASE_DN_NORMALIZED ) && !isAnAdministrator( principalDn ) )
+ if ( dn.size() > 2 && dn.startsWith( GROUP_BASE_DN ) && !isAnAdministrator( principalDn ) )
{
- String msg = "User " + principalDn;
+ String msg = "User " + principalDn.getUpName();
msg += " does not have permission to move or rename the group entry ";
- msg += dn + ".\nGroups can only be moved or renamed by the admin.";
+ msg += dn.getUpName() + ".\nGroups can only be moved or renamed by the admin.";
throw new LdapNoPermissionException( msg );
}
}
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public Attributes lookup( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- Attributes attributes = nextInterceptor.lookup( name );
- if ( !enabled || attributes == null )
+ Attributes attributes = nextInterceptor.lookup( opContext );
+
+ if ( !enabled || ( attributes == null ) )
{
return attributes;
}
- protectLookUp( name );
- return attributes;
- }
-
-
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name, String[] attrIds ) throws NamingException
- {
- Attributes attributes = nextInterceptor.lookup( name, attrIds );
- if ( !enabled || attributes == null )
- {
- return attributes;
- }
-
- protectLookUp( name );
+ protectLookUp( ((LookupOperationContext)opContext).getDn() );
return attributes;
}
@@ -444,34 +449,40 @@
{
LdapContext ctx = ( LdapContext ) InvocationStack.getInstance().peek().getCaller();
LdapDN principalDn = ( ( ServerContext ) ctx ).getPrincipal().getJndiName();
+
if ( !isAnAdministrator( principalDn ) )
{
- if ( normalizedDn.size() > 2 && normalizedDn.startsWith( USER_BASE_DN_NORMALIZED ) )
+ if ( normalizedDn.size() > 2 )
{
- // allow for self reads
- if ( normalizedDn.getNormName().equals( principalDn.getNormName() ) )
+ if( normalizedDn.startsWith( USER_BASE_DN ) )
{
- return;
+ // allow for self reads
+ if ( normalizedDn.getNormName().equals( principalDn.getNormName() ) )
+ {
+ return;
+ }
+
+ String msg = "Access to user account '" + normalizedDn.getUpName() + "' not permitted";
+ msg += " for user '" + principalDn.getUpName() + "'. Only the admin can";
+ msg += " access user account information";
+ log.error( msg );
+ throw new LdapNoPermissionException( msg );
}
- String msg = "Access to user account '" + normalizedDn + "' not permitted";
- msg += " for user '" + principalDn + "'. Only the admin can";
- msg += " access user account information";
- throw new LdapNoPermissionException( msg );
- }
-
- if ( normalizedDn.size() > 2 && normalizedDn.startsWith( GROUP_BASE_DN_NORMALIZED ) )
- {
- // allow for self reads
- if ( normalizedDn.getNormName().equals( principalDn.getNormName() ) )
+ if ( normalizedDn.startsWith( GROUP_BASE_DN ) )
{
- return;
+ // allow for self reads
+ if ( normalizedDn.getNormName().equals( principalDn.getNormName() ) )
+ {
+ return;
+ }
+
+ String msg = "Access to group '" + normalizedDn.getUpName() + "' not permitted";
+ msg += " for user '" + principalDn.getUpName() + "'. Only the admin can";
+ msg += " access group information";
+ log.error( msg );
+ throw new LdapNoPermissionException( msg );
}
-
- String msg = "Access to group '" + normalizedDn + "' not permitted";
- msg += " for user '" + principalDn + "'. Only the admin can";
- msg += " access group information";
- throw new LdapNoPermissionException( msg );
}
if ( isTheAdministrator( normalizedDn ) )
@@ -483,48 +494,48 @@
}
String msg = "Access to admin account not permitted for user '";
- msg += principalDn + "'. Only the admin can";
+ msg += principalDn.getUpName() + "'. Only the admin can";
msg += " access admin account information";
+ log.error( msg );
throw new LdapNoPermissionException( msg );
}
}
}
- public NamingEnumeration search( NextInterceptor nextInterceptor, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- NamingEnumeration e = nextInterceptor.search( base, env, filter, searchCtls );
+ NamingEnumeration<SearchResult> e = nextInterceptor.search( opContext );
+
if ( !enabled )
{
return e;
}
- //if ( searchCtls.getReturningAttributes() != null )
- //{
- // return null;
- //}
Invocation invocation = InvocationStack.getInstance().peek();
- return new SearchResultFilteringEnumeration( e, searchCtls, invocation, new SearchResultFilter()
+ return new SearchResultFilteringEnumeration( e, ((SearchOperationContext)opContext).getSearchControls(), invocation,
+ new SearchResultFilter()
{
public boolean accept( Invocation invocation, SearchResult result, SearchControls controls )
throws NamingException
{
return DefaultAuthorizationService.this.isSearchable( invocation, result );
}
- } );
+ }, "Search Default Authorization filter" );
}
- public NamingEnumeration list( NextInterceptor nextInterceptor, LdapDN base ) throws NamingException
+ public NamingEnumeration list( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- NamingEnumeration e = nextInterceptor.list( base );
+ NamingEnumeration e = nextInterceptor.list( opContext );
+
if ( !enabled )
{
return e;
}
Invocation invocation = InvocationStack.getInstance().peek();
+
return new SearchResultFilteringEnumeration( e, null, invocation, new SearchResultFilter()
{
public boolean accept( Invocation invocation, SearchResult result, SearchControls controls )
@@ -532,16 +543,19 @@
{
return DefaultAuthorizationService.this.isSearchable( invocation, result );
}
- } );
+ }, "List Default Authorization filter" );
}
private boolean isSearchable( Invocation invocation, SearchResult result ) throws NamingException
{
LdapDN principalDn = ( ( ServerContext ) invocation.getCaller() ).getPrincipal().getJndiName();
- LdapDN dn;
- dn = new LdapDN( result.getName() );
- dn.normalize( normalizerMapping );
+ LdapDN dn = ((ServerSearchResult)result).getDn();
+
+ if ( !dn.isNormalized() )
+ {
+ dn.normalize( normalizerMapping );
+ }
// Admin users gets full access to all entries
if ( isAnAdministrator( principalDn ) )
@@ -550,7 +564,8 @@
}
// Users reading their own entries should be allowed to see all
- boolean isSelfRead = dn.toNormName().equals( principalDn.toNormName() );
+ boolean isSelfRead = dn.getNormName().equals( principalDn.getNormName() );
+
if ( isSelfRead )
{
return true;
@@ -562,8 +577,8 @@
// stuff this if in here instead of up in outer if to prevent
// constant needless reexecution for all entries in other depths
- if ( dn.toNormName().endsWith( USER_BASE_DN_NORMALIZED.toNormName() )
- || dn.toNormName().endsWith( GROUP_BASE_DN_NORMALIZED.toNormName() ) )
+ if ( dn.getNormName().endsWith( USER_BASE_DN.getNormName() )
+ || dn.getNormName().endsWith( GROUP_BASE_DN.getNormName() ) )
{
return false;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java b/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java
index d22788e..8b71d98 100644
--- a/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java
+++ b/core/src/main/java/org/apache/directory/server/core/authz/GroupCache.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.authz;
-import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
@@ -29,23 +28,28 @@
import java.util.Set;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
+import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
+import org.apache.directory.shared.ldap.constants.ServerDNConstants;
import org.apache.directory.shared.ldap.filter.AssertionEnum;
import org.apache.directory.shared.ldap.filter.BranchNode;
import org.apache.directory.shared.ldap.filter.SimpleNode;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.schema.OidNormalizer;
import org.apache.directory.shared.ldap.util.AttributeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import javax.naming.Name;
import javax.naming.NamingException;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
+import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
@@ -58,16 +62,6 @@
*/
public class GroupCache
{
- /** the attribute id for an object class: objectClass */
- private static final String OC_ATTR = "objectClass";
- /** the member attribute for a groupOfNames: member */
- private static final String MEMBER_ATTR = "member";
- /** the member attribute for a groupOfUniqueNames: uniqueMember */
- private static final String UNIQUEMEMBER_ATTR = "uniqueMember";
- /** the groupOfNames objectClass: groupOfNames */
- private static final String GROUPOFNAMES_OC = "groupOfNames";
- /** the groupOfUniqueNames objectClass: groupOfUniqueNames */
- private static final String GROUPOFUNIQUENAMES_OC = "groupOfUniqueNames";
/** the logger for this class */
private static final Logger log = LoggerFactory.getLogger( GroupCache.class );
@@ -76,18 +70,31 @@
/** String key for the DN of a group to a Set (HashSet) for the Strings of member DNs */
private final Map<String, Set<String>> groups = new HashMap<String, Set<String>>();
+
/** a handle on the partition nexus */
private final PartitionNexus nexus;
+
/** the env to use for searching */
private final Hashtable env;
+ /** Stores a reference to the AttributeType registry */
+ private AttributeTypeRegistry attributeTypeRegistry;
+
+ /** A storage for the member attributeType */
+ private AttributeType memberAT;
+
+ /** A storage for the uniqueMember attributeType */
+ private AttributeType uniqueMemberAT;
+
/**
* The OIDs normalizer map
*/
private Map<String, OidNormalizer> normalizerMap;
/** the normalized dn of the administrators group */
- LdapDN administratorsGroupDn;
+ private LdapDN administratorsGroupDn;
+
+ private static final Set<LdapDN> EMPTY_GROUPS = new HashSet<LdapDN>();
/**
* Creates a static group cache.
@@ -97,12 +104,15 @@
public GroupCache( DirectoryServiceConfiguration factoryCfg ) throws NamingException
{
normalizerMap = factoryCfg.getRegistries().getAttributeTypeRegistry().getNormalizerMapping();
- this.nexus = factoryCfg.getPartitionNexus();
- this.env = ( Hashtable ) factoryCfg.getEnvironment().clone();
+ nexus = factoryCfg.getPartitionNexus();
+ env = ( Hashtable ) factoryCfg.getEnvironment().clone();
+ attributeTypeRegistry = factoryCfg.getRegistries().getAttributeTypeRegistry();
+ memberAT = attributeTypeRegistry.lookup( SchemaConstants.MEMBER_AT_OID );
+ uniqueMemberAT = attributeTypeRegistry.lookup( SchemaConstants.UNIQUE_MEMBER_AT_OID );
+
// stuff for dealing with the admin group
- administratorsGroupDn = new LdapDN( "cn=Administrators,ou=groups,ou=system" );
- administratorsGroupDn.normalize( normalizerMap );
+ administratorsGroupDn = parseNormalized( ServerDNConstants.ADMINISTRATORS_GROUP_DN );
initialize();
}
@@ -122,42 +132,44 @@
// normalized sets of members to cache within the map
BranchNode filter = new BranchNode( AssertionEnum.OR );
- filter.addNode( new SimpleNode( OC_ATTR, GROUPOFNAMES_OC, AssertionEnum.EQUALITY ) );
- filter.addNode( new SimpleNode( OC_ATTR, GROUPOFUNIQUENAMES_OC, AssertionEnum.EQUALITY ) );
+ filter.addNode( new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.GROUP_OF_NAMES_OC, AssertionEnum.EQUALITY ) );
+ filter.addNode( new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC, AssertionEnum.EQUALITY ) );
- Iterator suffixes = nexus.listSuffixes();
+ Iterator suffixes = nexus.listSuffixes( null );
+
while ( suffixes.hasNext() )
{
String suffix = ( String ) suffixes.next();
LdapDN baseDn = new LdapDN( suffix );
SearchControls ctls = new SearchControls();
ctls.setSearchScope( SearchControls.SUBTREE_SCOPE );
- NamingEnumeration results = nexus.search( baseDn, env, filter, ctls );
+ NamingEnumeration<SearchResult> results =
+ nexus.search( new SearchOperationContext( baseDn, env, filter, ctls ) );
while ( results.hasMore() )
{
SearchResult result = ( SearchResult ) results.next();
- String groupDn = result.getName();
- groupDn = parseNormalized( groupDn ).toString();
+ LdapDN groupDn = parseNormalized( result.getName() );
Attribute members = getMemberAttribute( result.getAttributes() );
if ( members != null )
{
Set<String> memberSet = new HashSet<String>( members.size() );
addMembers( memberSet, members );
- groups.put( groupDn, memberSet );
+ groups.put( groupDn.getNormName(), memberSet );
}
else
{
- log.warn( "Found group '" + groupDn + "' without any member or uniqueMember attributes" );
+ log.warn( "Found group '{}' without any member or uniqueMember attributes", groupDn.getUpName() );
}
}
+
results.close();
}
if ( IS_DEBUG )
{
- log.debug( "group cache contents on startup:\n" + groups );
+ log.debug( "group cache contents on startup:\n {}", groups );
}
}
@@ -171,31 +183,37 @@
*/
private Attribute getMemberAttribute( Attributes entry )
{
- Attribute oc = entry.get( OC_ATTR );
+ Attribute oc = entry.get( SchemaConstants.OBJECT_CLASS_AT );
if ( oc == null )
{
- if ( entry.get( MEMBER_ATTR ) != null )
+ Attribute member = AttributeUtils.getAttribute( entry, memberAT );
+
+ if ( member != null )
{
- return entry.get( MEMBER_ATTR );
+ return member;
}
- if ( entry.get( UNIQUEMEMBER_ATTR ) != null )
+ Attribute uniqueMember = AttributeUtils.getAttribute(entry, uniqueMemberAT );
+
+ if ( uniqueMember != null )
{
- return entry.get( UNIQUEMEMBER_ATTR );
+ return uniqueMember;
}
return null;
}
- if ( AttributeUtils.containsValueCaseIgnore( oc, GROUPOFNAMES_OC ) )
+ if ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_NAMES_OC ) ||
+ AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_NAMES_OC_OID ) )
{
- return entry.get( MEMBER_ATTR );
+ return AttributeUtils.getAttribute( entry, memberAT );
}
- if ( AttributeUtils.containsValueCaseIgnore( oc, GROUPOFUNIQUENAMES_OC ) )
+ if ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC ) ||
+ AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC_OID ))
{
- return entry.get( UNIQUEMEMBER_ATTR );
+ return AttributeUtils.getAttribute(entry, uniqueMemberAT );
}
return null;
@@ -267,7 +285,7 @@
* @param entry the group entry's attributes
* @throws NamingException if there are problems accessing the attr values
*/
- public void groupAdded( String upName, Name normName, Attributes entry ) throws NamingException
+ public void groupAdded( LdapDN name, Attributes entry ) throws NamingException
{
Attribute members = getMemberAttribute( entry );
@@ -278,11 +296,11 @@
Set<String> memberSet = new HashSet<String>( members.size() );
addMembers( memberSet, members );
- groups.put( normName.toString(), memberSet );
+ groups.put( name.getNormName(), memberSet );
if ( IS_DEBUG )
{
- log.debug( "group cache contents after adding " + normName.toString() + ":\n" + groups );
+ log.debug( "group cache contents after adding '{}' :\n {}", name.getUpName(), groups );
}
}
@@ -294,7 +312,7 @@
* @param name the normalized DN of the group entry
* @param entry the attributes of entry being deleted
*/
- public void groupDeleted( Name name, Attributes entry )
+ public void groupDeleted( LdapDN name, Attributes entry )
{
Attribute members = getMemberAttribute( entry );
@@ -303,11 +321,11 @@
return;
}
- groups.remove( name.toString() );
+ groups.remove( name.getNormName() );
if ( IS_DEBUG )
{
- log.debug( "group cache contents after deleting " + name.toString() + ":\n" + groups );
+ log.debug( "group cache contents after deleting '{}' :\n {}", name.getUpName(), groups );
}
}
@@ -329,16 +347,20 @@
case ( DirContext.ADD_ATTRIBUTE ):
addMembers( memberSet, members );
break;
+
case ( DirContext.REPLACE_ATTRIBUTE ):
if ( members.size() > 0 )
{
memberSet.clear();
addMembers( memberSet, members );
}
+
break;
+
case ( DirContext.REMOVE_ATTRIBUTE ):
removeMembers( memberSet, members );
break;
+
default:
throw new InternalError( "Undefined modify operation value of " + modOp );
}
@@ -354,22 +376,24 @@
* @param entry the group entry being modified
* @throws NamingException if there are problems accessing attribute values
*/
- public void groupModified( Name name, ModificationItemImpl[] mods, Attributes entry ) throws NamingException
+ public void groupModified( LdapDN name, ModificationItemImpl[] mods, Attributes entry ) throws NamingException
{
Attribute members = null;
String memberAttrId = null;
- Attribute oc = entry.get( OC_ATTR );
+ Attribute oc = entry.get( SchemaConstants.OBJECT_CLASS_AT );
- if ( AttributeUtils.containsValueCaseIgnore( oc, GROUPOFNAMES_OC ) )
+ if ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_NAMES_OC ) ||
+ AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_NAMES_OC_OID ))
{
- members = entry.get( MEMBER_ATTR );
- memberAttrId = MEMBER_ATTR;
+ members = AttributeUtils.getAttribute( entry, memberAT );
+ memberAttrId = SchemaConstants.MEMBER_AT;
}
- if ( AttributeUtils.containsValueCaseIgnore( oc, GROUPOFUNIQUENAMES_OC ) )
+ if ( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC ) ||
+ AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC_OID ) )
{
- members = entry.get( UNIQUEMEMBER_ATTR );
- memberAttrId = UNIQUEMEMBER_ATTR;
+ members = AttributeUtils.getAttribute(entry, uniqueMemberAT );
+ memberAttrId = SchemaConstants.UNIQUE_MEMBER_AT;
}
if ( members == null )
@@ -377,15 +401,15 @@
return;
}
- for ( int ii = 0; ii < mods.length; ii++ )
+ for ( ModificationItem modification:mods )
{
- if ( memberAttrId.equalsIgnoreCase( mods[ii].getAttribute().getID() ) )
+ if ( memberAttrId.equalsIgnoreCase( modification.getAttribute().getID() ) )
{
- Set<String> memberSet = groups.get( name.toString() );
+ Set<String> memberSet = groups.get( name.getNormName() );
if ( memberSet != null )
{
- modify( memberSet, mods[ii].getModificationOp(), mods[ii].getAttribute() );
+ modify( memberSet, modification.getModificationOp(), modification.getAttribute() );
}
break;
@@ -394,7 +418,7 @@
if ( IS_DEBUG )
{
- log.debug( "group cache contents after modifying " + name.toString() + ":\n" + groups );
+ log.debug( "group cache contents after modifying '{}' :\n {}", name.getUpName(), groups );
}
}
@@ -409,7 +433,7 @@
* @param entry the entry being modified
* @throws NamingException if there are problems accessing attribute values
*/
- public void groupModified( Name name, int modOp, Attributes mods, Attributes entry ) throws NamingException
+ public void groupModified( LdapDN name, int modOp, Attributes mods, Attributes entry ) throws NamingException
{
Attribute members = getMemberAttribute( mods );
@@ -418,7 +442,7 @@
return;
}
- Set<String> memberSet = groups.get( name.toString() );
+ Set<String> memberSet = groups.get( name.getNormName() );
if ( memberSet != null )
{
@@ -427,7 +451,7 @@
if ( IS_DEBUG )
{
- log.debug( "group cache contents after modifying " + name.toString() + ":\n" + groups );
+ log.debug( "group cache contents after modifying '{}' :\n {}", name.getUpName(), groups );
}
}
@@ -441,12 +465,13 @@
*/
public final boolean isPrincipalAnAdministrator( LdapDN principalDn )
{
- if ( principalDn.toNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) )
+ if ( principalDn.getNormName().equals( PartitionNexus.ADMIN_PRINCIPAL_NORMALIZED ) )
{
return true;
}
- Set members = ( Set ) groups.get( administratorsGroupDn.toNormName() );
+ Set members = ( Set ) groups.get( administratorsGroupDn.getNormName() );
+
if ( members == null )
{
log.warn( "What do you mean there is no administrators group? This is bad news." );
@@ -465,68 +490,67 @@
* @return a Set of Name objects representing the groups
* @throws NamingException if there are problems accessing attribute values
*/
- public Set getGroups( String member ) throws NamingException
+ public Set<LdapDN> getGroups( String member ) throws NamingException
{
+ LdapDN normMember = null;
+
try
{
- member = parseNormalized( member ).toString();
+ normMember = parseNormalized( member );
}
catch ( NamingException e )
{
- log
- .warn(
- "Malformed member DN. Could not find groups for member in GroupCache. Returning empty set for groups!",
- e );
- return Collections.EMPTY_SET;
+ log.warn( "Malformed member DN. Could not find groups for member '{}' in GroupCache. Returning empty set for groups!", member, e );
+ return EMPTY_GROUPS;
}
- Set<Name> memberGroups = null;
+ Set<LdapDN> memberGroups = null;
- Iterator list = groups.keySet().iterator();
- while ( list.hasNext() )
+ for ( String group:groups.keySet() )
{
- String group = ( String ) list.next();
- Set members = ( Set ) groups.get( group );
+ Set<String> members = groups.get( group );
if ( members == null )
{
continue;
}
- if ( members.contains( member ) )
+ if ( members.contains( normMember.getNormName() ) )
{
if ( memberGroups == null )
{
- memberGroups = new HashSet<Name>();
+ memberGroups = new HashSet<LdapDN>();
}
- memberGroups.add( new LdapDN( group ) );
+ memberGroups.add( parseNormalized( group ) );
}
}
if ( memberGroups == null )
{
- return Collections.EMPTY_SET;
+ return EMPTY_GROUPS;
}
return memberGroups;
}
- public boolean groupRenamed( Name oldName, Name newName )
+ public boolean groupRenamed( LdapDN oldName, LdapDN newName )
{
- Set<String> members = groups.remove( oldName.toString() );
+ Set<String> members = groups.remove( oldName.getNormName() );
if ( members != null )
{
- groups.put( newName.toString(), members );
+ groups.put( newName.getNormName(), members );
if ( IS_DEBUG )
{
- log.debug( "group cache contents after renaming " + oldName.toString() + ":\n" + groups );
+ log.debug( "group cache contents after renaming '{}' :\n{}", oldName.getUpName(), groups );
}
+
return true;
}
+
return false;
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java b/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java
index 5b60b38..8ad193c 100644
--- a/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java
+++ b/core/src/main/java/org/apache/directory/server/core/authz/TupleCache.java
@@ -38,6 +38,7 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.ConcreteNameComponentNormalizer;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
@@ -45,6 +46,7 @@
import org.apache.directory.shared.ldap.aci.ACIItem;
import org.apache.directory.shared.ldap.aci.ACIItemParser;
import org.apache.directory.shared.ldap.aci.ACITuple;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
import org.apache.directory.shared.ldap.filter.AssertionEnum;
import org.apache.directory.shared.ldap.filter.ExprNode;
@@ -53,6 +55,7 @@
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.name.NameComponentNormalizer;
+import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.schema.OidNormalizer;
import org.apache.directory.shared.ldap.util.AttributeUtils;
import org.slf4j.Logger;
@@ -69,25 +72,27 @@
*/
public class TupleCache
{
- /** the attribute id for prescriptive aci: prescriptiveACI */
- private static final String ACI_ATTR = "prescriptiveACI";
- /** the attribute id for an object class: objectClass */
- private static final String OC_ATTR = "objectClass";
- /** the object class for access control subentries: accessControlSubentry */
- private static final String ACSUBENTRY_OC = "accessControlSubentry";
-
/** the logger for this class */
private static final Logger log = LoggerFactory.getLogger( TupleCache.class );
/** cloned startup environment properties we use for subentry searching */
private final Hashtable env;
+
/** a map of strings to ACITuple collections */
private final Map<String,List> tuples = new HashMap<String,List>();
+
/** a handle on the partition nexus */
private final PartitionNexus nexus;
+
/** a normalizing ACIItem parser */
private final ACIItemParser aciParser;
+ /** Stores a reference to the AttributeType registry */
+ private AttributeTypeRegistry attributeTypeRegistry;
+
+ /** A starage for the PrescriptiveACI attributeType */
+ private AttributeType prescriptiveAciAT;
+
/**
* The OIDs normalizer map
*/
@@ -98,16 +103,17 @@
*
* @param factoryCfg the context factory configuration for the server
*/
- public TupleCache(DirectoryServiceConfiguration factoryCfg) throws NamingException
+ public TupleCache( DirectoryServiceConfiguration factoryCfg ) throws NamingException
{
normalizerMap = factoryCfg.getRegistries().getAttributeTypeRegistry().getNormalizerMapping();
this.nexus = factoryCfg.getPartitionNexus();
- AttributeTypeRegistry attributeRegistry = factoryCfg.getRegistries().getAttributeTypeRegistry();
+ attributeTypeRegistry = factoryCfg.getRegistries().getAttributeTypeRegistry();
OidRegistry oidRegistry = factoryCfg.getRegistries().getOidRegistry();
- NameComponentNormalizer ncn = new ConcreteNameComponentNormalizer( attributeRegistry, oidRegistry );
+ NameComponentNormalizer ncn = new ConcreteNameComponentNormalizer( attributeTypeRegistry, oidRegistry );
aciParser = new ACIItemParser( ncn, normalizerMap );
env = ( Hashtable ) factoryCfg.getEnvironment().clone();
initialize();
+ prescriptiveAciAT = attributeTypeRegistry.lookup( SchemaConstants.PRESCRIPTIVE_ACI_AT );
}
@@ -124,29 +130,34 @@
// search all naming contexts for access control subentenries
// generate ACITuple Arrays for each subentry
// add that subentry to the hash
- Iterator suffixes = nexus.listSuffixes();
+ Iterator suffixes = nexus.listSuffixes( null );
+
while ( suffixes.hasNext() )
{
String suffix = ( String ) suffixes.next();
LdapDN baseDn = parseNormalized( suffix );
- ExprNode filter = new SimpleNode( OC_ATTR, ACSUBENTRY_OC, AssertionEnum.EQUALITY );
+ ExprNode filter = new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.ACCESS_CONTROL_SUBENTRY_OC, AssertionEnum.EQUALITY );
SearchControls ctls = new SearchControls();
ctls.setSearchScope( SearchControls.SUBTREE_SCOPE );
- NamingEnumeration results = nexus.search( baseDn, env, filter, ctls );
+ NamingEnumeration<SearchResult> results =
+ nexus.search( new SearchOperationContext( baseDn, env, filter, ctls ) );
+
while ( results.hasMore() )
{
SearchResult result = ( SearchResult ) results.next();
String subentryDn = result.getName();
- Attribute aci = result.getAttributes().get( ACI_ATTR );
+ Attribute aci = AttributeUtils.getAttribute( result.getAttributes(), prescriptiveAciAT );
+
if ( aci == null )
{
- log.warn( "Found accessControlSubentry '" + subentryDn + "' without any " + ACI_ATTR );
+ log.warn( "Found accessControlSubentry '" + subentryDn + "' without any " + SchemaConstants.PRESCRIPTIVE_ACI_AT );
continue;
}
LdapDN normName = parseNormalized( subentryDn );
subentryAdded( subentryDn, normName, result.getAttributes() );
}
+
results.close();
}
}
@@ -155,11 +166,12 @@
private boolean hasPrescriptiveACI( Attributes entry ) throws NamingException
{
// only do something if the entry contains prescriptiveACI
- Attribute aci = entry.get( ACI_ATTR );
+ Attribute aci = AttributeUtils.getAttribute( entry, prescriptiveAciAT );
if ( aci == null )
{
- if ( AttributeUtils.containsValueCaseIgnore( entry.get( OC_ATTR ), ACSUBENTRY_OC ) )
+ if ( AttributeUtils.containsValueCaseIgnore( entry.get( SchemaConstants.OBJECT_CLASS_AT ), SchemaConstants.ACCESS_CONTROL_SUBENTRY_OC ) ||
+ AttributeUtils.containsValueCaseIgnore( entry.get( SchemaConstants.OBJECT_CLASS_AT ), SchemaConstants.ACCESS_CONTROL_SUBENTRY_OC_OID ))
{
// should not be necessary because of schema interceptor but schema checking
// can be turned off and in this case we must protect against being able to
@@ -179,7 +191,8 @@
public void subentryAdded( String upName, LdapDN normName, Attributes entry ) throws NamingException
{
// only do something if the entry contains prescriptiveACI
- Attribute aci = entry.get( ACI_ATTR );
+ Attribute aci = AttributeUtils.getAttribute( entry, prescriptiveAciAT );
+
if ( !hasPrescriptiveACI( entry ) )
{
return;
@@ -199,8 +212,15 @@
}
catch ( ParseException e )
{
- String msg = "ACIItem parser failure on " + aciStr + ". Cannnot add ACITuples to TupleCache.";
- log.warn( msg, e );
+ String msg = "ACIItem parser failure on \n'" + item + "'\ndue to syntax error. " +
+ "Cannnot add ACITuples to TupleCache.\n" +
+ "Check that the syntax of the ACI item is correct. \nUntil this error " +
+ "is fixed your security settings will not be as expected.";
+ log.error( msg, e );
+
+ // do not process this ACI Item because it will be null
+ // continue on to process the next ACI item in the entry
+ continue;
}
}
@@ -227,10 +247,14 @@
}
boolean isAciModified = false;
+
for ( int ii = 0; ii < mods.length; ii++ )
{
- isAciModified |= mods[ii].getAttribute().contains( ACI_ATTR );
+ // Check for the name and for the OID
+ isAciModified |= AttributeUtils.containsValueCaseIgnore( mods[ii].getAttribute(), SchemaConstants.PRESCRIPTIVE_ACI_AT );
+ isAciModified |= AttributeUtils.containsValueCaseIgnore( mods[ii].getAttribute(), SchemaConstants.PRESCRIPTIVE_ACI_AT_OID );
}
+
if ( isAciModified )
{
subentryDeleted( normName, entry );
@@ -246,7 +270,7 @@
return;
}
- if ( mods.get( ACI_ATTR ) != null )
+ if ( AttributeUtils.getAttribute( mods, prescriptiveAciAT ) != null )
{
subentryDeleted( normName, entry );
subentryAdded( normName.getUpName(), normName, entry );
diff --git a/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java b/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java
index 2f4098e..4745720 100644
--- a/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java
+++ b/core/src/main/java/org/apache/directory/server/core/authz/support/ACDFEngine.java
@@ -29,11 +29,20 @@
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
+import org.apache.directory.server.core.authn.AuthenticationService;
+import org.apache.directory.server.core.authz.AuthorizationService;
+import org.apache.directory.server.core.authz.DefaultAuthorizationService;
import org.apache.directory.server.core.event.Evaluator;
+import org.apache.directory.server.core.event.EventService;
import org.apache.directory.server.core.event.ExpressionEvaluator;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.normalization.NormalizationService;
+import org.apache.directory.server.core.operational.OperationalAttributeService;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.server.core.schema.SchemaService;
import org.apache.directory.server.core.subtree.RefinementEvaluator;
import org.apache.directory.server.core.subtree.RefinementLeafEvaluator;
+import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.core.subtree.SubtreeEvaluator;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
@@ -126,15 +135,15 @@
public static final Collection USER_LOOKUP_BYPASS;
static
{
- Collection c = new HashSet();
- c.add( "normalizationService" );
- c.add( "authenticationService" );
- c.add( "authorizationService" );
- c.add( "defaultAuthorizationService" );
- c.add( "schemaService" );
- c.add( "subentryService" );
- c.add( "operationalAttributeService" );
- c.add( "eventService" );
+ Collection<String> c = new HashSet<String>();
+ c.add( NormalizationService.NAME );
+ c.add( AuthenticationService.NAME );
+ c.add( AuthorizationService.NAME );
+ c.add( DefaultAuthorizationService.NAME );
+ c.add( SchemaService.NAME );
+ c.add( SubentryService.NAME );
+ c.add( OperationalAttributeService.NAME );
+ c.add( EventService.NAME );
USER_LOOKUP_BYPASS = Collections.unmodifiableCollection( c );
}
@@ -164,7 +173,7 @@
throw new NullPointerException( "entryName" );
}
- Attributes userEntry = proxy.lookup( userName, USER_LOOKUP_BYPASS );
+ Attributes userEntry = proxy.lookup( new LookupOperationContext( userName ), USER_LOOKUP_BYPASS );
// Determine the scope of the requested operation.
OperationScope scope;
diff --git a/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java b/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java
index 72e0c46..f3d1222 100644
--- a/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java
+++ b/core/src/main/java/org/apache/directory/server/core/authz/support/MaxImmSubFilter.java
@@ -30,11 +30,22 @@
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import org.apache.directory.server.core.authn.AuthenticationService;
+import org.apache.directory.server.core.authz.AuthorizationService;
+import org.apache.directory.server.core.authz.DefaultAuthorizationService;
+import org.apache.directory.server.core.event.EventService;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
+import org.apache.directory.server.core.normalization.NormalizationService;
+import org.apache.directory.server.core.operational.OperationalAttributeService;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.server.core.schema.SchemaService;
+import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.shared.ldap.aci.ACITuple;
import org.apache.directory.shared.ldap.aci.AuthenticationLevel;
import org.apache.directory.shared.ldap.aci.ProtectedItem;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.filter.PresenceNode;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -55,7 +66,7 @@
public MaxImmSubFilter()
{
- childrenFilter = new PresenceNode( "objectClass" );
+ childrenFilter = new PresenceNode( SchemaConstants.OBJECT_CLASS_AT );
childrenSearchControls = new SearchControls();
childrenSearchControls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
}
@@ -117,15 +128,15 @@
public static final Collection SEARCH_BYPASS;
static
{
- Collection c = new HashSet();
- c.add( "normalizationService" );
- c.add( "authenticationService" );
- c.add( "authorizationService" );
- c.add( "defaultAuthorizationService" );
- c.add( "schemaService" );
- c.add( "subentryService" );
- c.add( "operationalAttributeService" );
- c.add( "eventService" );
+ Collection<String> c = new HashSet<String>();
+ c.add( NormalizationService.NAME );
+ c.add( AuthenticationService.NAME );
+ c.add( AuthorizationService.NAME );
+ c.add( DefaultAuthorizationService.NAME );
+ c.add( SchemaService.NAME );
+ c.add( SubentryService.NAME );
+ c.add( OperationalAttributeService.NAME );
+ c.add( EventService.NAME );
SEARCH_BYPASS = Collections.unmodifiableCollection( c );
}
@@ -133,10 +144,12 @@
private int getImmSubCount( PartitionNexusProxy proxy, LdapDN entryName ) throws NamingException
{
int cnt = 0;
- NamingEnumeration e = null;
+ NamingEnumeration<SearchResult> e = null;
+
try
{
- e = proxy.search( ( LdapDN ) entryName.getPrefix( 1 ), new HashMap(), childrenFilter, childrenSearchControls,
+ e = proxy.search(
+ new SearchOperationContext( ( LdapDN ) entryName.getPrefix( 1 ), new HashMap(), childrenFilter, childrenSearchControls ),
SEARCH_BYPASS );
while ( e.hasMore() )
diff --git a/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java b/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java
index 55fc59e..a218cce 100644
--- a/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java
+++ b/core/src/main/java/org/apache/directory/server/core/authz/support/RelatedProtectedItemFilter.java
@@ -37,6 +37,7 @@
import org.apache.directory.shared.ldap.aci.ProtectedItem;
import org.apache.directory.shared.ldap.aci.ProtectedItem.MaxValueCountItem;
import org.apache.directory.shared.ldap.aci.ProtectedItem.RestrictedByItem;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.util.AttributeUtils;
@@ -183,7 +184,7 @@
else if ( item instanceof ProtectedItem.Classes )
{
ProtectedItem.Classes c = ( ProtectedItem.Classes ) item;
- if ( refinementEvaluator.evaluate( c.getClasses(), entry.get( "objectClass" ) ) )
+ if ( refinementEvaluator.evaluate( c.getClasses(), entry.get( SchemaConstants.OBJECT_CLASS_AT ) ) )
{
return true;
}
@@ -249,7 +250,10 @@
{
AttributeType attrType = attrRegistry.lookup( oid );
Attribute attr = AttributeUtils.getAttribute( entry, attrType );
- if ( attr != null && ( ( attr.contains( userName.toNormName() ) || attr.contains( userName.getUpName() ) ) ) )
+
+ if ( ( attr != null ) &&
+ ( ( AttributeUtils.containsValue( attr, userName.toNormName(), attrType ) ||
+ ( AttributeUtils.containsValue( attr, userName.getUpName(), attrType ) ) ) ) )
{
return true;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java b/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java
index 408448f..11e1c0e 100644
--- a/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java
+++ b/core/src/main/java/org/apache/directory/server/core/authz/support/RestrictedByFilter.java
@@ -82,15 +82,19 @@
for ( Iterator i = tuple.getProtectedItems().iterator(); i.hasNext(); )
{
ProtectedItem item = ( ProtectedItem ) i.next();
+
if ( item instanceof ProtectedItem.RestrictedBy )
{
ProtectedItem.RestrictedBy rb = ( ProtectedItem.RestrictedBy ) item;
+
for ( Iterator k = rb.iterator(); k.hasNext(); )
{
RestrictedByItem rbItem = ( RestrictedByItem ) k.next();
+
if ( attrId.equalsIgnoreCase( rbItem.getAttributeType() ) )
{
Attribute attr = entry.get( rbItem.getValuesIn() );
+
if ( attr == null || !attr.contains( attrValue ) )
{
return true;
diff --git a/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java b/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java
index d3e5d92..eaa5fc5 100644
--- a/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java
+++ b/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributeService.java
@@ -22,7 +22,6 @@
import java.util.HashSet;
import java.util.Iterator;
-import java.util.Map;
import java.util.Set;
import javax.naming.NamingEnumeration;
@@ -38,15 +37,20 @@
import org.apache.directory.server.core.enumeration.SearchResultFilteringEnumeration;
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
-import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.message.AttributeImpl;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.shared.ldap.message.ServerSearchResult;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.AttributeType;
+import org.apache.directory.shared.ldap.util.AttributeUtils;
/**
@@ -61,6 +65,9 @@
*/
public class CollectiveAttributeService extends BaseInterceptor
{
+ /** The service name */
+ public static final String NAME = "collectiveAttributeService";
+
public static final String COLLECTIVE_ATTRIBUTE_SUBENTRIES = "collectiveAttributeSubentries";
public static final String EXCLUDE_ALL_COLLECTIVE_ATTRIBUTES_OID = "2.5.18.0";
@@ -74,7 +81,7 @@
public boolean accept( Invocation invocation, SearchResult result, SearchControls controls )
throws NamingException
{
- LdapDN name = new LdapDN( result.getName() );
+ LdapDN name = ((ServerSearchResult)result).getDn();
name = LdapDN.normalize( name, attrTypeRegistry.getNormalizerMapping() );
Attributes entry = result.getAttributes();
String[] retAttrs = controls.getReturningAttributes();
@@ -111,7 +118,7 @@
*/
private void addCollectiveAttributes( LdapDN normName, Attributes entry, String[] retAttrs ) throws NamingException
{
- Attributes entryWithCAS = nexus.lookup( normName, new String[] { COLLECTIVE_ATTRIBUTE_SUBENTRIES } );
+ Attributes entryWithCAS = nexus.lookup( new LookupOperationContext( normName, new String[] { COLLECTIVE_ATTRIBUTE_SUBENTRIES } ) );
Attribute caSubentries = entryWithCAS.get( COLLECTIVE_ATTRIBUTE_SUBENTRIES );
/*
@@ -134,7 +141,7 @@
if ( collectiveExclusions != null )
{
- if ( collectiveExclusions.contains( EXCLUDE_ALL_COLLECTIVE_ATTRIBUTES_OID )
+ if ( AttributeUtils.containsValueCaseIgnore( collectiveExclusions, EXCLUDE_ALL_COLLECTIVE_ATTRIBUTES_OID )
|| collectiveExclusions.contains( EXCLUDE_ALL_COLLECTIVE_ATTRIBUTES ) )
{
/*
@@ -182,7 +189,7 @@
{
String subentryDnStr = ( String ) caSubentries.get( ii );
LdapDN subentryDn = new LdapDN( subentryDnStr );
- Attributes subentry = nexus.lookup( subentryDn );
+ Attributes subentry = nexus.lookup( new LookupOperationContext( subentryDn ) );
NamingEnumeration attrIds = subentry.getIDs();
while ( attrIds.hasMore() )
@@ -276,72 +283,60 @@
// ------------------------------------------------------------------------
// Interceptor Method Overrides
// ------------------------------------------------------------------------
-
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public Attributes lookup( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- Attributes result = nextInterceptor.lookup( name );
+ Attributes result = nextInterceptor.lookup( opContext );
if ( result == null )
{
return null;
}
- addCollectiveAttributes( name, result, new String[] { "*" } );
- return result;
- }
-
-
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name, String[] attrIds ) throws NamingException
- {
- Attributes result = nextInterceptor.lookup( name, attrIds );
+ LookupOperationContext ctx = (LookupOperationContext)opContext;
- if ( result == null )
+ if ( ( ctx.getAttrsId() == null ) || ( ctx.getAttrsId().size() == 0 ) )
{
- return null;
+ addCollectiveAttributes( ctx.getDn(), result, new String[] { "*" } );
}
-
- addCollectiveAttributes( name, result, attrIds );
+ else
+ {
+ addCollectiveAttributes( ctx.getDn(), result, ctx.getAttrsIdArray() );
+ }
+
return result;
}
- public NamingEnumeration list( NextInterceptor nextInterceptor, LdapDN base ) throws NamingException
+ public NamingEnumeration list( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- NamingEnumeration e = nextInterceptor.list( base );
+ NamingEnumeration e = nextInterceptor.list( opContext );
Invocation invocation = InvocationStack.getInstance().peek();
- return new SearchResultFilteringEnumeration( e, new SearchControls(), invocation, SEARCH_FILTER );
+ return new SearchResultFilteringEnumeration( e, new SearchControls(), invocation, SEARCH_FILTER, "List collective Filter" );
}
- public NamingEnumeration search( NextInterceptor nextInterceptor, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- NamingEnumeration e = nextInterceptor.search( base, env, filter, searchCtls );
+ NamingEnumeration<SearchResult> e = nextInterceptor.search( opContext );
Invocation invocation = InvocationStack.getInstance().peek();
- return new SearchResultFilteringEnumeration( e, searchCtls, invocation, SEARCH_FILTER );
+ return new SearchResultFilteringEnumeration(
+ e, ((SearchOperationContext)opContext).getSearchControls(), invocation, SEARCH_FILTER, "Search collective Filter" );
}
// ------------------------------------------------------------------------
// Partial Schema Checking
// ------------------------------------------------------------------------
- public void add( NextInterceptor next, LdapDN normName, Attributes entry ) throws NamingException
+ public void add( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- collectiveAttributesSchemaChecker.checkAdd( normName, entry );
- super.add( next, normName, entry );
+ collectiveAttributesSchemaChecker.checkAdd( opContext.getDn(), ((AddOperationContext)opContext).getEntry() );
+ super.add( next, opContext );
}
- public void modify( NextInterceptor next, LdapDN normName, int modOp, Attributes mods ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- collectiveAttributesSchemaChecker.checkModify( normName, modOp, mods );
- super.modify( next, normName, modOp, mods );
- }
-
-
- public void modify( NextInterceptor next, LdapDN normName, ModificationItemImpl[] mods ) throws NamingException
- {
- collectiveAttributesSchemaChecker.checkModify( normName, mods );
- super.modify( next, normName, mods );
+ collectiveAttributesSchemaChecker.checkModify( opContext.getDn(), ((ModifyOperationContext)opContext).getModItems() );
+ super.modify( next, opContext );
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributesSchemaChecker.java b/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributesSchemaChecker.java
index e48fd90..fba20d6 100644
--- a/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributesSchemaChecker.java
+++ b/core/src/main/java/org/apache/directory/server/core/collective/CollectiveAttributesSchemaChecker.java
@@ -26,8 +26,10 @@
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
@@ -56,7 +58,7 @@
public void checkAdd( LdapDN normName, Attributes entry ) throws LdapSchemaViolationException, NamingException
{
- Attribute objectClass = entry.get( "objectClass" );
+ Attribute objectClass = entry.get( SchemaConstants.OBJECT_CLASS_AT );
if ( AttributeUtils.containsValueCaseIgnore( objectClass, "collectiveAttributeSubentry" ) )
{
@@ -93,9 +95,9 @@
public void checkModify( LdapDN normName, ModificationItemImpl[] mods ) throws NamingException
{
- Attributes originalEntry = nexus.lookup( normName );
+ Attributes originalEntry = nexus.lookup( new LookupOperationContext( normName ) );
Attributes targetEntry = SchemaUtils.getTargetEntry( mods, originalEntry );
- Attribute targetObjectClasses = targetEntry.get( "objectClass" );
+ Attribute targetObjectClasses = targetEntry.get( SchemaConstants.OBJECT_CLASS_AT );
if ( AttributeUtils.containsValueCaseIgnore( targetObjectClasses, "collectiveAttributeSubentry" ) )
{
diff --git a/core/src/main/java/org/apache/directory/server/core/configuration/AuthenticatorConfiguration.java b/core/src/main/java/org/apache/directory/server/core/configuration/AuthenticatorConfiguration.java
index f6a0f5e..697b023 100644
--- a/core/src/main/java/org/apache/directory/server/core/configuration/AuthenticatorConfiguration.java
+++ b/core/src/main/java/org/apache/directory/server/core/configuration/AuthenticatorConfiguration.java
@@ -60,6 +60,18 @@
this.authenticator = authenticator;
}
+ /**
+ * Sets the {@link Authenticator} to configure, with its name
+ *
+ * @param name The authenticator name
+ * @param authenticator The authenticator to register
+ */
+ protected void setAuthenticator( String name, Authenticator authenticator )
+ {
+ this.authenticator = authenticator;
+ this.name = name;
+ }
+
/**
* Returns the user-defined name of the {@link Authenticator} that
diff --git a/core/src/main/java/org/apache/directory/server/core/configuration/MutableAuthenticatorConfiguration.java b/core/src/main/java/org/apache/directory/server/core/configuration/MutableAuthenticatorConfiguration.java
index 99738f6..6ade4b4 100644
--- a/core/src/main/java/org/apache/directory/server/core/configuration/MutableAuthenticatorConfiguration.java
+++ b/core/src/main/java/org/apache/directory/server/core/configuration/MutableAuthenticatorConfiguration.java
@@ -39,13 +39,27 @@
{
}
+ /**
+ * Create and register an authenticator with its name
+ *
+ * @param name The authenticator name
+ * @param authenticator The authenticator to register
+ */
+ public MutableAuthenticatorConfiguration( String name, Authenticator authenticator )
+ {
+ super.setAuthenticator( name, authenticator );
+ }
+ /**
+ * Register an authenticator
+ *
+ * @param authenticator The authenticator to register
+ */
public void setAuthenticator( Authenticator authenticator )
{
super.setAuthenticator( authenticator );
}
-
public void setName( String name )
{
super.setName( name );
diff --git a/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java b/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java
index b2bc6af..82aa9a7 100644
--- a/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java
+++ b/core/src/main/java/org/apache/directory/server/core/configuration/StartupConfiguration.java
@@ -46,6 +46,8 @@
import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.core.trigger.TriggerService;
import org.apache.directory.shared.ldap.ldif.Entry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
@@ -56,6 +58,11 @@
*/
public class StartupConfiguration extends Configuration
{
+ private static final Logger log = LoggerFactory.getLogger( StartupConfiguration.class );
+
+ /** Speedup for logs */
+ private static final boolean IS_DEBUG = log.isDebugEnabled();
+
private static final long serialVersionUID = 4826762196566871677L;
public static final int MAX_THREADS_DEFAULT = 4;
@@ -102,25 +109,14 @@
{
Set<AuthenticatorConfiguration> set = new HashSet<AuthenticatorConfiguration>();
- MutableAuthenticatorConfiguration authCfg;
-
// Anonymous
- authCfg = new MutableAuthenticatorConfiguration();
- authCfg.setName( "Anonymous" );
- authCfg.setAuthenticator( new AnonymousAuthenticator() );
- set.add( authCfg );
+ set.add( new MutableAuthenticatorConfiguration( "Anonymous", new AnonymousAuthenticator() ) );
// Simple
- authCfg = new MutableAuthenticatorConfiguration();
- authCfg.setName( "Simple" );
- authCfg.setAuthenticator( new SimpleAuthenticator() );
- set.add( authCfg );
+ set.add( new MutableAuthenticatorConfiguration( "Simple", new SimpleAuthenticator() ) );
// Strong
- authCfg = new MutableAuthenticatorConfiguration();
- authCfg.setName( "Strong" );
- authCfg.setAuthenticator( new StrongAuthenticator() );
- set.add( authCfg );
+ set.add( new MutableAuthenticatorConfiguration( "Strong", new StrongAuthenticator() ) );
setAuthenticatorConfigurations( set );
}
@@ -133,12 +129,12 @@
List<InterceptorConfiguration> list = new ArrayList<InterceptorConfiguration>();
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "normalizationService" );
+ interceptorCfg.setName( NormalizationService.NAME );
interceptorCfg.setInterceptor( new NormalizationService() );
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "authenticationService" );
+ interceptorCfg.setName( AuthenticationService.NAME );
interceptorCfg.setInterceptor( new AuthenticationService() );
list.add( interceptorCfg );
@@ -148,47 +144,47 @@
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "authorizationService" );
+ interceptorCfg.setName( AuthorizationService.NAME );
interceptorCfg.setInterceptor( new AuthorizationService() );
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "defaultAuthorizationService" );
+ interceptorCfg.setName( DefaultAuthorizationService.NAME );
interceptorCfg.setInterceptor( new DefaultAuthorizationService() );
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "exceptionService" );
+ interceptorCfg.setName( ExceptionService.NAME );
interceptorCfg.setInterceptor( new ExceptionService() );
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "operationalAttributeService" );
+ interceptorCfg.setName( OperationalAttributeService.NAME );
interceptorCfg.setInterceptor( new OperationalAttributeService() );
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "schemaService" );
+ interceptorCfg.setName( SchemaService.NAME );
interceptorCfg.setInterceptor( new SchemaService() );
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "subentryService" );
+ interceptorCfg.setName( SubentryService.NAME );
interceptorCfg.setInterceptor( new SubentryService() );
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "collectiveAttributeService" );
+ interceptorCfg.setName( CollectiveAttributeService.NAME );
interceptorCfg.setInterceptor( new CollectiveAttributeService() );
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "eventService" );
+ interceptorCfg.setName( EventService.NAME );
interceptorCfg.setInterceptor( new EventService() );
list.add( interceptorCfg );
interceptorCfg = new MutableInterceptorConfiguration();
- interceptorCfg.setName( "triggerService" );
+ interceptorCfg.setName( TriggerService.NAME );
interceptorCfg.setInterceptor( new TriggerService() );
list.add( interceptorCfg );
@@ -208,26 +204,30 @@
/**
* Sets {@link AuthenticatorConfiguration}s to use for authenticating clients.
*/
- protected void setAuthenticatorConfigurations( Set authenticatorConfigurations )
+ protected void setAuthenticatorConfigurations( Set<AuthenticatorConfiguration> authenticatorConfigurations )
{
- Set newSet = ConfigurationUtil.getTypeSafeSet( authenticatorConfigurations, AuthenticatorConfiguration.class );
+ Set<String> names = new HashSet<String>();
- Set names = new HashSet();
- Iterator i = newSet.iterator();
- while ( i.hasNext() )
+ // Loop through all the configurations to check if we do not have duplicated authenticators.
+ for ( AuthenticatorConfiguration cfg:authenticatorConfigurations )
{
- AuthenticatorConfiguration cfg = ( AuthenticatorConfiguration ) i.next();
cfg.validate();
String name = cfg.getName();
+
if ( names.contains( name ) )
{
+ // TODO Not sure that it worth to throw an excpetion here. We could simply ditch the
+ // duplicated authenticator, trace a warning and that's it.
+ log.error( "The authenticator nammed '{}' has already been registred.", name );
throw new ConfigurationException( "Duplicate authenticator name: " + name );
}
+
names.add( name );
}
- this.authenticatorConfigurations = newSet;
+ // The set has been checked, so we can now register it
+ this.authenticatorConfigurations = authenticatorConfigurations;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/enumeration/ReferralHandlingEnumeration.java b/core/src/main/java/org/apache/directory/server/core/enumeration/ReferralHandlingEnumeration.java
index 593efe4..5f312e0 100644
--- a/core/src/main/java/org/apache/directory/server/core/enumeration/ReferralHandlingEnumeration.java
+++ b/core/src/main/java/org/apache/directory/server/core/enumeration/ReferralHandlingEnumeration.java
@@ -31,6 +31,7 @@
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.core.referral.ReferralLut;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
@@ -175,7 +176,7 @@
{
LdapDN prefetchedDn = new LdapDN( prefetched.getName() );
prefetchedDn.normalize( normalizerMap );
- refs = nexus.lookup( prefetchedDn ).get( REF_ATTR );
+ refs = nexus.lookup( new LookupOperationContext( prefetchedDn ) ).get( REF_ATTR );
}
if ( refs == null )
diff --git a/core/src/main/java/org/apache/directory/server/core/enumeration/SearchResultFilteringEnumeration.java b/core/src/main/java/org/apache/directory/server/core/enumeration/SearchResultFilteringEnumeration.java
index 376fcf4..7fd8838 100644
--- a/core/src/main/java/org/apache/directory/server/core/enumeration/SearchResultFilteringEnumeration.java
+++ b/core/src/main/java/org/apache/directory/server/core/enumeration/SearchResultFilteringEnumeration.java
@@ -60,22 +60,30 @@
/** the list of filters to be applied */
private final List filters;
+
/** the underlying decorated enumeration */
private final NamingEnumeration decorated;
/** the first accepted search result that is prefetched */
private SearchResult prefetched;
+
/** flag storing closed state of this naming enumeration */
private boolean isClosed = false;
+
/** the controls associated with the search operation */
private final SearchControls searchControls;
+
/** the Invocation that representing the search creating this enumeration */
private final Invocation invocation;
+
/** whether or not the caller context has object factories which need to be applied to the results */
private final boolean applyObjectFactories;
+
/** whether or not this search has been abandoned */
private boolean abandoned = false;
+ /** A name used to distinguish enumeration while debugging */
+ private String name;
// ------------------------------------------------------------------------
// C O N S T R U C T O R S
@@ -91,7 +99,7 @@
* @param invocation the invocation representing the seach that created this enumeration
*/
public SearchResultFilteringEnumeration( NamingEnumeration decorated, SearchControls searchControls,
- Invocation invocation, SearchResultFilter filter ) throws NamingException
+ Invocation invocation, SearchResultFilter filter, String name ) throws NamingException
{
this.searchControls = searchControls;
this.invocation = invocation;
@@ -99,6 +107,7 @@
this.filters.add( filter );
this.decorated = decorated;
this.applyObjectFactories = invocation.getCaller().getEnvironment().containsKey( Context.OBJECT_FACTORIES );
+ this.name = name;
if ( !decorated.hasMore() )
{
@@ -120,7 +129,7 @@
* @param invocation the invocation representing the seach that created this enumeration
*/
public SearchResultFilteringEnumeration( NamingEnumeration decorated, SearchControls searchControls,
- Invocation invocation, List filters ) throws NamingException
+ Invocation invocation, List filters, String name ) throws NamingException
{
this.searchControls = searchControls;
this.invocation = invocation;
@@ -128,6 +137,8 @@
this.filters.addAll( filters );
this.decorated = decorated;
this.applyObjectFactories = invocation.getCaller().getEnvironment().containsKey( Context.OBJECT_FACTORIES );
+ this.name = name;
+
if ( !decorated.hasMore() )
{
@@ -344,4 +355,9 @@
{
this.abandoned = true;
}
+
+ public String toString()
+ {
+ return name;
+ }
}
diff --git a/core/src/main/java/org/apache/directory/server/core/event/EventService.java b/core/src/main/java/org/apache/directory/server/core/event/EventService.java
index 8543b4a..65b0a25 100644
--- a/core/src/main/java/org/apache/directory/server/core/event/EventService.java
+++ b/core/src/main/java/org/apache/directory/server/core/event/EventService.java
@@ -29,10 +29,28 @@
import java.util.Map;
import java.util.Set;
+import javax.naming.Binding;
+import javax.naming.Name;
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.SearchControls;
+import javax.naming.event.EventContext;
+import javax.naming.event.NamespaceChangeListener;
+import javax.naming.event.NamingEvent;
+import javax.naming.event.NamingListener;
+import javax.naming.event.ObjectChangeListener;
+
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.normalization.NormalizingVisitor;
@@ -50,23 +68,9 @@
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.name.NameComponentNormalizer;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import javax.naming.Name;
-import javax.naming.NamingException;
-import javax.naming.Binding;
-import javax.naming.NamingEnumeration;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.Attribute;
-import javax.naming.event.EventContext;
-import javax.naming.event.NamespaceChangeListener;
-import javax.naming.event.NamingEvent;
-import javax.naming.event.NamingListener;
-import javax.naming.event.ObjectChangeListener;
-
/**
* An interceptor based serivice for notifying NamingListeners of EventContext
@@ -78,6 +82,10 @@
public class EventService extends BaseInterceptor
{
private static Logger log = LoggerFactory.getLogger( EventService.class );
+
+ /** The service name */
+ public static final String NAME = "eventService";
+
private PartitionNexus nexus;
private Map sources = new HashMap();
private Evaluator evaluator = null;
@@ -229,16 +237,21 @@
}
- public void add( NextInterceptor next, LdapDN normName, Attributes entry ) throws NamingException
+ public void add( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- super.add( next, normName, entry );
- Set selecting = getSelectingSources( normName, entry );
+ super.add( next, opContext );
+ LdapDN name = opContext.getDn();
+ Attributes entry = ((AddOperationContext)opContext).getEntry();
+
+ Set selecting = getSelectingSources( name, entry );
+
if ( selecting.isEmpty() )
{
return;
}
Iterator list = selecting.iterator();
+
while ( list.hasNext() )
{
EventSourceRecord rec = ( EventSourceRecord ) list.next();
@@ -247,7 +260,7 @@
if ( listener instanceof NamespaceChangeListener )
{
NamespaceChangeListener nclistener = ( NamespaceChangeListener ) listener;
- Binding binding = new Binding( normName.getUpName(), entry, false );
+ Binding binding = new Binding( name.getUpName(), entry, false );
nclistener.objectAdded( new NamingEvent( rec.getEventContext(), NamingEvent.OBJECT_ADDED, binding,
null, entry ) );
}
@@ -255,17 +268,20 @@
}
- public void delete( NextInterceptor next, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- Attributes entry = nexus.lookup( name );
- super.delete( next, name );
+ LdapDN name = opContext.getDn();
+ Attributes entry = nexus.lookup( new LookupOperationContext( name ) );
+ super.delete( next, opContext );
Set selecting = getSelectingSources( name, entry );
+
if ( selecting.isEmpty() )
{
return;
}
Iterator list = selecting.iterator();
+
while ( list.hasNext() )
{
EventSourceRecord rec = ( EventSourceRecord ) list.next();
@@ -284,7 +300,7 @@
private void notifyOnModify( LdapDN name, ModificationItemImpl[] mods, Attributes oriEntry ) throws NamingException
{
- Attributes entry = nexus.lookup( name );
+ Attributes entry = nexus.lookup( new LookupOperationContext( name ) );
Set selecting = getSelectingSources( name, entry );
if ( selecting.isEmpty() )
{
@@ -309,37 +325,19 @@
}
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes oriEntry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
- super.modify( next, name, modOp, mods );
-
- // package modifications in ModItem format for event delivery
- ModificationItemImpl[] modItems = new ModificationItemImpl[mods.size()];
- NamingEnumeration list = mods.getAll();
- for ( int ii = 0; ii < modItems.length; ii++ )
- {
- modItems[ii] = new ModificationItemImpl( modOp, ( Attribute ) list.next() );
- }
- notifyOnModify( name, modItems, oriEntry );
- }
-
-
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] mods ) throws NamingException
- {
- Invocation invocation = InvocationStack.getInstance().peek();
- PartitionNexusProxy proxy = invocation.getProxy();
- Attributes oriEntry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
- super.modify( next, name, mods );
- notifyOnModify( name, mods, oriEntry );
+ Attributes oriEntry = proxy.lookup( new LookupOperationContext( opContext.getDn() ), PartitionNexusProxy.LOOKUP_BYPASS );
+ super.modify( next, opContext );
+ notifyOnModify( opContext.getDn(), ((ModifyOperationContext)opContext).getModItems(), oriEntry );
}
private void notifyOnNameChange( LdapDN oldName, LdapDN newName ) throws NamingException
{
- Attributes entry = nexus.lookup( newName );
+ Attributes entry = nexus.lookup( new LookupOperationContext( newName ) );
Set selecting = getSelectingSources( oldName, entry );
if ( selecting.isEmpty() )
{
@@ -364,31 +362,33 @@
}
- public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
+ public void rename( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- super.modifyRn( next, name, newRn, deleteOldRn );
- LdapDN newName = ( LdapDN ) name.clone();
+ super.rename( next, opContext );
+ LdapDN newName = ( LdapDN ) opContext.getDn().clone();
newName.remove( newName.size() - 1 );
- newName.add( newRn );
+ newName.add( ((RenameOperationContext)opContext).getNewRdn() );
newName.normalize( attributeRegistry.getNormalizerMapping() );
- notifyOnNameChange( name, newName );
+ notifyOnNameChange( opContext.getDn(), newName );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
- super.move( next, oriChildName, newParentName, newRn, deleteOldRn );
- LdapDN newName = ( LdapDN ) newParentName.clone();
- newName.add( newRn );
- notifyOnNameChange( oriChildName, newName );
+ super.moveAndRename( next, opContext );
+ LdapDN newName = ( LdapDN ) ((MoveAndRenameOperationContext)opContext).getParent().clone();
+ newName.add( ((MoveAndRenameOperationContext)opContext).getNewRdn() );
+ notifyOnNameChange( opContext.getDn(), newName );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- super.move( next, oriChildName, newParentName );
- LdapDN newName = ( LdapDN ) newParentName.clone();
+ super.move( next, opContext );
+ LdapDN oriChildName = opContext.getDn();
+
+ LdapDN newName = ( LdapDN ) ((MoveOperationContext)opContext).getParent().clone();
newName.add( oriChildName.get( oriChildName.size() - 1 ) );
notifyOnNameChange( oriChildName, newName );
}
diff --git a/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java b/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java
index 253ebf2..194ed37 100644
--- a/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java
+++ b/core/src/main/java/org/apache/directory/server/core/exception/ExceptionService.java
@@ -27,24 +27,33 @@
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
-import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.EntryOperationContext;
+import org.apache.directory.server.core.interceptor.context.GetMatchedNameOperationContext;
+import org.apache.directory.server.core.interceptor.context.ListOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapAttributeInUseException;
import org.apache.directory.shared.ldap.exception.LdapContextNotEmptyException;
import org.apache.directory.shared.ldap.exception.LdapNameAlreadyBoundException;
import org.apache.directory.shared.ldap.exception.LdapNameNotFoundException;
import org.apache.directory.shared.ldap.exception.LdapNamingException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
-import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -63,6 +72,9 @@
*/
public class ExceptionService extends BaseInterceptor
{
+ /** The service name */
+ public static final String NAME = "exceptionService";
+
private PartitionNexus nexus;
private LdapDN subschemSubentryDn;
@@ -83,7 +95,7 @@
{
nexus = factoryCfg.getPartitionNexus();
normalizerMap = factoryCfg.getRegistries().getAttributeTypeRegistry().getNormalizerMapping();
- Attribute attr = nexus.getRootDSE().get( "subschemaSubentry" );
+ Attribute attr = nexus.getRootDSE( null ).get( "subschemaSubentry" );
subschemSubentryDn = new LdapDN( ( String ) attr.get() );
subschemSubentryDn.normalize( normalizerMap );
}
@@ -98,52 +110,55 @@
* In the pre-invocation state this interceptor method checks to see if the entry to be added already exists. If it
* does an exception is raised.
*/
- public void add( NextInterceptor nextInterceptor, LdapDN normName, Attributes entry )
+ public void add( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
- if ( subschemSubentryDn.getNormName().equals( normName.getNormName() ) )
+ LdapDN name = opContext.getDn();
+
+ if ( subschemSubentryDn.getNormName().equals( name.getNormName() ) )
{
throw new LdapNameAlreadyBoundException(
"The global schema subentry cannot be added since it exists by default." );
}
// check if the entry already exists
- if ( nextInterceptor.hasEntry( normName ) )
+ if ( nextInterceptor.hasEntry( new EntryOperationContext( name ) ) )
{
- NamingException ne = new LdapNameAlreadyBoundException( normName.toString() + " already exists!" );
- ne.setResolvedName( new LdapDN( normName.getUpName() ) );
+ NamingException ne = new LdapNameAlreadyBoundException( name.getUpName() + " already exists!" );
+ ne.setResolvedName( new LdapDN( name.getUpName() ) );
throw ne;
}
- LdapDN parentDn = ( LdapDN ) normName.clone();
- parentDn.remove( normName.size() - 1 );
+ LdapDN parentDn = ( LdapDN ) name.clone();
+ parentDn.remove( name.size() - 1 );
// check if we're trying to add to a parent that is an alias
Attributes attrs = null;
try
{
- attrs = nextInterceptor.lookup( parentDn );
+ attrs = nextInterceptor.lookup( new LookupOperationContext( parentDn ) );
}
catch ( Exception e )
{
LdapNameNotFoundException e2 = new LdapNameNotFoundException( "Parent " + parentDn.getUpName()
+ " not found" );
- e2.setResolvedName( new LdapDN( nexus.getMatchedName( parentDn ).getUpName() ) );
+ e2.setResolvedName( new LdapDN( nexus.getMatchedName( new GetMatchedNameOperationContext( parentDn ) ).getUpName() ) );
throw e2;
}
- Attribute objectClass = attrs.get( "objectClass" );
+ Attribute objectClass = attrs.get( SchemaConstants.OBJECT_CLASS_AT );
+
if ( objectClass.contains( "alias" ) )
{
- String msg = "Attempt to add entry to alias '" + normName.getUpName() + "' not allowed.";
+ String msg = "Attempt to add entry to alias '" + name.getUpName() + "' not allowed.";
ResultCodeEnum rc = ResultCodeEnum.ALIAS_PROBLEM;
NamingException e = new LdapNamingException( msg, rc );
e.setResolvedName( new LdapDN( parentDn.getUpName() ) );
throw e;
}
- nextInterceptor.add( normName, entry );
+ nextInterceptor.add( opContext );
}
@@ -151,8 +166,10 @@
* Checks to make sure the entry being deleted exists, and has no children, otherwise throws the appropriate
* LdapException.
*/
- public void delete( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
+ LdapDN name = opContext.getDn();
+
if ( name.getNormName().equalsIgnoreCase( subschemSubentryDn.getNormName() ) )
{
throw new LdapOperationNotSupportedException(
@@ -167,13 +184,15 @@
// check if entry to delete has children (only leaves can be deleted)
boolean hasChildren = false;
- NamingEnumeration list = nextInterceptor.list( name );
+ NamingEnumeration list = nextInterceptor.list( new ListOperationContext( name ) );
+
if ( list.hasMore() )
{
hasChildren = true;
}
list.close();
+
if ( hasChildren )
{
LdapContextNotEmptyException e = new LdapContextNotEmptyException();
@@ -181,16 +200,16 @@
throw e;
}
- nextInterceptor.delete( name );
+ nextInterceptor.delete( opContext );
}
/**
* Checks to see the base being searched exists, otherwise throws the appropriate LdapException.
*/
- public NamingEnumeration list( NextInterceptor nextInterceptor, LdapDN baseName ) throws NamingException
+ public NamingEnumeration list( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- if ( baseName.getNormName().equals( subschemSubentryDn.getNormName() ) )
+ if ( opContext.getDn().getNormName().equals( subschemSubentryDn.getNormName() ) )
{
// there is nothing under the schema subentry
return new EmptyEnumeration();
@@ -198,112 +217,56 @@
// check if entry to search exists
String msg = "Attempt to search under non-existant entry: ";
- assertHasEntry( nextInterceptor, msg, baseName );
+ assertHasEntry( nextInterceptor, msg, opContext.getDn() );
- return nextInterceptor.list( baseName );
- }
-
-
- /**
- * Checks to make sure the entry being looked up exists other wise throws the appropriate LdapException.
- */
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
- {
- if ( name.getNormName().equals( subschemSubentryDn.getNormName() ) )
- {
- return nexus.getRootDSE();
- }
-
- String msg = "Attempt to lookup non-existant entry: ";
- assertHasEntry( nextInterceptor, msg, name );
-
- return nextInterceptor.lookup( name );
+ return nextInterceptor.list( opContext );
}
/**
* Checks to see the base being searched exists, otherwise throws the appropriate LdapException.
*/
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name, String[] attrIds ) throws NamingException
+ public Attributes lookup( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- if ( name.getNormName().equals( subschemSubentryDn.getNormName() ) )
+ LookupOperationContext ctx = (LookupOperationContext)opContext;
+
+ if ( ctx.getDn().getNormName().equals( subschemSubentryDn.getNormName() ) )
{
- return nexus.getRootDSE();
+ return nexus.getRootDSE( null );
}
// check if entry to lookup exists
String msg = "Attempt to lookup non-existant entry: ";
- assertHasEntry( nextInterceptor, msg, name );
+ assertHasEntry( nextInterceptor, msg, ctx.getDn() );
- return nextInterceptor.lookup( name, attrIds );
+ return nextInterceptor.lookup( opContext );
}
/**
* Checks to see the entry being modified exists, otherwise throws the appropriate LdapException.
*/
- public void modify( NextInterceptor nextInterceptor, LdapDN name, int modOp, Attributes attrs )
+ public void modify( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
+ ModifyOperationContext ctx = (ModifyOperationContext)opContext;
+
// check if entry to modify exists
String msg = "Attempt to modify non-existant entry: ";
// handle operations against the schema subentry in the schema service
// and never try to look it up in the nexus below
- if ( name.getNormName().equalsIgnoreCase( subschemSubentryDn.getNormName() ) )
+ if ( ctx.getDn().getNormName().equalsIgnoreCase( subschemSubentryDn.getNormName() ) )
{
- nextInterceptor.modify( name, modOp, attrs );
+ nextInterceptor.modify( opContext );
return;
}
- assertHasEntry( nextInterceptor, msg, name );
+ assertHasEntry( nextInterceptor, msg, ctx.getDn() );
- Attributes entry = nexus.lookup( name );
- NamingEnumeration attrIds = attrs.getIDs();
- while ( attrIds.hasMore() )
- {
- String attrId = ( String ) attrIds.next();
- Attribute modAttr = attrs.get( attrId );
- Attribute entryAttr = entry.get( attrId );
-
- if ( modOp == DirContext.ADD_ATTRIBUTE )
- {
- if ( entryAttr != null )
- {
- for ( int ii = 0; ii < modAttr.size(); ii++ )
- {
- if ( entryAttr.contains( modAttr.get( ii ) ) )
- {
- throw new LdapAttributeInUseException( "Trying to add existing value '" + modAttr.get( ii )
- + "' to attribute " + attrId );
- }
- }
- }
- }
- }
- nextInterceptor.modify( name, modOp, attrs );
- }
-
-
- /**
- * Checks to see the entry being modified exists, otherwise throws the appropriate LdapException.
- */
- public void modify( NextInterceptor nextInterceptor, LdapDN name, ModificationItemImpl[] items ) throws NamingException
- {
- // check if entry to modify exists
- String msg = "Attempt to modify non-existant entry: ";
-
- // handle operations against the schema subentry in the schema service
- // and never try to look it up in the nexus below
- if ( name.getNormName().equalsIgnoreCase( subschemSubentryDn.getNormName() ) )
- {
- nextInterceptor.modify( name, items );
- return;
- }
+ Attributes entry = nexus.lookup( new LookupOperationContext( ctx.getDn() ) );
+ ModificationItemImpl[] items = ctx.getModItems();
- assertHasEntry( nextInterceptor, msg, name );
-
- Attributes entry = nexus.lookup( name );
for ( int ii = 0; ii < items.length; ii++ )
{
if ( items[ii].getModificationOp() == DirContext.ADD_ATTRIBUTE )
@@ -324,16 +287,18 @@
}
}
}
- nextInterceptor.modify( name, items );
- }
+ nextInterceptor.modify( opContext );
+ }
/**
* Checks to see the entry being renamed exists, otherwise throws the appropriate LdapException.
*/
- public void modifyRn( NextInterceptor nextInterceptor, LdapDN dn, String newRn, boolean deleteOldRn )
+ public void rename( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
+ LdapDN dn = opContext.getDn();
+
if ( dn.getNormName().equalsIgnoreCase( subschemSubentryDn.getNormName() ) )
{
throw new LdapOperationNotSupportedException(
@@ -349,9 +314,10 @@
// check to see if target entry exists
LdapDN newDn = ( LdapDN ) dn.clone();
newDn.remove( dn.size() - 1 );
- newDn.add( newRn );
+ newDn.add( ((RenameOperationContext)opContext).getNewRdn() );
newDn.normalize( normalizerMap );
- if ( nextInterceptor.hasEntry( newDn ) )
+
+ if ( nextInterceptor.hasEntry( new EntryOperationContext( newDn ) ) )
{
LdapNameAlreadyBoundException e;
e = new LdapNameAlreadyBoundException( "target entry " + newDn.getUpName() + " already exists!" );
@@ -359,7 +325,7 @@
throw e;
}
- nextInterceptor.modifyRn( dn, newRn, deleteOldRn );
+ nextInterceptor.rename( opContext );
}
@@ -367,8 +333,11 @@
* Checks to see the entry being moved exists, and so does its parent, otherwise throws the appropriate
* LdapException.
*/
- public void move( NextInterceptor nextInterceptor, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
+ LdapDN oriChildName = opContext.getDn();
+ LdapDN newParentName = ((MoveOperationContext)opContext).getParent();
+
if ( oriChildName.getNormName().equalsIgnoreCase( subschemSubentryDn.getNormName() ) )
{
throw new LdapOperationNotSupportedException(
@@ -389,7 +358,8 @@
String rdn = oriChildName.get( oriChildName.size() - 1 );
LdapDN target = ( LdapDN ) newParentName.clone();
target.add( rdn );
- if ( nextInterceptor.hasEntry( target ) )
+
+ if ( nextInterceptor.hasEntry( new EntryOperationContext( target ) ) )
{
// we must calculate the resolved name using the user provided Rdn value
String upRdn = new LdapDN( oriChildName.getUpName() ).get( oriChildName.size() - 1 );
@@ -402,7 +372,7 @@
throw e;
}
- nextInterceptor.move( oriChildName, newParentName );
+ nextInterceptor.move( opContext );
}
@@ -410,9 +380,12 @@
* Checks to see the entry being moved exists, and so does its parent, otherwise throws the appropriate
* LdapException.
*/
- public void move( NextInterceptor nextInterceptor, LdapDN oriChildName, LdapDN newParentName, String newRn,
- boolean deleteOldRn ) throws NamingException
+ public void moveAndRename( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
+ LdapDN oriChildName = opContext.getDn();
+ LdapDN parent = ((MoveAndRenameOperationContext)opContext).getParent();
+ String newRn = ((MoveAndRenameOperationContext)opContext).getNewRdn();
+
if ( oriChildName.getNormName().equalsIgnoreCase( subschemSubentryDn.getNormName() ) )
{
throw new LdapOperationNotSupportedException(
@@ -427,16 +400,17 @@
// check if parent to move to exists
msg = "Attempt to move to non-existant parent: ";
- assertHasEntry( nextInterceptor, msg, newParentName );
+ assertHasEntry( nextInterceptor, msg, parent );
// check to see if target entry exists
- LdapDN target = ( LdapDN ) newParentName.clone();
+ LdapDN target = ( LdapDN ) parent.clone();
target.add( newRn );
target.normalize( normalizerMap );
- if ( nextInterceptor.hasEntry( target ) )
+
+ if ( nextInterceptor.hasEntry( new EntryOperationContext( target ) ) )
{
// we must calculate the resolved name using the user provided Rdn value
- LdapDN upTarget = ( LdapDN ) newParentName.clone();
+ LdapDN upTarget = ( LdapDN ) parent.clone();
upTarget.add( newRn );
LdapNameAlreadyBoundException e;
@@ -445,31 +419,38 @@
throw e;
}
- nextInterceptor.move( oriChildName, newParentName, newRn, deleteOldRn );
+ nextInterceptor.moveAndRename( opContext );
}
/**
* Checks to see the entry being searched exists, otherwise throws the appropriate LdapException.
*/
- public NamingEnumeration search( NextInterceptor nextInterceptor, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- String msg = "Attempt to search under non-existant entry: ";
+ LdapDN base = opContext.getDn();
- if ( base.size() == 0 )
+ try
{
- return nextInterceptor.search( base, env, filter, searchCtls );
- }
+ NamingEnumeration<SearchResult> result = nextInterceptor.search( opContext );
+
+ if ( result.hasMoreElements() == false )
+ {
+ if ( !base.isEmpty() && !( subschemSubentryDn.toNormName() ).equalsIgnoreCase( base.toNormName() ) )
+ {
+ // We just check that the entry exists only if we didn't found any entry
+ assertHasEntry( nextInterceptor, "Attempt to search under non-existant entry:" , base );
+ }
+ }
- if ( ( subschemSubentryDn.toNormName() ).equalsIgnoreCase( base.toNormName() ) )
+ return result;
+ }
+ catch ( NamingException ne )
{
- return nextInterceptor.search( base, env, filter, searchCtls );
+ String msg = "Attempt to search under non-existant entry: ";
+ assertHasEntry( nextInterceptor, msg, base );
+ throw ne;
}
-
- assertHasEntry( nextInterceptor, msg, base );
-
- return nextInterceptor.search( base, env, filter, searchCtls );
}
@@ -490,7 +471,8 @@
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- if ( !nextInterceptor.hasEntry( dn ) )
+
+ if ( !nextInterceptor.hasEntry( new EntryOperationContext( dn ) ) )
{
LdapNameNotFoundException e;
@@ -503,7 +485,10 @@
e = new LdapNameNotFoundException( dn.toString() );
}
- e.setResolvedName( new LdapDN( proxy.getMatchedName( dn ).getUpName() ) );
+ e.setResolvedName(
+ new LdapDN(
+ proxy.getMatchedName(
+ new GetMatchedNameOperationContext( dn ) ).getUpName() ) );
throw e;
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java b/core/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
index 037d45d..561a3aa 100644
--- a/core/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/BaseInterceptor.java
@@ -21,24 +21,20 @@
import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapContext;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.authn.LdapPrincipal;
-import org.apache.directory.server.core.configuration.PartitionConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.ServerContext;
-import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -99,137 +95,117 @@
// Interceptor's Invoke Method
// ------------------------------------------------------------------------
- public void add(NextInterceptor next, LdapDN normName, Attributes entry) throws NamingException
+ public void add(NextInterceptor next, OperationContext opContext ) throws NamingException
{
- next.add(normName, entry );
+ next.add( opContext );
}
- public void delete( NextInterceptor next, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- next.delete( name );
+ next.delete( opContext );
}
- public LdapDN getMatchedName ( NextInterceptor next, LdapDN dn ) throws NamingException
+ public LdapDN getMatchedName ( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.getMatchedName( dn );
+ return next.getMatchedName( opContext );
}
- public Attributes getRootDSE( NextInterceptor next ) throws NamingException
+ public Attributes getRootDSE( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.getRootDSE();
+ return next.getRootDSE( opContext );
}
- public LdapDN getSuffix ( NextInterceptor next, LdapDN dn ) throws NamingException
+ public LdapDN getSuffix( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.getSuffix( dn );
+ return next.getSuffix( opContext );
}
- public boolean hasEntry( NextInterceptor next, LdapDN name ) throws NamingException
+ public boolean hasEntry( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.hasEntry( name );
+ return next.hasEntry( opContext );
}
- public boolean isSuffix( NextInterceptor next, LdapDN name ) throws NamingException
+ public NamingEnumeration list( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.isSuffix( name );
+ return next.list( opContext );
}
- public NamingEnumeration list( NextInterceptor next, LdapDN base ) throws NamingException
+ public Iterator listSuffixes ( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.list( base );
+ return next.listSuffixes( opContext );
}
- public Iterator listSuffixes ( NextInterceptor next ) throws NamingException
+ public Attributes lookup( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.listSuffixes();
+ return next.lookup( opContext );
+ }
+
+
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
+ {
+ next.modify( opContext );
}
- public Attributes lookup( NextInterceptor next, LdapDN dn, String[] attrIds ) throws NamingException
+ public void rename( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.lookup( dn, attrIds );
+ next.rename( opContext );
}
- public Attributes lookup( NextInterceptor next, LdapDN name ) throws NamingException
- {
- return next.lookup( name );
- }
-
-
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException
- {
- next.modify( name, modOp, mods );
- }
-
-
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] mods ) throws NamingException
- {
- next.modify( name, mods );
- }
-
-
- public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
- {
- next.modifyRn( name, newRn, deleteOldRn );
- }
-
-
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
+ next.moveAndRename( opContext );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- next.move( oriChildName, newParentName );
+ next.move( opContext );
}
- public NamingEnumeration search( NextInterceptor next, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.search( base, env, filter, searchCtls );
+ return next.search( opContext );
}
- public void addContextPartition( NextInterceptor next, PartitionConfiguration cfg ) throws NamingException
+ public void addContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- next.addContextPartition( cfg );
+ next.addContextPartition( opContext );
}
- public void removeContextPartition( NextInterceptor next, LdapDN suffix ) throws NamingException
+ public void removeContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- next.removeContextPartition( suffix );
+ next.removeContextPartition( opContext );
}
- public boolean compare( NextInterceptor next, LdapDN name, String oid, Object value ) throws NamingException
+ public boolean compare( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return next.compare( name, oid, value );
+ return next.compare( opContext );
}
- public void bind( NextInterceptor next, LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId )
- throws NamingException
+ public void bind( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- next.bind( bindDn, credentials, mechanisms, saslAuthId );
+ next.bind( opContext );
}
- public void unbind( NextInterceptor next, LdapDN bindDn ) throws NamingException
+ public void unbind( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- next.unbind( bindDn );
+ next.unbind( opContext );
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/Interceptor.java b/core/src/main/java/org/apache/directory/server/core/interceptor/Interceptor.java
index fa12b7a..fc0336b 100644
--- a/core/src/main/java/org/apache/directory/server/core/interceptor/Interceptor.java
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/Interceptor.java
@@ -21,21 +21,17 @@
import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
-import org.apache.directory.server.core.configuration.PartitionConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.core.partition.PartitionNexus;
-import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -119,136 +115,115 @@
/**
- * Filters {@link PartitionNexus#getRootDSE()} call.
+ * Filters {@link PartitionNexus#getRootDSE( OperationContext )} call.
*/
- Attributes getRootDSE( NextInterceptor next ) throws NamingException;
+ Attributes getRootDSE( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link PartitionNexus#getMatchedName(org.apache.directory.shared.ldap.name.LdapDN)} call.
+ * Filters {@link PartitionNexus#getMatchedName( OperationContext )} call.
*/
- LdapDN getMatchedName ( NextInterceptor next, LdapDN name ) throws NamingException;
+ LdapDN getMatchedName( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link PartitionNexus#getSuffix(org.apache.directory.shared.ldap.name.LdapDN)} call.
+ * Filters {@link PartitionNexus#getSuffix( OperationContext )} call.
*/
- LdapDN getSuffix ( NextInterceptor next, LdapDN name ) throws NamingException;
+ LdapDN getSuffix ( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link PartitionNexus#listSuffixes()} call.
+ * Filters {@link PartitionNexus#listSuffixes( OperationContext )} call.
*/
- Iterator listSuffixes ( NextInterceptor next ) throws NamingException;
+ Iterator listSuffixes( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link PartitionNexus#addContextPartition(PartitionConfiguration)} call.
+ * Filters {@link PartitionNexus#addContextPartition( OperationContext )} call.
*/
- void addContextPartition( NextInterceptor next, PartitionConfiguration cfg ) throws NamingException;
+ void addContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link PartitionNexus#removeContextPartition(org.apache.directory.shared.ldap.name.LdapDN)} call.
+ * Filters {@link PartitionNexus#removeContextPartition( OperationContext )} call.
*/
- void removeContextPartition( NextInterceptor next, LdapDN suffix ) throws NamingException;
+ void removeContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link PartitionNexus#compare(org.apache.directory.shared.ldap.name.LdapDN,String,Object)} call.
+ * Filters {@link PartitionNexus#compare( OperationContext )} call.
*/
- boolean compare( NextInterceptor next, LdapDN name, String oid, Object value ) throws NamingException;
+ boolean compare( NextInterceptor next, OperationContext opContext) throws NamingException;
/**
- * Filters {@link Partition#delete(org.apache.directory.shared.ldap.name.LdapDN)} call.
+ * Filters {@link Partition#delete( OperationContext )} call.
*/
- void delete( NextInterceptor next, LdapDN name ) throws NamingException;
+ void delete( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link Partition#add(org.apache.directory.shared.ldap.name.LdapDN,javax.naming.directory.Attributes)} call.
+ * Filters {@link Partition#add( OperationContext )} call.
*/
- void add( NextInterceptor next, LdapDN name, Attributes entry ) throws NamingException;
+ void add( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link Partition#modify(org.apache.directory.shared.ldap.name.LdapDN,int,javax.naming.directory.Attributes)} call.
+ * Filters {@link Partition#modify( OperationContext )} call.
*/
- void modify( NextInterceptor next, LdapDN name, int modOp, Attributes attributes ) throws NamingException;
+ void modify( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link Partition#modify(org.apache.directory.shared.ldap.name.LdapDN,javax.naming.directory.ModificationItem[])} call.
+ * Filters {@link Partition#list( OperationContext )} call.
*/
- void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] items ) throws NamingException;
+ NamingEnumeration list( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link Partition#list(org.apache.directory.shared.ldap.name.LdapDN)} call.
+ * Filters {@link Partition#search( OperationContext )} call.
*/
- NamingEnumeration list( NextInterceptor next, LdapDN baseName ) throws NamingException;
+ NamingEnumeration<SearchResult> search( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link Partition#search(org.apache.directory.shared.ldap.name.LdapDN,java.util.Map,org.apache.directory.shared.ldap.filter.ExprNode,javax.naming.directory.SearchControls)} call.
+ * Filters {@link Partition#lookup( OperationContext )} call.
*/
- NamingEnumeration search( NextInterceptor next, LdapDN baseName, Map environment, ExprNode filter,
- SearchControls searchControls ) throws NamingException;
+ Attributes lookup( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link Partition#lookup(org.apache.directory.shared.ldap.name.LdapDN)} call.
+ * Filters {@link Partition#hasEntry( OperationContext )} call.
*/
- Attributes lookup( NextInterceptor next, LdapDN name ) throws NamingException;
+ boolean hasEntry( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link Partition#lookup(org.apache.directory.shared.ldap.name.LdapDN,String[])} call.
+ * Filters {@link Partition#rename( OperationContext )} call.
*/
- Attributes lookup( NextInterceptor next, LdapDN dn, String[] attrIds ) throws NamingException;
+ void rename( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link Partition#lookup(org.apache.directory.shared.ldap.name.LdapDN,String[])} call.
+ * Filters {@link Partition#move( OperationContext )} call.
*/
- boolean hasEntry( NextInterceptor next, LdapDN name ) throws NamingException;
+ void move( NextInterceptor next, OperationContext opContext ) throws NamingException;
/**
- * Filters {@link Partition#isSuffix(org.apache.directory.shared.ldap.name.LdapDN)} call.
+ * Filters {@link Partition#moveAndRename( OperationContext) } call.
*/
- boolean isSuffix( NextInterceptor next, LdapDN name ) throws NamingException;
-
-
- /**
- * Filters {@link Partition#modifyRn(org.apache.directory.shared.ldap.name.LdapDN,String,boolean)} call.
- */
- void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException;
-
-
- /**
- * Filters {@link Partition#move(org.apache.directory.shared.ldap.name.LdapDN,org.apache.directory.shared.ldap.name.LdapDN)} call.
- */
- void move( NextInterceptor next, LdapDN oldName, LdapDN newParentName ) throws NamingException;
-
-
- /**
- * Filters {@link Partition#move(org.apache.directory.shared.ldap.name.LdapDN,org.apache.directory.shared.ldap.name.LdapDN,String,boolean)} call.
- */
- void move( NextInterceptor next, LdapDN oldName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ void moveAndRename( NextInterceptor next, OperationContext opContext )
throws NamingException;
-
/**
- * Filters {@link Partition#bind(org.apache.directory.shared.ldap.name.LdapDN,byte[],java.util.List,String)} call.
+ * Filters {@link Partition#bind( OperationContext )} call.
*/
- void bind( NextInterceptor next, LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId )
+ void bind( NextInterceptor next, OperationContext opContext )
throws NamingException;
-
/**
- * Filters {@link Partition#unbind(org.apache.directory.shared.ldap.name.LdapDN)} call.
+ * Filters {@link Partition#unbind( OperationContext )} call.
*/
- void unbind( NextInterceptor next, LdapDN bindDn ) throws NamingException;
+ void unbind( NextInterceptor next, OperationContext opContext ) throws NamingException;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/InterceptorChain.java b/core/src/main/java/org/apache/directory/server/core/interceptor/InterceptorChain.java
index b78f847..b902980 100644
--- a/core/src/main/java/org/apache/directory/server/core/interceptor/InterceptorChain.java
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/InterceptorChain.java
@@ -31,18 +31,16 @@
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
-import org.apache.directory.server.core.configuration.PartitionConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
import org.apache.directory.server.core.configuration.MutableInterceptorConfiguration;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
-import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -78,140 +76,120 @@
}
- public boolean compare( NextInterceptor next, LdapDN name, String oid, Object value ) throws NamingException
+ public boolean compare( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return nexus.compare( name, oid, value );
+ return nexus.compare( opContext );
}
- public Attributes getRootDSE( NextInterceptor next ) throws NamingException
+ public Attributes getRootDSE( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return nexus.getRootDSE();
+ return nexus.getRootDSE( opContext );
}
- public LdapDN getMatchedName ( NextInterceptor next, LdapDN dn ) throws NamingException
+ public LdapDN getMatchedName( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return ( LdapDN ) nexus.getMatchedName( dn ).clone();
+ return ( LdapDN ) nexus.getMatchedName( opContext ).clone();
}
- public LdapDN getSuffix ( NextInterceptor next, LdapDN dn ) throws NamingException
+ public LdapDN getSuffix( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return ( LdapDN ) nexus.getSuffix( dn ).clone();
+ return ( LdapDN ) nexus.getSuffix( opContext ).clone();
}
- public Iterator listSuffixes ( NextInterceptor next ) throws NamingException
+ public Iterator listSuffixes( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return nexus.listSuffixes();
+ return nexus.listSuffixes( opContext );
}
- public void delete( NextInterceptor next, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- nexus.delete( name );
+ nexus.delete( opContext );
}
- public void add(NextInterceptor next, LdapDN normName, Attributes entry) throws NamingException
+ public void add( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- nexus.add( normName, entry );
+ nexus.add( opContext );
}
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- nexus.modify( name, modOp, mods );
+ nexus.modify( opContext );
}
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] mods ) throws NamingException
+ public NamingEnumeration list( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- nexus.modify( name, mods );
+ return nexus.list( opContext );
}
- public NamingEnumeration list( NextInterceptor next, LdapDN base ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return nexus.list( base );
+ return nexus.search( opContext );
}
- public NamingEnumeration search( NextInterceptor next, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public Attributes lookup( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return nexus.search( base, env, filter, searchCtls );
+ return ( Attributes ) nexus.lookup( opContext ).clone();
}
- public Attributes lookup( NextInterceptor next, LdapDN name ) throws NamingException
+ public boolean hasEntry( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- return ( Attributes ) nexus.lookup( name ).clone();
+ return nexus.hasEntry( opContext );
}
- public Attributes lookup( NextInterceptor next, LdapDN dn, String[] attrIds ) throws NamingException
- {
- return ( Attributes ) nexus.lookup( dn, attrIds ).clone();
- }
-
-
- public boolean hasEntry( NextInterceptor next, LdapDN name ) throws NamingException
- {
- return nexus.hasEntry( name );
- }
-
-
- public boolean isSuffix( NextInterceptor next, LdapDN name ) throws NamingException
- {
- return nexus.isSuffix( name );
- }
-
-
- public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn )
+ public void rename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
- nexus.modifyRn( name, newRn, deleteOldRn );
+ nexus.rename( opContext );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- nexus.move( oriChildName, newParentName );
+ nexus.move( opContext );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
- nexus.move( oriChildName, newParentName, newRn, deleteOldRn );
+ nexus.moveAndRename( opContext );
}
- public void addContextPartition( NextInterceptor next, PartitionConfiguration cfg )
+ public void addContextPartition( NextInterceptor next, OperationContext opContext )
throws NamingException
{
- nexus.addContextPartition( cfg );
+ nexus.addContextPartition( opContext );
}
- public void removeContextPartition( NextInterceptor next, LdapDN suffix ) throws NamingException
+ public void removeContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- nexus.removeContextPartition( suffix );
+ nexus.removeContextPartition( opContext );
}
- public void bind( NextInterceptor next, LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId )
- throws NamingException
+ public void bind( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- nexus.bind( bindDn, credentials, mechanisms, saslAuthId );
+ nexus.bind( opContext );
}
- public void unbind( NextInterceptor next, LdapDN bindDn ) throws NamingException
+ public void unbind( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- nexus.unbind( bindDn );
+ nexus.unbind( opContext );
}
};
@@ -534,14 +512,15 @@
}
- public Attributes getRootDSE() throws NamingException
+ public Attributes getRootDSE( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.getRootDSE( next );
+ return head.getRootDSE( next, opContext );
}
catch ( NamingException ne )
{
@@ -555,14 +534,15 @@
}
- public LdapDN getMatchedName( LdapDN name ) throws NamingException
+ public LdapDN getMatchedName( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.getMatchedName( next, name );
+ return head.getMatchedName( next, opContext );
}
catch ( NamingException ne )
{
@@ -576,14 +556,15 @@
}
- public LdapDN getSuffix ( LdapDN name ) throws NamingException
+ public LdapDN getSuffix( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.getSuffix( next, name );
+ return head.getSuffix( next, opContext );
}
catch ( NamingException ne )
{
@@ -597,14 +578,15 @@
}
- public boolean compare( LdapDN name, String oid, Object value ) throws NamingException
+ public boolean compare( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.compare( next, name, oid, value );
+ return head.compare( next, opContext );
}
catch ( NamingException ne )
{
@@ -618,14 +600,15 @@
}
- public Iterator listSuffixes() throws NamingException
+ public Iterator listSuffixes( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.listSuffixes( next );
+ return head.listSuffixes( next, opContext );
}
catch ( NamingException ne )
{
@@ -639,14 +622,15 @@
}
- public void addContextPartition( PartitionConfiguration cfg ) throws NamingException
+ public void addContextPartition( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- head.addContextPartition( next, cfg );
+ head.addContextPartition( next, opContext );
}
catch ( NamingException ne )
{
@@ -660,14 +644,15 @@
}
- public void removeContextPartition( LdapDN suffix ) throws NamingException
+ public void removeContextPartition( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- head.removeContextPartition( next, suffix );
+ head.removeContextPartition( next, opContext );
}
catch ( NamingException ne )
{
@@ -681,14 +666,15 @@
}
- public void delete( LdapDN name ) throws NamingException
+ public void delete( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- head.delete( next, name );
+ head.delete( next, opContext );
}
catch ( NamingException ne )
{
@@ -701,14 +687,15 @@
}
- public void add( LdapDN normName, Attributes entry ) throws NamingException
+ public void add( OperationContext opContext ) throws NamingException
{
Entry node = getStartingEntry();
Interceptor head = node.configuration.getInterceptor();
NextInterceptor next = node.nextInterceptor;
+
try
{
- head.add( next, normName, entry );
+ head.add( next, opContext );
}
catch ( NamingException ne )
{
@@ -721,14 +708,15 @@
}
- public void bind( LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId ) throws NamingException
+ public void bind( OperationContext opContext ) throws NamingException
{
Entry node = getStartingEntry();
Interceptor head = node.configuration.getInterceptor();
NextInterceptor next = node.nextInterceptor;
+
try
{
- head.bind( next, bindDn, credentials, mechanisms, saslAuthId );
+ head.bind( next, opContext );
}
catch ( NamingException ne )
{
@@ -741,14 +729,15 @@
}
- public void unbind( LdapDN bindDn ) throws NamingException
+ public void unbind( OperationContext opContext ) throws NamingException
{
Entry node = getStartingEntry();
Interceptor head = node.configuration.getInterceptor();
NextInterceptor next = node.nextInterceptor;
+
try
{
- head.unbind( next, bindDn );
+ head.unbind( next, opContext );
}
catch ( NamingException ne )
{
@@ -761,14 +750,15 @@
}
- public void modify( LdapDN name, int modOp, Attributes mods ) throws NamingException
+ public void modify( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- head.modify( next, name, modOp, mods );
+ head.modify( next, opContext );
}
catch ( NamingException ne )
{
@@ -781,11 +771,12 @@
}
- public void modify( LdapDN name, ModificationItemImpl[] mods ) throws NamingException
+ /*public void modify( LdapDN name, ModificationItemImpl[] mods ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
head.modify( next, name, mods );
@@ -798,17 +789,18 @@
{
throwInterceptorException( head, e );
}
- }
+ }*/
- public NamingEnumeration list( LdapDN base ) throws NamingException
+ public NamingEnumeration list( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.list( next, base );
+ return head.list( next, opContext );
}
catch ( NamingException ne )
{
@@ -822,15 +814,16 @@
}
- public NamingEnumeration search( LdapDN base, Map env, ExprNode filter, SearchControls searchCtls )
+ public NamingEnumeration<SearchResult> search( OperationContext opContext )
throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.search( next, base, env, filter, searchCtls );
+ return head.search( next, opContext );
}
catch ( NamingException ne )
{
@@ -844,14 +837,15 @@
}
- public Attributes lookup( LdapDN name ) throws NamingException
+ public Attributes lookup( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.lookup( next, name );
+ return head.lookup( next, opContext );
}
catch ( NamingException ne )
{
@@ -865,14 +859,15 @@
}
- public Attributes lookup( LdapDN dn, String[] attrIds ) throws NamingException
+ public boolean hasEntry( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.lookup( next, dn, attrIds );
+ return head.hasEntry( next, opContext );
}
catch ( NamingException ne )
{
@@ -886,56 +881,15 @@
}
- public boolean hasEntry( LdapDN name ) throws NamingException
+ public void rename( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- return head.hasEntry( next, name );
- }
- catch ( NamingException ne )
- {
- throw ne;
- }
- catch ( Throwable e )
- {
- throwInterceptorException( head, e );
- throw new InternalError(); // Should be unreachable
- }
- }
-
-
- public boolean isSuffix( LdapDN name ) throws NamingException
- {
- Entry entry = getStartingEntry();
- Interceptor head = entry.configuration.getInterceptor();
- NextInterceptor next = entry.nextInterceptor;
- try
- {
- return head.isSuffix( next, name );
- }
- catch ( NamingException ne )
- {
- throw ne;
- }
- catch ( Throwable e )
- {
- throwInterceptorException( head, e );
- throw new InternalError(); // Should be unreachable
- }
- }
-
-
- public void modifyRn( LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
- {
- Entry entry = getStartingEntry();
- Interceptor head = entry.configuration.getInterceptor();
- NextInterceptor next = entry.nextInterceptor;
- try
- {
- head.modifyRn( next, name, newRn, deleteOldRn );
+ head.rename( next, opContext );
}
catch ( NamingException ne )
{
@@ -948,14 +902,15 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- head.move( next, oriChildName, newParentName );
+ head.move( next, opContext );
}
catch ( NamingException ne )
{
@@ -968,14 +923,15 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn ) throws NamingException
+ public void moveAndRename( OperationContext opContext ) throws NamingException
{
Entry entry = getStartingEntry();
Interceptor head = entry.configuration.getInterceptor();
NextInterceptor next = entry.nextInterceptor;
+
try
{
- head.move( next, oriChildName, newParentName, newRn, deleteOldRn );
+ head.moveAndRename( next, opContext );
}
catch ( NamingException ne )
{
@@ -1051,14 +1007,14 @@
}
- public boolean compare( LdapDN name, String oid, Object value ) throws NamingException
+ public boolean compare( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- return interceptor.compare( next.nextInterceptor, name, oid, value );
+ return interceptor.compare( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1072,14 +1028,14 @@
}
- public Attributes getRootDSE() throws NamingException
+ public Attributes getRootDSE( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- return interceptor.getRootDSE( next.nextInterceptor );
+ return interceptor.getRootDSE( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1093,14 +1049,14 @@
}
- public LdapDN getMatchedName ( LdapDN dn ) throws NamingException
+ public LdapDN getMatchedName( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- return interceptor.getMatchedName( next.nextInterceptor, dn );
+ return interceptor.getMatchedName( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1114,14 +1070,14 @@
}
- public LdapDN getSuffix ( LdapDN dn ) throws NamingException
+ public LdapDN getSuffix( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- return interceptor.getSuffix( next.nextInterceptor, dn );
+ return interceptor.getSuffix( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1135,14 +1091,14 @@
}
- public Iterator listSuffixes () throws NamingException
+ public Iterator listSuffixes( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- return interceptor.listSuffixes( next.nextInterceptor );
+ return interceptor.listSuffixes( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1156,14 +1112,14 @@
}
- public void delete( LdapDN name ) throws NamingException
+ public void delete( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- interceptor.delete( next.nextInterceptor, name );
+ interceptor.delete( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1176,14 +1132,14 @@
}
- public void add( LdapDN normName, Attributes entry ) throws NamingException
+ public void add( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- interceptor.add( next.nextInterceptor, normName, entry );
+ interceptor.add( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1196,14 +1152,14 @@
}
- public void modify( LdapDN name, int modOp, Attributes mods ) throws NamingException
+ public void modify( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- interceptor.modify( next.nextInterceptor, name, modOp, mods );
+ interceptor.modify( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1215,35 +1171,15 @@
}
}
-
- public void modify( LdapDN name, ModificationItemImpl[] mods ) throws NamingException
+
+ public NamingEnumeration list( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- interceptor.modify( next.nextInterceptor, name, mods );
- }
- catch ( NamingException ne )
- {
- throw ne;
- }
- catch ( Throwable e )
- {
- throwInterceptorException( interceptor, e );
- }
- }
-
-
- public NamingEnumeration list( LdapDN base ) throws NamingException
- {
- Entry next = getNextEntry();
- Interceptor interceptor = next.configuration.getInterceptor();
-
- try
- {
- return interceptor.list( next.nextInterceptor, base );
+ return interceptor.list( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1257,7 +1193,7 @@
}
- public NamingEnumeration search( LdapDN base, Map env, ExprNode filter, SearchControls searchCtls )
+ public NamingEnumeration<SearchResult> search( OperationContext opContext )
throws NamingException
{
Entry next = getNextEntry();
@@ -1265,7 +1201,7 @@
try
{
- return interceptor.search( next.nextInterceptor, base, env, filter, searchCtls );
+ return interceptor.search( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1279,14 +1215,14 @@
}
- public Attributes lookup( LdapDN name ) throws NamingException
+ public Attributes lookup( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- return interceptor.lookup( next.nextInterceptor, name );
+ return interceptor.lookup( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1300,14 +1236,14 @@
}
- public Attributes lookup( LdapDN dn, String[] attrIds ) throws NamingException
+ public boolean hasEntry( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- return interceptor.lookup( next.nextInterceptor, dn, attrIds );
+ return interceptor.hasEntry( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1321,56 +1257,14 @@
}
- public boolean hasEntry( LdapDN name ) throws NamingException
+ public void rename( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- return interceptor.hasEntry( next.nextInterceptor, name );
- }
- catch ( NamingException ne )
- {
- throw ne;
- }
- catch ( Throwable e )
- {
- throwInterceptorException( interceptor, e );
- throw new InternalError(); // Should be unreachable
- }
- }
-
-
- public boolean isSuffix( LdapDN name ) throws NamingException
- {
- Entry next = getNextEntry();
- Interceptor interceptor = next.configuration.getInterceptor();
-
- try
- {
- return interceptor.isSuffix( next.nextInterceptor, name );
- }
- catch ( NamingException ne )
- {
- throw ne;
- }
- catch ( Throwable e )
- {
- throwInterceptorException( interceptor, e );
- throw new InternalError(); // Should be unreachable
- }
- }
-
-
- public void modifyRn( LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
- {
- Entry next = getNextEntry();
- Interceptor interceptor = next.configuration.getInterceptor();
-
- try
- {
- interceptor.modifyRn( next.nextInterceptor, name, newRn, deleteOldRn );
+ interceptor.rename( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1383,14 +1277,14 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- interceptor.move( next.nextInterceptor, oriChildName, newParentName );
+ interceptor.move( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1403,7 +1297,7 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( OperationContext opContext )
throws NamingException
{
Entry next = getNextEntry();
@@ -1411,7 +1305,7 @@
try
{
- interceptor.move( next.nextInterceptor, oriChildName, newParentName, newRn, deleteOldRn );
+ interceptor.moveAndRename( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1424,15 +1318,14 @@
}
- public void bind( LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId )
- throws NamingException
+ public void bind( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
-
+
try
{
- interceptor.bind( next.nextInterceptor, bindDn, credentials, mechanisms, saslAuthId );
+ interceptor.bind( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1445,14 +1338,14 @@
}
- public void unbind( LdapDN bindDn ) throws NamingException
+ public void unbind( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- interceptor.unbind( next.nextInterceptor, bindDn );
+ interceptor.unbind( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1465,14 +1358,14 @@
}
- public void addContextPartition( PartitionConfiguration cfg ) throws NamingException
+ public void addContextPartition( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- interceptor.addContextPartition( next.nextInterceptor, cfg );
+ interceptor.addContextPartition( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
@@ -1486,14 +1379,14 @@
}
- public void removeContextPartition( LdapDN suffix ) throws NamingException
+ public void removeContextPartition( OperationContext opContext ) throws NamingException
{
Entry next = getNextEntry();
Interceptor interceptor = next.configuration.getInterceptor();
try
{
- interceptor.removeContextPartition( next.nextInterceptor, suffix );
+ interceptor.removeContextPartition( next.nextInterceptor, opContext );
}
catch ( NamingException ne )
{
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/NextInterceptor.java b/core/src/main/java/org/apache/directory/server/core/interceptor/NextInterceptor.java
index 4dadf9d..98b86ab 100644
--- a/core/src/main/java/org/apache/directory/server/core/interceptor/NextInterceptor.java
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/NextInterceptor.java
@@ -21,21 +21,16 @@
import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
-import org.apache.directory.server.core.configuration.PartitionConfiguration;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
-import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
-
/**
* Represents the next {@link Interceptor} in the interceptor chain.
*
@@ -47,134 +42,114 @@
public interface NextInterceptor
{
/**
- * Calls the next interceptor's {@link Interceptor#compare(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,String,Object)}.
+ * Calls the next interceptor's {@link Interceptor#compare( NextInterceptor, OperationContext )}.
*/
- boolean compare( LdapDN name, String oid, Object value ) throws NamingException;
+ boolean compare( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#getRootDSE(NextInterceptor)}.
+ * Calls the next interceptor's {@link Interceptor#getRootDSE( NextInterceptor, OperationContext )}.
*/
- Attributes getRootDSE() throws NamingException;
+ Attributes getRootDSE( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#getMatchedName(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN)}.
+ * Calls the next interceptor's {@link Interceptor#getMatchedName( NextInterceptor, OperationContext )}.
*/
- LdapDN getMatchedName ( LdapDN name ) throws NamingException;
+ LdapDN getMatchedName( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#getSuffix(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN)}.
+ * Calls the next interceptor's {@link Interceptor#getSuffix( NextInterceptor, OperationContext )}.
*/
- LdapDN getSuffix ( LdapDN name ) throws NamingException;
+ LdapDN getSuffix( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#listSuffixes(NextInterceptor)}.
+ * Calls the next interceptor's {@link Interceptor#listSuffixes( NextInterceptor, OperationContext )}.
*/
- Iterator listSuffixes () throws NamingException;
+ Iterator listSuffixes( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link PartitionNexus#addContextPartition(PartitionConfiguration)}.
+ * Calls the next interceptor's {@link PartitionNexus#addContextPartition( nextInterceptor, OperationContext )}.
*/
- void addContextPartition( PartitionConfiguration cfg ) throws NamingException;
+ void addContextPartition( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link PartitionNexus#removeContextPartition(org.apache.directory.shared.ldap.name.LdapDN)}.
+ * Calls the next interceptor's {@link PartitionNexus#removeContextPartition( NextInterceptor, OperationContext )}.
*/
- void removeContextPartition( LdapDN suffix ) throws NamingException;
+ void removeContextPartition( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#delete(NextInterceptor, org.apache.directory.shared.ldap.name.LdapDN)}.
+ * Calls the next interceptor's {@link Interceptor#delete(NextInterceptor, OperationContext )}.
*/
- void delete( LdapDN name ) throws NamingException;
+ void delete( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#add(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,javax.naming.directory.Attributes)}.
+ * Calls the next interceptor's {@link Interceptor#add( NextInterceptor, OperationContext )}.
*/
- void add(LdapDN normName, Attributes entry) throws NamingException;
+ void add( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#modify(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,int,javax.naming.directory.Attributes)}.
+ * Calls the next interceptor's {@link Interceptor#modify( NextInterceptor, OperationContext )}.
*/
- void modify( LdapDN name, int modOp, Attributes attributes ) throws NamingException;
+ void modify( OperationContext opContext ) throws NamingException;
+
+ /**
+ * Calls the next interceptor's {@link Interceptor#list( NextInterceptor, OperationContext )}.
+ */
+ NamingEnumeration list( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#modify(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,javax.naming.directory.ModificationItem[])}.
+ * Calls the next interceptor's {@link Interceptor#search( NextInterceptor, OperationContext opContext )}.
*/
- void modify( LdapDN name, ModificationItemImpl[] items ) throws NamingException;
-
-
- /**
- * Calls the next interceptor's {@link Interceptor#list(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN)}.
- */
- NamingEnumeration list( LdapDN baseName ) throws NamingException;
-
-
- /**
- * Calls the next interceptor's {@link Interceptor#search(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,java.util.Map,org.apache.directory.shared.ldap.filter.ExprNode,javax.naming.directory.SearchControls)}.
- */
- NamingEnumeration search( LdapDN baseName, Map environment, ExprNode filter, SearchControls searchControls )
+ NamingEnumeration<SearchResult> search( OperationContext opContext )
throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#lookup(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN)}.
+ * Calls the next interceptor's {@link Interceptor#lookup( NextInterceptor, OperationContext )}.
*/
- Attributes lookup( LdapDN name ) throws NamingException;
+ Attributes lookup( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#lookup(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,String[])}.
+ * Calls the next interceptor's {@link Interceptor#hasEntry( NextInterceptor, OperationContext )}.
*/
- Attributes lookup( LdapDN name, String[] attrIds ) throws NamingException;
+ boolean hasEntry( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#hasEntry(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN)}.
+ * Calls the next interceptor's {@link Interceptor#rename( NextInterceptor, OperationContext )}.
*/
- boolean hasEntry( LdapDN name ) throws NamingException;
+ void rename( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#isSuffix(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN)}.
+ * Calls the next interceptor's {@link Interceptor#move( NextInterceptor, OperationContext )}.
*/
- boolean isSuffix( LdapDN name ) throws NamingException;
+ void move( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#modifyRn(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,String,boolean)}.
+ * Calls the next interceptor's {@link Interceptor#moveAndRename( NextInterceptor, OperationContext )}.
*/
- void modifyRn( LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException;
+ void moveAndRename( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#move(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,org.apache.directory.shared.ldap.name.LdapDN)}.
+ * Calls the next interceptor's {@link Interceptor#bind( NextInterceptor, OperationContext )}
*/
- void move( LdapDN oldName, LdapDN newParentName ) throws NamingException;
-
+ void bind( OperationContext opContext ) throws NamingException;
/**
- * Calls the next interceptor's {@link Interceptor#move(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,org.apache.directory.shared.ldap.name.LdapDN,String,boolean)}.
+ * Calls the next interceptor's {@link Interceptor#unbind( NextInterceptor, OperationContext )}
*/
- void move( LdapDN oldName, LdapDN newParentName, String newRn, boolean deleteOldRn ) throws NamingException;
-
-
- /**
- * Calls the next interceptor's {@link Interceptor#bind(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN,byte[],java.util.List,String)}
- */
- void bind( LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId ) throws NamingException;
-
-
- /**
- * Calls the next interceptor's {@link Interceptor#unbind(NextInterceptor,org.apache.directory.shared.ldap.name.LdapDN)}
- */
- void unbind( LdapDN bindDn ) throws NamingException;
+ void unbind( OperationContext opContext ) throws NamingException;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/AbstractOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/AbstractOperationContext.java
new file mode 100644
index 0000000..bacde6b
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/AbstractOperationContext.java
@@ -0,0 +1,73 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * This abstract class stores common context elements, like the DN, which is used
+ * in all the contexts.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class AbstractOperationContext implements OperationContext
+{
+ /** The DN associated with the context */
+ private LdapDN dn;
+
+ /**
+ *
+ * Creates a new instance of AbstractOperationContext.
+ *
+ */
+ public AbstractOperationContext()
+ {
+ }
+
+ /**
+ *
+ * Creates a new instance of AbstractOperationContext.
+ *
+ * @param dn The associated DN
+ */
+ public AbstractOperationContext( LdapDN dn )
+ {
+ this.dn = dn;
+ }
+
+ /**
+ * @return The associated DN
+ */
+ public LdapDN getDn()
+ {
+ return dn;
+ }
+
+ /**
+ * Set the context DN
+ *
+ * @param dn The DN to set
+ */
+ public void setDn( LdapDN dn )
+ {
+ this.dn = dn;
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/AddContextPartitionOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/AddContextPartitionOperationContext.java
new file mode 100644
index 0000000..ed54188
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/AddContextPartitionOperationContext.java
@@ -0,0 +1,79 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.server.core.configuration.PartitionConfiguration;
+
+/**
+ * A AddContextPartition context used for Interceptors. It contains all the informations
+ * needed for the addContextPartition operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class AddContextPartitionOperationContext extends EmptyOperationContext
+{
+ /** The context partition configuration */
+ private PartitionConfiguration cfg;
+
+ /**
+ * Creates a new instance of AddContextPartitionOperationContext.
+ */
+ public AddContextPartitionOperationContext()
+ {
+ }
+
+ /**
+ * Creates a new instance of AddContextPartitionOperationContext.
+ *
+ * @param entryDn The partition configuration to add
+ */
+ public AddContextPartitionOperationContext( PartitionConfiguration cfg )
+ {
+ super();
+ this.cfg = cfg;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "AddContextPartitionOperationContext for partition context '" + cfg.getName() + "'";
+ }
+
+ /**
+ * @return The partition configuration
+ */
+ public PartitionConfiguration getCfg()
+ {
+ return cfg;
+ }
+
+ /**
+ * Set the partition configuration
+ *
+ * @param cfg The configuration
+ */
+ public void setCfg( PartitionConfiguration cfg )
+ {
+ this.cfg = cfg;
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/AddOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/AddOperationContext.java
new file mode 100644
index 0000000..8e5c5e7
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/AddOperationContext.java
@@ -0,0 +1,95 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import javax.naming.directory.Attributes;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.AttributeUtils;
+
+/**
+ * A Add context used for Interceptors. It contains all the informations
+ * needed for the add operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class AddOperationContext extends AbstractOperationContext
+{
+ /** The added Attribute */
+ private Attributes entry;
+
+ /**
+ *
+ * Creates a new instance of AddOperationContext.
+ *
+ */
+ public AddOperationContext()
+ {
+ super();
+ }
+
+ /**
+ *
+ * Creates a new instance of AddOperationContext.
+ *
+ */
+ public AddOperationContext( LdapDN dn )
+ {
+ super( dn );
+ }
+
+ /**
+ *
+ * Creates a new instance of ModifyOperationContext.
+ *
+ */
+ public AddOperationContext( LdapDN dn, Attributes entry )
+ {
+ super( dn );
+ this.entry = entry;
+ }
+
+ /**
+ * @return The added attributes
+ */
+ public Attributes getEntry()
+ {
+ return entry;
+ }
+
+ /**
+ * Set the added attributes
+ * @param entry The added attributes
+ */
+ public void setEntry( Attributes entry )
+ {
+ this.entry = entry;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "AddContext for DN '" + getDn().getUpName() + "'" +
+ ", added entry: " + AttributeUtils.toString( entry );
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/BindOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/BindOperationContext.java
new file mode 100644
index 0000000..94e03fc
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/BindOperationContext.java
@@ -0,0 +1,93 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import java.util.List;
+
+import org.apache.directory.shared.ldap.util.StringTools;
+
+/**
+ * A Bind context used for Interceptors. It contains all the informations
+ * needed for the bind operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class BindOperationContext extends AbstractOperationContext
+{
+ /** The list of supported mechanisms */
+ private List<String> mechanisms;
+
+ /** The password */
+ private byte[] credentials;
+
+ /** The SASL identifier */
+ private String saslAuthId;
+
+ /**
+ * @return The list of supported mechanisms
+ */
+ public List<String> getMechanisms()
+ {
+ return mechanisms;
+ }
+
+ public void setMechanisms( List<String> mechanisms )
+ {
+ this.mechanisms = mechanisms;
+ }
+
+ /**
+ * @return The principal password
+ */
+ public byte[] getCredentials()
+ {
+ return credentials;
+ }
+
+ public void setCredentials( byte[] credentials )
+ {
+ this.credentials = credentials;
+ }
+
+ /**
+ * @return The SASL authentication ID
+ */
+ public String getSaslAuthId()
+ {
+ return saslAuthId;
+ }
+
+ public void setSaslAuthId( String saslAuthId )
+ {
+ this.saslAuthId = saslAuthId;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "BindContext for DN '" + getDn().getUpName() + "', credentials <" +
+ ( credentials != null ? StringTools.dumpBytes( credentials ) : "" ) + ">" +
+ ( ( mechanisms != null ) ? ", mechanisms : <" + StringTools.listToString( mechanisms ) + ">" : "" ) +
+ ( saslAuthId != null ? ", saslAuthId <" + saslAuthId + ">" : "" );
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/CompareOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/CompareOperationContext.java
new file mode 100644
index 0000000..06046ac
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/CompareOperationContext.java
@@ -0,0 +1,144 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.StringTools;
+
+/**
+ * A Compare context used for Interceptors. It contains all the informations
+ * needed for the compare operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class CompareOperationContext extends AbstractOperationContext
+{
+ /** The entry OID */
+ private String oid;
+
+ /** The value to be compared */
+ private Object value;
+
+ /**
+ *
+ * Creates a new instance of CompareOperationContext.
+ *
+ */
+ public CompareOperationContext()
+ {
+ super();
+ }
+
+ /**
+ *
+ * Creates a new instance of CompareOperationContext.
+ *
+ */
+ public CompareOperationContext( LdapDN dn )
+ {
+ super( dn );
+ }
+
+ /**
+ *
+ * Creates a new instance of LookupOperationContext.
+ *
+ */
+ public CompareOperationContext( String oid )
+ {
+ super();
+ this.oid = oid;
+ }
+
+ /**
+ *
+ * Creates a new instance of LookupOperationContext.
+ *
+ */
+ public CompareOperationContext( LdapDN dn, String oid )
+ {
+ super( dn );
+ this.oid = oid;
+ }
+
+ /**
+ *
+ * Creates a new instance of LookupOperationContext.
+ *
+ */
+ public CompareOperationContext( LdapDN dn, String oid, Object value )
+ {
+ super( dn );
+ this.oid = oid;
+ this.value = value;
+ }
+
+ /**
+ * @return The compared OID
+ */
+ public String getOid()
+ {
+ return oid;
+ }
+
+ /**
+ * Set the compared OID
+ * @param oid The compared OID
+ */
+ public void setOid( String oid )
+ {
+ this.oid = oid;
+ }
+
+ /**
+ * @return The value to compare
+ */
+ public Object getValue()
+ {
+ return value;
+ }
+
+ /**
+ * Set the value to compare
+ * @param value The value to compare
+ */
+ public void setValue( Object value )
+ {
+ this.value = value;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "CompareContext for DN '" + getDn().getUpName() + "'" +
+ ( ( oid != null ) ? ", oid : <" + oid + ">" : "" ) +
+ ( ( value != null ) ? ", value :'" +
+ ( ( value instanceof String ) ?
+ value :
+ ( ( value instanceof byte[] ) ?
+ StringTools.dumpBytes( (byte[])value ) :
+ "unknown value type" ) )
+ + "'"
+ : "" );
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/DeleteOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/DeleteOperationContext.java
new file mode 100644
index 0000000..d49c2a6
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/DeleteOperationContext.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A Delete context used for Interceptors. It contains all the informations
+ * needed for the delete operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class DeleteOperationContext extends AbstractOperationContext
+{
+ /**
+ * Creates a new instance of DeleteOperationContext.
+ */
+ public DeleteOperationContext()
+ {
+ super();
+ }
+
+ /**
+ * Creates a new instance of DeleteOperationContext.
+ *
+ * @param deleteDn The entry DN to delete
+ */
+ public DeleteOperationContext( LdapDN deleteDn )
+ {
+ super( deleteDn );
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "DeleteContext for DN '" + getDn().getUpName() + "'";
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/EmptyOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/EmptyOperationContext.java
new file mode 100644
index 0000000..be72e37
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/EmptyOperationContext.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * An EmptySuffix context used for Interceptors. It contains no data, and mask
+ * the DN in AbstractOperationContext
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class EmptyOperationContext implements OperationContext
+{
+ /**
+ * Creates a new instance of EmptyOperationContext.
+ */
+ public EmptyOperationContext()
+ {
+ super();
+ }
+
+ /**
+ * @return The associated DN
+ */
+ public LdapDN getDn()
+ {
+ return LdapDN.EMPTY_LDAPDN;
+ }
+
+ /**
+ * Set the context DN
+ *
+ * @param dn The DN to set
+ */
+ public void setDn( LdapDN dn )
+ {
+ // do nothing
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "EmptyOperationContext";
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/EntryOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/EntryOperationContext.java
new file mode 100644
index 0000000..8fae3b3
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/EntryOperationContext.java
@@ -0,0 +1,57 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A Entry context used for Interceptors. It contains all the informations
+ * needed for the hasEntry operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class EntryOperationContext extends AbstractOperationContext
+{
+ /**
+ * Creates a new instance of EntryOperationContext.
+ */
+ public EntryOperationContext()
+ {
+ }
+
+ /**
+ * Creates a new instance of EntryOperationContext.
+ *
+ * @param entryDn The Entry DN to unbind
+ */
+ public EntryOperationContext( LdapDN entryDn )
+ {
+ super( entryDn );
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "EntryContext for DN '" + getDn().getUpName() + "'";
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/GetMatchedNameOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/GetMatchedNameOperationContext.java
new file mode 100644
index 0000000..184944f
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/GetMatchedNameOperationContext.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A GetMatchedName context used for Interceptors. It contains all the informations
+ * needed for the getMatchedName operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class GetMatchedNameOperationContext extends AbstractOperationContext
+{
+ /**
+ * Creates a new instance of GetMatchedNameOperationContext.
+ */
+ public GetMatchedNameOperationContext()
+ {
+ super();
+ }
+
+ /**
+ * Creates a new instance of GetMatchedNameOperationContext.
+ *
+ * @param dn The DN to match
+ */
+ public GetMatchedNameOperationContext( LdapDN dn )
+ {
+ super( dn );
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "GetMatchedNameContext with DN '" + getDn().getUpName() + "'";
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/GetRootDSEOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/GetRootDSEOperationContext.java
new file mode 100644
index 0000000..9eca5de
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/GetRootDSEOperationContext.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A GetRootDSE context used for Interceptors. It contains all the informations
+ * needed for the getRootDSE operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class GetRootDSEOperationContext extends AbstractOperationContext
+{
+ /**
+ * Creates a new instance of GetRootDSEOperationContext.
+ */
+ public GetRootDSEOperationContext()
+ {
+ super();
+ }
+
+ /**
+ * Creates a new instance of GetRootDSEOperationContext.
+ *
+ * @param dn The entry DN used to get the rootDSE
+ */
+ public GetRootDSEOperationContext( LdapDN dn )
+ {
+ super( dn );
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "GetRootDSEContext with DN '" + getDn().getUpName() + "'";
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/GetSuffixOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/GetSuffixOperationContext.java
new file mode 100644
index 0000000..b13677f
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/GetSuffixOperationContext.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A GetSuffix context used for Interceptors. It contains all the informations
+ * needed for the GetSuffix operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class GetSuffixOperationContext extends AbstractOperationContext
+{
+ /**
+ * Creates a new instance of GetSuffixOperationContext.
+ */
+ public GetSuffixOperationContext()
+ {
+ super();
+ }
+
+ /**
+ * Creates a new instance of GetSuffixOperationContext.
+ *
+ * @param dn The DN to get the suffix from
+ */
+ public GetSuffixOperationContext( LdapDN dn )
+ {
+ super( dn );
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "GetSuffixOperationContext with DN '" + getDn().getUpName() + "'";
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/ListOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/ListOperationContext.java
new file mode 100644
index 0000000..186e70f
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/ListOperationContext.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A ListContext context used for Interceptors. It contains all the informations
+ * needed for the List operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class ListOperationContext extends AbstractOperationContext
+{
+ /**
+ * Creates a new instance of ListOperationContext.
+ */
+ public ListOperationContext()
+ {
+ super();
+ }
+
+ /**
+ * Creates a new instance of ListOperationContext.
+ *
+ * @param dn The DN to get the suffix from
+ */
+ public ListOperationContext( LdapDN dn )
+ {
+ super( dn );
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "ListOperationContext with DN '" + getDn().getUpName() + "'";
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/LookupOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/LookupOperationContext.java
new file mode 100644
index 0000000..e4a5424
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/LookupOperationContext.java
@@ -0,0 +1,217 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.StringTools;
+
+/**
+ * A Lookup context used for Interceptors. It contains all the informations
+ * needed for the lookup operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class LookupOperationContext extends AbstractOperationContext
+{
+ /** The list of attributes id to return */
+ private List<String> attrsId;
+
+ /** The list of attributes OIDs for attributes to be returned */
+ private List<String> attrsOid;
+
+ /**
+ *
+ * Creates a new instance of LookupOperationContext.
+ *
+ */
+ public LookupOperationContext()
+ {
+ super();
+ }
+
+ /**
+ *
+ * Creates a new instance of LookupOperationContext.
+ *
+ */
+ public LookupOperationContext( LdapDN dn )
+ {
+ super( dn );
+ }
+
+ /**
+ *
+ * Creates a new instance of LookupOperationContext.
+ *
+ */
+ public LookupOperationContext( String attrsId[] )
+ {
+ super();
+ this.attrsId = new ArrayList<String>();
+ attrsOid = new ArrayList<String>();
+ setAttrsId( attrsId );
+ }
+
+ /**
+ *
+ * Creates a new instance of LookupOperationContext.
+ *
+ */
+ public LookupOperationContext( LdapDN dn, String attrsId[] )
+ {
+ super( dn );
+ this.attrsId = new ArrayList<String>();
+ attrsOid = new ArrayList<String>();
+ setAttrsId( attrsId );
+ }
+
+ /**
+ * @return Get the attribute ids as a String array
+ */
+ public String[] getAttrsIdArray()
+ {
+ String[] attrs = new String[ attrsId.size()];
+ return attrsId.toArray( attrs );
+ }
+
+ /**
+ * Set the attribute Ids
+ *
+ * @param attrsId The String array containing all the attribute IDs
+ */
+ public void setAttrsId( String[] attrsId )
+ {
+ if ( attrsId == null )
+ {
+ this.attrsId = new ArrayList<String>();
+ }
+ else
+ {
+ this.attrsId = new ArrayList<String>( Arrays.asList( attrsId ) );
+ }
+ }
+
+ /**
+ * @return Get the attribute oids as a String array
+ */
+ public String[] getAttrsOidArray()
+ {
+ String[] attrs = new String[ attrsId.size()];
+ return attrsOid.toArray( attrs );
+ }
+
+ /**
+ * Set the attribute oIds
+ *
+ * @param attrsId The String array containing all the attribute OIDs
+ */
+ public void setAttrsOid( String[] attrsOid )
+ {
+ if ( attrsOid == null )
+ {
+ this.attrsOid = new ArrayList<String>();
+ }
+ else
+ {
+ this.attrsOid = new ArrayList<String>( Arrays.asList( attrsOid ) );
+ }
+ }
+
+ /**
+ * Add an attribute OID to the current list, creating the list if necessary
+ *
+ * @param attrOid The oid to add
+ */
+ public void addAttrsOid( String attrOid )
+ {
+ if ( attrsOid == null )
+ {
+ attrsOid = new ArrayList<String>();
+ }
+
+ attrsOid.add( attrOid );
+ }
+
+ /**
+ * Add an attribute ID to the current list, creating the list if necessary
+ *
+ * @param attrId the Id to add
+ */
+ public void addAttrsId( String attrId )
+ {
+ if ( attrsId == null )
+ {
+ attrsId = new ArrayList<String>();
+ }
+
+ attrsId.add( attrId );
+ }
+
+ /**
+ * Add an attribute ID and OID to the current lists, creating the lists if necessary
+ *
+ * @param attrId the Id to add
+ * @param attrOid The oid to add
+ */
+ public void addAttrs( String attrId, String attrOid )
+ {
+ if ( attrsId == null )
+ {
+ attrsId = new ArrayList<String>();
+ }
+
+ if ( attrsOid == null )
+ {
+ attrsOid = new ArrayList<String>();
+ }
+
+ attrsId.add( attrId );
+ attrsOid.add( attrOid );
+ }
+
+ /**
+ * @return The attribute IDs list
+ */
+ public List<String> getAttrsId()
+ {
+ return attrsId;
+ }
+
+ /**
+ * @return The attribute OIDs list
+ */
+ public List<String> getAttrsOid()
+ {
+ return attrsOid;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "LookupContext for DN '" + getDn().getUpName() + "'" + ( ( attrsId != null ) ? ", attributes : <" + StringTools.listToString( attrsId ) + ">" : "" );
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/ModifyOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/ModifyOperationContext.java
new file mode 100644
index 0000000..1fe9232
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/ModifyOperationContext.java
@@ -0,0 +1,113 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.ModificationItem;
+
+import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A Modify context used for Interceptors. It contains all the informations
+ * needed for the modify operation, and used by all the interceptors
+ *
+ * This context can use either Attributes or ModificationItem, but not both.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class ModifyOperationContext extends AbstractOperationContext
+{
+ /** The modification items */
+ private ModificationItemImpl[] modItems;
+
+ /**
+ *
+ * Creates a new instance of ModifyOperationContext.
+ *
+ */
+ public ModifyOperationContext()
+ {
+ super();
+ }
+
+ /**
+ *
+ * Creates a new instance of ModifyOperationContext.
+ *
+ */
+ public ModifyOperationContext( LdapDN dn, ModificationItemImpl[] modItems )
+ {
+ super( dn );
+ this.modItems = modItems;
+ }
+
+ /**
+ * Set the modified attributes
+ * @param value The modified attributes
+ */
+ public void setModItems( ModificationItemImpl[] modItems )
+ {
+ this.modItems = modItems;
+ }
+
+ /**
+ * @return The modifications
+ */
+ public ModificationItemImpl[] getModItems()
+ {
+ return modItems;
+ }
+
+ public static ModificationItemImpl[] createModItems( Attributes attributes, int modOp ) throws NamingException
+ {
+ ModificationItemImpl[] items = new ModificationItemImpl[attributes.size()];
+ NamingEnumeration e = attributes.getAll();
+ int i = 0;
+
+ while ( e.hasMore() )
+ {
+ items[i++] = new ModificationItemImpl( modOp, ( Attribute ) e.next() );
+ }
+
+ return items;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ StringBuilder sb = new StringBuilder();
+
+ sb.append("ModifyContext for DN '").append( getDn().getUpName() ).append( "', modifications :\n" );
+
+ for ( ModificationItem mod:modItems )
+ {
+ sb.append( mod ).append( '\n' );
+ }
+
+ return sb.toString();
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/MoveAndRenameOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/MoveAndRenameOperationContext.java
new file mode 100644
index 0000000..7f599bc
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/MoveAndRenameOperationContext.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A Move And Rename context used for Interceptors. It contains all the informations
+ * needed for the modify DN operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class MoveAndRenameOperationContext extends RenameOperationContext
+{
+ /** The parent DN */
+ private LdapDN parent;
+
+ /**
+ *
+ * Creates a new instance of MoveAndRenameOperationContext.
+ *
+ */
+ public MoveAndRenameOperationContext()
+ {
+ super();
+ }
+
+ /**
+ *
+ * Creates a new instance of MoveAndRenameOperationContext.
+ *
+ */
+ public MoveAndRenameOperationContext( LdapDN oldDn, LdapDN parent, String newRdn, boolean delOldDn )
+ {
+ super( oldDn, newRdn, delOldDn );
+ this.parent = parent;
+ }
+
+ /**
+ * @return The parent DN
+ */
+ public LdapDN getParent()
+ {
+ return parent;
+ }
+
+ /**
+ * Set the parent DN
+ *
+ * @param parent The parent
+ */
+ public void setParent( LdapDN parent )
+ {
+ this.parent = parent;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "ReplaceContext for old DN '" + getDn().getUpName() + "'" +
+ ", parent '" + parent + "'";
+ }
+
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/MoveOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/MoveOperationContext.java
new file mode 100644
index 0000000..ba807ae
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/MoveOperationContext.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A Move context used for Interceptors. It contains all the informations
+ * needed for the modify DN operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class MoveOperationContext extends AbstractOperationContext
+{
+ /** The parent DN */
+ private LdapDN parent;
+
+ /**
+ *
+ * Creates a new instance of MoveOperationContext.
+ *
+ */
+ public MoveOperationContext()
+ {
+ super();
+ }
+
+ /**
+ *
+ * Creates a new instance of MoveOperationContext.
+ *
+ */
+ public MoveOperationContext( LdapDN oldDn, LdapDN parent )
+ {
+ super( oldDn );
+ this.parent = parent;
+ }
+
+ /**
+ * @return The parent DN
+ */
+ public LdapDN getParent()
+ {
+ return parent;
+ }
+
+ /**
+ * Set the parent DN
+ *
+ * @param parent The parent
+ */
+ public void setParent( LdapDN parent )
+ {
+ this.parent = parent;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "ReplaceContext for old DN '" + getDn().getUpName() + "'" +
+ ", parent '" + parent + "'";
+ }
+
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcEncryption.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/OperationContext.java
similarity index 64%
copy from kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcEncryption.java
copy to core/src/main/java/org/apache/directory/server/core/interceptor/context/OperationContext.java
index 2523fda..2b97ff7 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcEncryption.java
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/OperationContext.java
@@ -17,39 +17,29 @@
* under the License.
*
*/
-package org.apache.directory.server.kerberos.shared.crypto.encryption;
+package org.apache.directory.server.core.interceptor.context;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.DESEngine;
-
+import org.apache.directory.shared.ldap.name.LdapDN;
/**
+ * This interface represent the context passed as an argument to each interceptor.
+ * It will contain data used by all the operations.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public abstract class DesCbcEncryption extends EncryptionEngine
+public interface OperationContext
{
- public BlockCipher getBlockCipher()
- {
- return new DESEngine();
- }
+ /**
+ * @return The associated DN
+ */
+ LdapDN getDn();
+
+ /**
+ * Set the context DN
+ *
+ * @param dn The DN to set
+ */
+ void setDn( LdapDN dn );
-
- public CipherType keyType()
- {
- return CipherType.DES;
- }
-
-
- public int blockSize()
- {
- return 8;
- }
-
-
- public int keySize()
- {
- return 8;
- }
}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/RemoveContextPartitionOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/RemoveContextPartitionOperationContext.java
new file mode 100644
index 0000000..3c81a0c
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/RemoveContextPartitionOperationContext.java
@@ -0,0 +1,57 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A RemoveContextPartition context used for Interceptors. It contains all the informations
+ * needed for the removeContextPartition operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class RemoveContextPartitionOperationContext extends AbstractOperationContext
+{
+ /**
+ * Creates a new instance of RemoveContextPartitionOperationContext.
+ */
+ public RemoveContextPartitionOperationContext()
+ {
+ }
+
+ /**
+ * Creates a new instance of RemoveContextPartitionOperationContext.
+ *
+ * @param entryDn The Entry DN from which the partition should be removed
+ */
+ public RemoveContextPartitionOperationContext( LdapDN dn )
+ {
+ super( dn );
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "RemoveContextPartitionOperationContext for DN '" + getDn().getUpName() + "'";
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/RenameOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/RenameOperationContext.java
new file mode 100644
index 0000000..e6056b2
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/RenameOperationContext.java
@@ -0,0 +1,106 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A RenameService context used for Interceptors. It contains all the informations
+ * needed for the modify DN operation, and used by all the interceptors
+ *
+ * This is used whne the modifyDN is about changing the RDN, not the base DN.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class RenameOperationContext extends AbstractOperationContext
+{
+ /** The new DN */
+ private String newRdn;
+
+ /** The flag to remove the old DN Attribute */
+ private boolean delOldDn;
+
+ /**
+ *
+ * Creates a new instance of RenameOperationContext.
+ *
+ */
+ public RenameOperationContext()
+ {
+ super();
+ }
+
+ /**
+ *
+ * Creates a new instance of RenameOperationContext.
+ *
+ */
+ public RenameOperationContext( LdapDN oldDn, String newRdn, boolean delOldDn )
+ {
+ super( oldDn );
+ this.newRdn = newRdn;
+ this.delOldDn = delOldDn;
+ }
+
+ /**
+ * @return The delete old DN flag
+ */
+ public boolean getDelOldDn()
+ {
+ return delOldDn;
+ }
+
+ /**
+ * Set the flag to delete the old DN
+ * @param delOldDn the flag to set
+ */
+ public void setDelOldDn( boolean delOldDn )
+ {
+ this.delOldDn = delOldDn;
+ }
+
+ /**
+ * @return The new RDN
+ */
+ public String getNewRdn()
+ {
+ return newRdn;
+ }
+
+ /**
+ * Set the new RDN
+ * @param newDn The new RDN
+ */
+ public void setNewRdn( String newRdn )
+ {
+ this.newRdn = newRdn;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "RenameContext for old DN '" + getDn().getUpName() + "'" +
+ ", new RDN '" + newRdn + "'" +
+ ( delOldDn ? ", delete old Dn" : "" ) ;
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/ReplaceOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/ReplaceOperationContext.java
new file mode 100644
index 0000000..cedf3e1
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/ReplaceOperationContext.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A Replace context used for Interceptors. It contains all the informations
+ * needed for the modify DN operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class ReplaceOperationContext extends AbstractOperationContext
+{
+ /** The parent DN */
+ private LdapDN parent;
+
+ /**
+ *
+ * Creates a new instance of ReplaceOperationContext.
+ *
+ */
+ public ReplaceOperationContext()
+ {
+ super();
+ }
+
+ /**
+ *
+ * Creates a new instance of ReplaceOperationContext.
+ *
+ */
+ public ReplaceOperationContext( LdapDN oldDn, LdapDN parent )
+ {
+ super( oldDn );
+ this.parent = parent;
+ }
+
+ /**
+ * @return The parent DN
+ */
+ public LdapDN getParent()
+ {
+ return parent;
+ }
+
+ /**
+ * Set the parent DN
+ *
+ * @param parent The parent
+ */
+ public void setParent( LdapDN parent )
+ {
+ this.parent = parent;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "ReplaceContext for old DN '" + getDn().getUpName() + "'" +
+ ", parent '" + parent + "'";
+ }
+
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/SearchOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/SearchOperationContext.java
new file mode 100644
index 0000000..38a4d33
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/SearchOperationContext.java
@@ -0,0 +1,109 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import java.util.Map;
+
+import javax.naming.directory.SearchControls;
+
+import org.apache.directory.shared.ldap.filter.ExprNode;
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A Search context used for Interceptors. It contains all the informations
+ * needed for the search operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class SearchOperationContext extends AbstractOperationContext
+{
+ /** The search environment type */
+ private Map env;
+
+ /** The filter */
+ private ExprNode filter;
+
+ /** The controls */
+ private SearchControls searchControls;
+
+ /**
+ *
+ * Creates a new instance of SearchOperationContext.
+ *
+ */
+ public SearchOperationContext()
+ {
+ super();
+ }
+
+ /**
+ *
+ * Creates a new instance of SearchOperationContext.
+ *
+ */
+ public SearchOperationContext( LdapDN dn, Map env, ExprNode filter, SearchControls searchControls )
+ {
+ super( dn );
+ this.env = env;
+ this.filter = filter;
+ this.searchControls = searchControls;
+ }
+
+ public Map getEnv()
+ {
+ return env;
+ }
+
+ public void setEnv( Map env )
+ {
+ this.env = env;
+ }
+
+ public ExprNode getFilter()
+ {
+ return filter;
+ }
+
+ public void setFilter( ExprNode filter )
+ {
+ this.filter = filter;
+ }
+
+ public SearchControls getSearchControls()
+ {
+ return searchControls;
+ }
+
+ public void setSearchControls( SearchControls searchControls )
+ {
+ this.searchControls = searchControls;
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "SearchContext for DN '" + getDn().getUpName() + "', filter :'"
+ + filter + "'";
+ }
+
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/interceptor/context/UnbindOperationContext.java b/core/src/main/java/org/apache/directory/server/core/interceptor/context/UnbindOperationContext.java
new file mode 100644
index 0000000..9b1d801
--- /dev/null
+++ b/core/src/main/java/org/apache/directory/server/core/interceptor/context/UnbindOperationContext.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.core.interceptor.context;
+
+import org.apache.directory.shared.ldap.name.LdapDN;
+
+/**
+ * A Unbind context used for Interceptors. It contains all the informations
+ * needed for the unbind operation, and used by all the interceptors
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class UnbindOperationContext extends AbstractOperationContext
+{
+ /**
+ * Creates a new instance of UnbindOperationContext.
+ */
+ public UnbindOperationContext()
+ {
+ super();
+ }
+
+ /**
+ * Creates a new instance of UnbindOperationContext.
+ *
+ * @param unbindDn The principal DN to unbind
+ */
+ public UnbindOperationContext( LdapDN unbindDn )
+ {
+ super( unbindDn );
+ }
+
+ /**
+ * @see Object#toString()
+ */
+ public String toString()
+ {
+ return "UnbindContext for DN '" + getDn().getUpName() + "'";
+ }
+}
diff --git a/core/src/main/java/org/apache/directory/server/core/invocation/InvocationStack.java b/core/src/main/java/org/apache/directory/server/core/invocation/InvocationStack.java
index a681d39..cab752f 100644
--- a/core/src/main/java/org/apache/directory/server/core/invocation/InvocationStack.java
+++ b/core/src/main/java/org/apache/directory/server/core/invocation/InvocationStack.java
@@ -21,6 +21,7 @@
import java.util.ArrayList;
+import java.util.Collections;
import java.util.IdentityHashMap;
import java.util.List;
import java.util.Map;
@@ -45,8 +46,11 @@
// I didn't use ThreadLocal to release contexts explicitly.
// It seems like JDK 1.5 supports explicit release by introducing
// <tt>ThreadLocal.remove()</tt>, but we're still targetting 1.4.
- private static final Map stacks = new IdentityHashMap();
+ private static final Map<Thread, InvocationStack> stacks =
+ Collections.synchronizedMap( new IdentityHashMap<Thread, InvocationStack>() );
+ private final Thread thread;
+ private final List<Invocation> stack = new ArrayList<Invocation>();
/**
* Returns the invocation stack of current thread.
@@ -55,26 +59,19 @@
{
Thread currentThread = Thread.currentThread();
InvocationStack ctx;
- synchronized ( stacks )
+ ctx = stacks.get( currentThread );
+
+ if ( ctx == null )
{
- ctx = ( InvocationStack ) stacks.get( currentThread );
- if ( ctx == null )
- {
- ctx = new InvocationStack();
- }
+ ctx = new InvocationStack( currentThread );
}
+
return ctx;
}
- private final Thread thread;
- private final List stack = new ArrayList();
-
-
- private InvocationStack()
+ private InvocationStack( Thread currentThread )
{
- Thread currentThread = Thread.currentThread();
- this.thread = currentThread;
- // This operation is already synchronized from getInstance()
+ thread = currentThread;
stacks.put( currentThread, this );
}
@@ -86,7 +83,7 @@
public Invocation[] toArray()
{
Invocation[] result = new Invocation[stack.size()];
- result = ( Invocation[] ) stack.toArray( result );
+ result = stack.toArray( result );
return result;
}
@@ -96,7 +93,7 @@
*/
public Invocation peek()
{
- return ( Invocation ) this.stack.get( 0 );
+ return stack.get( 0 );
}
@@ -105,7 +102,7 @@
*/
public boolean isEmpty()
{
- return this.stack.isEmpty();
+ return stack.isEmpty();
}
@@ -114,7 +111,7 @@
*/
public void push( Invocation invocation )
{
- this.stack.add( 0, invocation );
+ stack.add( 0, invocation );
}
@@ -124,13 +121,11 @@
*/
public Invocation pop()
{
- Invocation invocation = ( Invocation ) this.stack.remove( 0 );
- if ( this.stack.size() == 0 )
+ Invocation invocation = stack.remove( 0 );
+
+ if ( stack.size() == 0 )
{
- synchronized ( stacks )
- {
- stacks.remove( thread );
- }
+ stacks.remove( thread );
}
return invocation;
diff --git a/core/src/main/java/org/apache/directory/server/core/jndi/AbstractContextFactory.java b/core/src/main/java/org/apache/directory/server/core/jndi/AbstractContextFactory.java
index 3b3d293..2bddcfd 100644
--- a/core/src/main/java/org/apache/directory/server/core/jndi/AbstractContextFactory.java
+++ b/core/src/main/java/org/apache/directory/server/core/jndi/AbstractContextFactory.java
@@ -36,6 +36,8 @@
import org.apache.directory.server.core.configuration.ShutdownConfiguration;
import org.apache.directory.server.core.configuration.StartupConfiguration;
import org.apache.directory.server.core.configuration.SyncConfiguration;
+import org.apache.directory.server.core.interceptor.context.AddContextPartitionOperationContext;
+import org.apache.directory.server.core.interceptor.context.RemoveContextPartitionOperationContext;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.util.StringTools;
@@ -71,6 +73,8 @@
*/
public abstract class AbstractContextFactory implements InitialContextFactory, DirectoryServiceListener
{
+ //TM private static long cumul = 0L;
+ //TM private static long count = 0;
// ------------------------------------------------------------------------
// Members
// ------------------------------------------------------------------------
@@ -85,6 +89,7 @@
public final synchronized Context getInitialContext( Hashtable env ) throws NamingException
{
+ //TM long t0 = System.nanoTime();
Configuration cfg = Configuration.toConfiguration( env );
env = ( Hashtable ) env.clone();
@@ -119,23 +124,36 @@
}
else if ( cfg instanceof AddPartitionConfiguration )
{
- new PartitionNexusProxy(
- service.getJndiContext( principalDn, principal, credential, authentication, "" ),
- service ).addContextPartition( ( ( AddPartitionConfiguration ) cfg )
- .getDirectoryPartitionConfiguration() );
+ AddContextPartitionOperationContext ctxPartition =
+ new AddContextPartitionOperationContext( ( ( AddPartitionConfiguration ) cfg ).getDirectoryPartitionConfiguration() );
+
+ Context ctx = service.getJndiContext( principalDn, principal, credential, authentication, "" );
+
+ new PartitionNexusProxy( ctx, service ).addContextPartition( ctxPartition );
}
else if ( cfg instanceof RemovePartitionConfiguration )
{
Context ctx = service.getJndiContext( principalDn, principal, credential, authentication, "" );
PartitionNexusProxy proxy = new PartitionNexusProxy( ctx, service );
- proxy.removeContextPartition( ( ( RemovePartitionConfiguration ) cfg ).getSuffix() );
+ proxy.removeContextPartition(
+ new RemoveContextPartitionOperationContext( ( ( RemovePartitionConfiguration ) cfg ).getSuffix() ) );
}
else if ( service == null )
{
throw new NamingException( "Unknown configuration: " + cfg );
}
- return service.getJndiContext( principalDn, principal, credential, authentication, providerUrl );
+ Context context = service.getJndiContext( principalDn, principal, credential, authentication, providerUrl );
+ //TM long t1 = System.nanoTime();
+ //TM cumul += (t1 - t0)/1000;
+ //TM count++;
+
+ //TM if ( count % 1000 == 0)
+ //TM {
+ //TM System.out.println( "getInitialContext cost : " + (cumul/count) );
+ //TM }
+
+ return context;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/jndi/JavaLdapSupport.java b/core/src/main/java/org/apache/directory/server/core/jndi/JavaLdapSupport.java
index 8470123..a0c4057 100644
--- a/core/src/main/java/org/apache/directory/server/core/jndi/JavaLdapSupport.java
+++ b/core/src/main/java/org/apache/directory/server/core/jndi/JavaLdapSupport.java
@@ -20,6 +20,7 @@
package org.apache.directory.server.core.jndi;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import java.io.ByteArrayInputStream;
@@ -48,12 +49,8 @@
// Attribute Id Constants Used By The Java LDAP BootstrapSchema
// ------------------------------------------------------------------------
- /** objectClass attribute for top */
- public static final String TOP_ATTR = "top";
/** the javaObject attribute */
public static final String JOBJECT_ATTR = "javaObject";
- /** the objectClass attribute */
- public static final String OBJECTCLASS_ATTR = "objectClass";
/** the javaContainer attribute */
public static final String JCONTAINER_ATTR = "javaContainer";
/** the javaSerializedObject attribute */
@@ -173,8 +170,8 @@
* objectClass: javaContainer
* objectClass: javaSerializedObject
*/
- Attribute objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( TOP_ATTR );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
objectClass.add( JOBJECT_ATTR );
objectClass.add( JCONTAINER_ATTR );
objectClass.add( JSERIALIZEDOBJ_ATTR );
diff --git a/core/src/main/java/org/apache/directory/server/core/jndi/ServerContext.java b/core/src/main/java/org/apache/directory/server/core/jndi/ServerContext.java
index 498449f..d795680 100644
--- a/core/src/main/java/org/apache/directory/server/core/jndi/ServerContext.java
+++ b/core/src/main/java/org/apache/directory/server/core/jndi/ServerContext.java
@@ -49,8 +49,20 @@
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.authn.AuthenticationService;
import org.apache.directory.server.core.authn.LdapPrincipal;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.BindOperationContext;
+import org.apache.directory.server.core.interceptor.context.DeleteOperationContext;
+import org.apache.directory.server.core.interceptor.context.EntryOperationContext;
+import org.apache.directory.server.core.interceptor.context.ListOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNoPermissionException;
import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.filter.PresenceNode;
@@ -70,7 +82,7 @@
public abstract class ServerContext implements EventContext
{
/** property key used for deleting the old RDN on a rename */
- public static final String DELETE_OLD_RDN_PROP = "java.naming.ldap.deleteRDN";
+ public static final String DELETE_OLD_RDN_PROP = JndiPropertyConstants.JNDI_LDAP_DELETE_RDN;
/** The directory service which owns this context **/
private final DirectoryService service;
@@ -121,20 +133,20 @@
this.env.putAll( env );
LdapJndiProperties props = LdapJndiProperties.getLdapJndiProperties( this.env );
dn = props.getProviderDn();
+
+ BindOperationContext bindContext = new BindOperationContext();
+ bindContext.setDn( props.getBindDn() );
+ bindContext.setCredentials( props.getCredentials() );
+ bindContext.setMechanisms( props.getAuthenticationMechanisms() );
+ bindContext.setSaslAuthId( props.getSaslAuthId() );
// need to issue a bind operation here
- this.nexusProxy.bind( props.getBindDn(), props.getCredentials(), props.getAuthenticationMechanisms(), props
- .getSaslAuthId() );
+ this.nexusProxy.bind( bindContext );
- if ( ! nexusProxy.hasEntry( dn ) )
+ if ( ! nexusProxy.hasEntry( new EntryOperationContext( dn ) ) )
{
throw new NameNotFoundException( dn + " does not exist" );
}
-
- if ( dn.size() == 0 )
- {
- return;
- }
}
@@ -251,7 +263,7 @@
*/
public String getNameInNamespace() throws NamingException
{
- return dn.toString();
+ return dn.getUpName();
}
@@ -301,8 +313,8 @@
LdapDN target = buildTarget( name );
injectRdnAttributeValues( target, attributes );
- attributes.put( JavaLdapSupport.OBJECTCLASS_ATTR, JavaLdapSupport.JCONTAINER_ATTR );
- attributes.put( JavaLdapSupport.OBJECTCLASS_ATTR, JavaLdapSupport.TOP_ATTR );
+ attributes.put( SchemaConstants.OBJECT_CLASS_AT, JavaLdapSupport.JCONTAINER_ATTR );
+ attributes.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC );
/*
* Add the new context to the server which as a side effect adds
@@ -311,7 +323,7 @@
* we need to copy over the controls as well to propagate the complete
* environment besides whats in the hashtable for env.
*/
- nexusProxy.add(target, attributes );
+ nexusProxy.add( new AddOperationContext( target, attributes ) );
return new ServerLdapContext( service, principal, target );
}
@@ -331,12 +343,13 @@
public void destroySubcontext( Name name ) throws NamingException
{
LdapDN target = buildTarget( name );
+
if ( target.size() == 0 )
{
throw new LdapNoPermissionException( "can't delete the rootDSE" );
}
- nexusProxy.delete( target );
+ nexusProxy.delete( new DeleteOperationContext( target ) );
}
@@ -380,7 +393,7 @@
if ( outAttrs != null )
{
LdapDN target = buildTarget( name );
- nexusProxy.add( target, outAttrs );
+ nexusProxy.add( new AddOperationContext( target, outAttrs ) );
return;
}
@@ -415,7 +428,7 @@
// Serialize object into entry attributes and add it.
JavaLdapSupport.serialize( attributes, obj );
- nexusProxy.add( target, attributes );
+ nexusProxy.add( new AddOperationContext( target, attributes ) );
}
else if ( obj instanceof DirContext )
{
@@ -432,7 +445,7 @@
LdapDN target = buildTarget( name );
injectRdnAttributeValues( target, attributes );
- nexusProxy.add( target, attributes );
+ nexusProxy.add( new AddOperationContext( target, attributes ) );
}
else
{
@@ -457,6 +470,7 @@
{
LdapDN oldDn = buildTarget( oldName );
LdapDN newDn = buildTarget( newName );
+
if ( oldDn.size() == 0 )
{
throw new LdapNoPermissionException( "can't rename the rootDSE" );
@@ -479,9 +493,9 @@
if ( null != env.get( DELETE_OLD_RDN_PROP ) )
{
String delOldRdnStr = ( String ) env.get( DELETE_OLD_RDN_PROP );
- delOldRdn = !delOldRdnStr.equals( "false" );
- delOldRdn = delOldRdn || delOldRdnStr.equals( "no" );
- delOldRdn = delOldRdn || delOldRdnStr.equals( "0" );
+ delOldRdn = !delOldRdnStr.equalsIgnoreCase( "false" ) &&
+ !delOldRdnStr.equalsIgnoreCase( "no" ) &&
+ !delOldRdnStr.equals( "0" );
}
/*
@@ -492,21 +506,22 @@
* a move operation. Furthermore if the RDN in the move operation
* changes it is both an RDN change and a move operation.
*/
- if ( oldName.size() == newName.size() && oldBase.equals( newBase ) )
+ if ( ( oldName.size() == newName.size() ) && oldBase.equals( newBase ) )
{
- nexusProxy.modifyRn( oldDn, newRdn, delOldRdn );
+ nexusProxy.rename( new RenameOperationContext( oldDn, newRdn, delOldRdn ) );
}
else
{
- LdapDN parent = ( LdapDN ) newDn.clone();
- parent.remove( newDn.size() - 1 );
+ LdapDN target = ( LdapDN ) newDn.clone();
+ target.remove( newDn.size() - 1 );
+
if ( newRdn.equalsIgnoreCase( oldRdn ) )
{
- nexusProxy.move( oldDn, parent );
+ nexusProxy.move( new MoveOperationContext( oldDn, target ) );
}
else
{
- nexusProxy.move( oldDn, parent, newRdn, delOldRdn );
+ nexusProxy.moveAndRename( new MoveAndRenameOperationContext( oldDn, target, newRdn, delOldRdn ) );
}
}
}
@@ -527,10 +542,12 @@
public void rebind( Name name, Object obj ) throws NamingException
{
LdapDN target = buildTarget( name );
- if ( nexusProxy.hasEntry( target ) )
+
+ if ( nexusProxy.hasEntry( new EntryOperationContext( target ) ) )
{
- nexusProxy.delete( target );
+ nexusProxy.delete( new DeleteOperationContext( target ) );
}
+
bind( name, obj );
}
@@ -549,7 +566,7 @@
*/
public void unbind( Name name ) throws NamingException
{
- nexusProxy.delete( buildTarget( name ) );
+ nexusProxy.delete( new DeleteOperationContext( buildTarget( name ) ) );
}
@@ -576,7 +593,17 @@
{
Object obj;
LdapDN target = buildTarget( name );
- Attributes attributes = nexusProxy.lookup( target );
+
+ Attributes attributes = null;
+
+ if ( name.size() == 0 )
+ {
+ attributes = nexusProxy.getRootDSE( new LookupOperationContext( target ) );
+ }
+ else
+ {
+ attributes = nexusProxy.lookup( new LookupOperationContext( target ) );
+ }
try
{
@@ -690,7 +717,7 @@
*/
public NamingEnumeration list( Name name ) throws NamingException
{
- return nexusProxy.list( buildTarget( name ) );
+ return nexusProxy.list( new ListOperationContext( buildTarget( name ) ) );
}
@@ -710,10 +737,10 @@
{
// Conduct a special one level search at base for all objects
LdapDN base = buildTarget( name );
- PresenceNode filter = new PresenceNode( "objectClass" );
+ PresenceNode filter = new PresenceNode( SchemaConstants.OBJECT_CLASS_AT );
SearchControls ctls = new SearchControls();
ctls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
- return nexusProxy.search( base, getEnvironment(), filter, ctls );
+ return nexusProxy.search( new SearchOperationContext( base, getEnvironment(), filter, ctls ) );
}
@@ -784,7 +811,7 @@
public void addNamingListener( Name name, int scope, NamingListener namingListener ) throws NamingException
{
- ExprNode filter = new PresenceNode( "objectClass" );
+ ExprNode filter = new PresenceNode( SchemaConstants.OBJECT_CLASS_AT );
SearchControls controls = new SearchControls();
controls.setSearchScope( scope );
( ( PartitionNexusProxy ) this.nexusProxy ).addNamingListener( this, buildTarget( name ), filter,
@@ -841,7 +868,7 @@
LdapDN target = ( LdapDN ) dn.clone();
// Add to left hand side of cloned DN the relative name arg
- target.addAll( target.size(), relativeName );
+ target.addAllNormalized( target.size(), relativeName );
return target;
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/jndi/ServerDirContext.java b/core/src/main/java/org/apache/directory/server/core/jndi/ServerDirContext.java
index 121c9f1..6f0dedb 100644
--- a/core/src/main/java/org/apache/directory/server/core/jndi/ServerDirContext.java
+++ b/core/src/main/java/org/apache/directory/server/core/jndi/ServerDirContext.java
@@ -44,7 +44,14 @@
import org.apache.directory.server.core.DirectoryService;
import org.apache.directory.server.core.authn.LdapPrincipal;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.DeleteOperationContext;
+import org.apache.directory.server.core.interceptor.context.EntryOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.filter.AssertionEnum;
import org.apache.directory.shared.ldap.filter.BranchNode;
import org.apache.directory.shared.ldap.filter.ExprNode;
@@ -116,7 +123,9 @@
*/
public Attributes getAttributes( Name name ) throws NamingException
{
- return getNexusProxy().lookup( buildTarget( name ) );
+ LookupOperationContext lookupContext = new LookupOperationContext( buildTarget( name ) );
+
+ return getNexusProxy().lookup( lookupContext );
}
@@ -136,7 +145,9 @@
*/
public Attributes getAttributes( Name name, String[] attrIds ) throws NamingException
{
- return getNexusProxy().lookup( buildTarget( name ), attrIds );
+ LookupOperationContext lookupContext = new LookupOperationContext( buildTarget( name ), attrIds );
+
+ return getNexusProxy().lookup( lookupContext );
}
@@ -149,14 +160,34 @@
modifyAttributes( new LdapDN( name ), modOp, attrs );
}
-
/**
- * @see javax.naming.directory.DirContext#modifyAttributes(
- * javax.naming.Name,int, javax.naming.directory.Attributes)
+ * @see javax.naming.directory.DirContext#modifyAttributes(java.lang.String,
+ * int, javax.naming.directory.Attributes)
*/
public void modifyAttributes( Name name, int modOp, Attributes attrs ) throws NamingException
{
- getNexusProxy().modify( buildTarget( name ), modOp, attrs );
+ ModificationItemImpl[] modItems = null;
+
+ if ( attrs != null )
+ {
+ modItems = new ModificationItemImpl[attrs.size()];
+ NamingEnumeration e = attrs.getAll();
+ int i = 0;
+
+ while ( e.hasMore() )
+ {
+ modItems[i++] = new ModificationItemImpl( modOp, ( Attribute ) e.next() ) ;
+ }
+ }
+
+ if ( name instanceof LdapDN )
+ {
+ getNexusProxy().modify( new ModifyOperationContext( buildTarget( name ), modItems ) );
+ }
+ else
+ {
+ getNexusProxy().modify( new ModifyOperationContext( buildTarget( new LdapDN( name ) ), modItems ) );
+ }
}
/**
@@ -199,7 +230,7 @@
newMods[i] = new ModificationItemImpl( mods[i] );
}
- getNexusProxy().modify( buildTarget( name ), newMods );
+ getNexusProxy().modify( new ModifyOperationContext( buildTarget( new LdapDN( name ) ), newMods ) );
}
@@ -209,7 +240,7 @@
*/
public void modifyAttributes( Name name, ModificationItemImpl[] mods ) throws NamingException
{
- getNexusProxy().modify( buildTarget( name ), mods );
+ getNexusProxy().modify( new ModifyOperationContext( buildTarget( new LdapDN( name ) ), mods ) );
}
@@ -247,7 +278,7 @@
{
Attributes clone = ( Attributes ) attrs.clone();
LdapDN target = buildTarget( name );
- getNexusProxy().add( target, clone );
+ getNexusProxy().add( new AddOperationContext( target, clone ) );
return;
}
@@ -267,7 +298,7 @@
attributes.put( ( Attribute ) list.next() );
}
}
- getNexusProxy().add( target, attributes );
+ getNexusProxy().add( new AddOperationContext( target, attributes ) );
return;
}
@@ -299,7 +330,7 @@
// Serialize object into entry attributes and add it.
JavaLdapSupport.serialize( attributes, obj );
- getNexusProxy().add( target, attributes );
+ getNexusProxy().add( new AddOperationContext( target, attributes ) );
}
else if ( obj instanceof DirContext )
{
@@ -314,7 +345,7 @@
}
}
LdapDN target = buildTarget( name );
- getNexusProxy().add( target, attributes );
+ getNexusProxy().add( new AddOperationContext( target, attributes ) );
}
else
{
@@ -340,9 +371,9 @@
public void rebind( Name name, Object obj, Attributes attrs ) throws NamingException
{
LdapDN target = buildTarget( name );
- if ( getNexusProxy().hasEntry( target ) )
+ if ( getNexusProxy().hasEntry( new EntryOperationContext( target ) ) )
{
- getNexusProxy().delete( target );
+ getNexusProxy().delete( new DeleteOperationContext( target ) );
}
bind( name, obj, attrs );
}
@@ -373,6 +404,7 @@
Rdn rdn = target.getRdn( target.size() - 1 );
Attributes attributes = ( Attributes ) attrs.clone();
+
if ( rdn.size() == 1 )
{
String rdnAttribute = rdn.getUpType();
@@ -407,7 +439,7 @@
}
// Add the new context to the server which as a side effect adds
- getNexusProxy().add( target, attributes );
+ getNexusProxy().add( new AddOperationContext( target, attributes ) );
// Initialize the new context
return new ServerLdapContext( getService(), getPrincipal(), target );
@@ -504,8 +536,9 @@
// If matchingAttributes is null/empty use a match for everything filter
if ( null == matchingAttributes || matchingAttributes.size() <= 0 )
{
- PresenceNode filter = new PresenceNode( "objectClass" );
- return getNexusProxy().search( target, getEnvironment(), filter, ctls );
+ PresenceNode filter = new PresenceNode( SchemaConstants.OBJECT_CLASS_AT );
+ return getNexusProxy().search(
+ new SearchOperationContext( target, getEnvironment(), filter, ctls ) );
}
// Handle simple filter expressions without multiple terms
@@ -529,7 +562,8 @@
node = new SimpleNode( attr.getID(), ( String ) value, AssertionEnum.EQUALITY );
}
- return getNexusProxy().search( target, getEnvironment(), node, ctls );
+ return getNexusProxy().search(
+ new SearchOperationContext( target, getEnvironment(), node, ctls ) );
}
}
@@ -575,7 +609,8 @@
}
}
- return getNexusProxy().search( target, getEnvironment(), filter, ctls );
+ return getNexusProxy().search(
+ new SearchOperationContext( target, getEnvironment(), filter, ctls ) );
}
@@ -602,12 +637,9 @@
*/
public NamingEnumeration search( Name name, ExprNode filter, SearchControls cons ) throws NamingException
{
- /*Name newName = new LdapDN( name.toString() );
- newName = LdapDN.oidToName( newName, DnOidContainer.getOids() );
- Name target = buildTarget( ((LdapDN)newName).toLdapName() );*/
-
LdapDN target = buildTarget( name );
- return getNexusProxy().search( target, getEnvironment(), filter, cons );
+ return getNexusProxy().search(
+ new SearchOperationContext( target, getEnvironment(), filter, cons ) );
}
@@ -638,7 +670,8 @@
throw ne;
}
- return getNexusProxy().search( target, getEnvironment(), filterNode, cons );
+ return getNexusProxy().search(
+ new SearchOperationContext( target, getEnvironment(), filterNode, cons ) );
}
@@ -726,7 +759,7 @@
// EventDirContext implementations
// ------------------------------------------------------------------------
- FilterParserImpl filterParser = new FilterParserImpl();
+ private static final FilterParserImpl filterParser = new FilterParserImpl();
public void addNamingListener( Name name, String filterStr, SearchControls searchControls,
diff --git a/core/src/main/java/org/apache/directory/server/core/jndi/ServerLdapContext.java b/core/src/main/java/org/apache/directory/server/core/jndi/ServerLdapContext.java
index 13560ff..bef0287 100644
--- a/core/src/main/java/org/apache/directory/server/core/jndi/ServerLdapContext.java
+++ b/core/src/main/java/org/apache/directory/server/core/jndi/ServerLdapContext.java
@@ -31,6 +31,8 @@
import org.apache.directory.server.core.DirectoryService;
import org.apache.directory.server.core.authn.LdapPrincipal;
+import org.apache.directory.server.core.interceptor.context.CompareOperationContext;
+import org.apache.directory.server.core.interceptor.context.UnbindOperationContext;
import org.apache.directory.server.core.referral.ReferralService;
import org.apache.directory.shared.ldap.NotImplementedException;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -49,6 +51,9 @@
private Control[] responseControls = EMPTY_CONTROLS;
private Control[] connectControls = EMPTY_CONTROLS;
+ /** A reference to the RTeferralService interceptor */
+ private transient ReferralService refService = null;
+
/**
* Creates an instance of an ServerLdapContext.
@@ -60,6 +65,7 @@
public ServerLdapContext( DirectoryService service, Hashtable env ) throws NamingException
{
super( service, env );
+ refService = (( ReferralService )service.getConfiguration().getInterceptorChain().get( ReferralService.NAME ) );
}
@@ -73,6 +79,7 @@
ServerLdapContext( DirectoryService service, LdapPrincipal principal, LdapDN dn ) throws NamingException
{
super( service, principal, dn );
+ refService = (( ReferralService )service.getConfiguration().getInterceptorChain().get( ReferralService.NAME ) );
}
@@ -163,7 +170,7 @@
*/
public boolean compare( LdapDN name, String oid, Object value ) throws NamingException
{
- return super.getNexusProxy().compare( name, oid, value );
+ return super.getNexusProxy().compare( new CompareOperationContext( name, oid, value ) );
}
@@ -178,22 +185,32 @@
public void ldapUnbind() throws NamingException
{
String bindDn = ( String ) getEnvironment().get( Context.SECURITY_PRINCIPAL );
- super.getNexusProxy().unbind( new LdapDN( bindDn ) );
+
+ super.getNexusProxy().unbind( new UnbindOperationContext( new LdapDN( bindDn ) ) );
}
- private transient ReferralService refService;
+ /**
+ * Check if a Name is a referral
+ * @param name The Name to check
+ * @return <code>true</code> if the Name is a referral.
+ * @throws NamingException If the Name is incorrect
+ */
public boolean isReferral( String name ) throws NamingException
{
- if ( refService == null )
- {
- refService = ( ReferralService ) getService().getConfiguration().getInterceptorChain().get(
- ReferralService.NAME );
- }
-
return refService.isReferral( name );
}
+ /**
+ * Check if a Name is a referral
+ * @param name The Name to check
+ * @return <code>true</code> if the Name is a referral.
+ * @throws NamingException If the Name is incorrect
+ */
+ public boolean isReferral( LdapDN name ) throws NamingException
+ {
+ return refService.isReferral( name );
+ }
public ServerContext getRootContext() throws NamingException
{
diff --git a/core/src/main/java/org/apache/directory/server/core/normalization/NormalizationService.java b/core/src/main/java/org/apache/directory/server/core/normalization/NormalizationService.java
index fd48bd2..e2969f3 100644
--- a/core/src/main/java/org/apache/directory/server/core/normalization/NormalizationService.java
+++ b/core/src/main/java/org/apache/directory/server/core/normalization/NormalizationService.java
@@ -21,24 +21,26 @@
import java.util.Iterator;
-import java.util.List;
import java.util.Map;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
-import org.apache.directory.server.core.configuration.PartitionConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.ConcreteNameComponentNormalizer;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
-
import org.apache.directory.shared.ldap.filter.AssertionEnum;
import org.apache.directory.shared.ldap.filter.BranchNode;
import org.apache.directory.shared.ldap.filter.ExprNode;
@@ -47,14 +49,13 @@
import org.apache.directory.shared.ldap.filter.PresenceNode;
import org.apache.directory.shared.ldap.filter.SimpleNode;
import org.apache.directory.shared.ldap.filter.SubstringNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
-import org.apache.directory.shared.ldap.name.NameComponentNormalizer;
import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.name.NameComponentNormalizer;
import org.apache.directory.shared.ldap.schema.AttributeType;
+import org.apache.directory.shared.ldap.schema.OidNormalizer;
import org.apache.directory.shared.ldap.util.EmptyEnumeration;
-
-import org.slf4j.LoggerFactory;
import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
@@ -69,15 +70,25 @@
{
/** logger used by this class */
private static final Logger log = LoggerFactory.getLogger( NormalizationService.class );
+
+ /** The service name */
+ public static final String NAME = "normalizationService";
/** a filter node value normalizer and undefined node remover */
private NormalizingVisitor normVisitor;
+
/** an expanding filter that makes expressions more specific */
private ExpandingVisitor expVisitor;
+
/** the attributeType registry used for normalization and determining if some filter nodes are undefined */
private AttributeTypeRegistry attributeRegistry;
+
+ /** The association between attributeTypes and their normalizers */
+ private Map<String, OidNormalizer> attrNormalizers;
-
+ /**
+ * Initialize the registries, normalizers.
+ */
public void init( DirectoryServiceConfiguration factoryCfg, InterceptorConfiguration cfg ) throws NamingException
{
OidRegistry oidRegistry = factoryCfg.getRegistries().getOidRegistry();
@@ -85,77 +96,74 @@
NameComponentNormalizer ncn = new ConcreteNameComponentNormalizer( attributeRegistry, oidRegistry );
normVisitor = new NormalizingVisitor( ncn, oidRegistry );
expVisitor = new ExpandingVisitor( attributeRegistry );
+ attrNormalizers = attributeRegistry.getNormalizerMapping();
}
-
+ /**
+ * The destroy method does nothing
+ */
public void destroy()
{
}
-
// ------------------------------------------------------------------------
// Normalize all Name based arguments for ContextPartition interface operations
// ------------------------------------------------------------------------
- public void add(NextInterceptor nextInterceptor, LdapDN name, Attributes attrs)
+ public void add(NextInterceptor nextInterceptor, OperationContext opContext)
throws NamingException
{
- LdapDN normalized = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- nextInterceptor.add( normalized, attrs );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ nextInterceptor.add( opContext );
}
- public void delete( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- LdapDN normalized = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- nextInterceptor.delete( normalized );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ nextInterceptor.delete( opContext );
}
- public void modify( NextInterceptor nextInterceptor, LdapDN name, int modOp, Attributes attrs )
+ public void modify( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
- LdapDN normalized = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- nextInterceptor.modify( normalized, modOp, attrs );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ nextInterceptor.modify( opContext );
}
- public void modify( NextInterceptor nextInterceptor, LdapDN name, ModificationItemImpl[] items ) throws NamingException
- {
- LdapDN normalized = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- nextInterceptor.modify( normalized, items );
- }
-
-
- public void modifyRn( NextInterceptor nextInterceptor, LdapDN name, String newRn, boolean deleteOldRn )
+ public void rename( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
- LdapDN normalized = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- nextInterceptor.modifyRn( normalized, newRn, deleteOldRn );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ nextInterceptor.rename( opContext );
}
- public void move( NextInterceptor nextInterceptor, LdapDN name, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- LdapDN normalized = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- newParentName.normalize( attributeRegistry.getNormalizerMapping());
- nextInterceptor.move( normalized, newParentName );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ ((MoveOperationContext)opContext).getParent().normalize( attrNormalizers);
+ nextInterceptor.move( opContext );
}
- public void move( NextInterceptor nextInterceptor, LdapDN name, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
- LdapDN normalized = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- newParentName.normalize( attributeRegistry.getNormalizerMapping());
- nextInterceptor.move( normalized, newParentName, newRn, deleteOldRn );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ LdapDN.normalize( ((MoveAndRenameOperationContext)opContext).getParent(), attrNormalizers);
+ nextInterceptor.moveAndRename( opContext );
}
- public NamingEnumeration search( NextInterceptor nextInterceptor, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- base.normalize( attributeRegistry.getNormalizerMapping());
+ LdapDN base = opContext.getDn();
+ ExprNode filter = ((SearchOperationContext)opContext).getFilter();
+
+ base.normalize( attrNormalizers);
if ( filter.isLeaf() )
{
@@ -328,42 +336,29 @@
}
}
- return nextInterceptor.search( base, env, filter, searchCtls );
+ ((SearchOperationContext)opContext).setFilter( filter );
+ return nextInterceptor.search( opContext );
}
- public boolean hasEntry( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public boolean hasEntry( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- name = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- return nextInterceptor.hasEntry( name );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ return nextInterceptor.hasEntry( opContext );
}
- public boolean isSuffix( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public NamingEnumeration list( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- name = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- return nextInterceptor.isSuffix( name );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ return nextInterceptor.list( opContext );
}
- public NamingEnumeration list( NextInterceptor nextInterceptor, LdapDN base ) throws NamingException
+ public Attributes lookup( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- base = LdapDN.normalize( base, attributeRegistry.getNormalizerMapping() );
- return nextInterceptor.list( base );
- }
-
-
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
- {
- name = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- return nextInterceptor.lookup( name );
- }
-
-
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name, String[] attrIds ) throws NamingException
- {
- name = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- return nextInterceptor.lookup( name, attrIds );
+ LdapDN.normalize( ((LookupOperationContext)opContext).getDn(), attrNormalizers );
+ return nextInterceptor.lookup( opContext );
}
@@ -371,44 +366,43 @@
// Normalize all Name based arguments for other interface operations
// ------------------------------------------------------------------------
- public LdapDN getMatchedName ( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public LdapDN getMatchedName ( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- name = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- return nextInterceptor.getMatchedName( name );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ return nextInterceptor.getMatchedName( opContext );
}
- public LdapDN getSuffix ( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public LdapDN getSuffix ( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- name = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- return nextInterceptor.getSuffix( name );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ return nextInterceptor.getSuffix( opContext );
}
- public boolean compare( NextInterceptor next, LdapDN name, String oid, Object value ) throws NamingException
+ public boolean compare( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- name = LdapDN.normalize( name, attributeRegistry.getNormalizerMapping() );
- return next.compare( name, oid, value );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ return next.compare( opContext );
}
- public void bind( NextInterceptor next, LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId )
- throws NamingException
+ public void bind( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- bindDn = LdapDN.normalize( bindDn, attributeRegistry.getNormalizerMapping() );
- next.bind( bindDn, credentials, mechanisms, saslAuthId );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ next.bind( opContext );
}
- public void addContextPartition( NextInterceptor next, PartitionConfiguration cfg ) throws NamingException
+ public void addContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- next.addContextPartition( cfg );
+ next.addContextPartition( opContext );
}
- public void removeContextPartition( NextInterceptor next, LdapDN suffix ) throws NamingException
+ public void removeContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- suffix = LdapDN.normalize( suffix, attributeRegistry.getNormalizerMapping() );
- next.removeContextPartition( suffix );
+ LdapDN.normalize( opContext.getDn(), attrNormalizers );
+ next.removeContextPartition( opContext );
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/normalization/NormalizingVisitor.java b/core/src/main/java/org/apache/directory/server/core/normalization/NormalizingVisitor.java
index 9116ac0..6ec1802 100644
--- a/core/src/main/java/org/apache/directory/server/core/normalization/NormalizingVisitor.java
+++ b/core/src/main/java/org/apache/directory/server/core/normalization/NormalizingVisitor.java
@@ -58,8 +58,10 @@
{
/** logger used by this class */
private final static Logger log = LoggerFactory.getLogger( NormalizingVisitor.class );
+
/** the name component normalizer used by this visitor */
private final NameComponentNormalizer ncn;
+
/** the oid registry used to resolve OIDs for attributeType ids */
private final OidRegistry registry;
diff --git a/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeService.java b/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeService.java
index ebc973b..cf9ee51 100644
--- a/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeService.java
+++ b/core/src/main/java/org/apache/directory/server/core/operational/OperationalAttributeService.java
@@ -22,10 +22,9 @@
import java.util.HashSet;
import java.util.Iterator;
-import java.util.Map;
+import java.util.List;
import java.util.Set;
-import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
@@ -35,7 +34,6 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.constants.ApacheSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
import org.apache.directory.server.core.enumeration.SearchResultFilter;
@@ -43,21 +41,29 @@
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.Interceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
-import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.schema.AttributeType;
-import org.apache.directory.shared.ldap.schema.UsageEnum;
-import org.apache.directory.shared.ldap.util.AttributeUtils;
-import org.apache.directory.shared.ldap.util.DateUtils;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.AttributeTypeAndValue;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.name.Rdn;
+import org.apache.directory.shared.ldap.schema.AttributeType;
+import org.apache.directory.shared.ldap.schema.UsageEnum;
+import org.apache.directory.shared.ldap.util.AttributeUtils;
+import org.apache.directory.shared.ldap.util.DateUtils;
/**
@@ -71,6 +77,9 @@
*/
public class OperationalAttributeService extends BaseInterceptor
{
+ /** The service name */
+ public static final String NAME = "operationalAttributeService";
+
private final SearchResultFilter DENORMALIZING_SEARCH_FILTER = new SearchResultFilter()
{
public boolean accept( Invocation invocation, SearchResult result, SearchControls controls )
@@ -131,7 +140,7 @@
isDenormalizeOpAttrsEnabled = factoryCfg.getStartupConfiguration().isDenormalizeOpAttrsEnabled();
// stuff for dealing with subentries (garbage for now)
- String subschemaSubentry = ( String ) nexus.getRootDSE().get( "subschemaSubentry" ).get();
+ String subschemaSubentry = ( String ) nexus.getRootDSE( null ).get( "subschemaSubentry" ).get();
subschemaSubentryDn = new LdapDN( subschemaSubentry );
subschemaSubentryDn.normalize( factoryCfg.getRegistries().getAttributeTypeRegistry().getNormalizerMapping() );
}
@@ -145,179 +154,173 @@
/**
* Adds extra operational attributes to the entry before it is added.
*/
- public void add(NextInterceptor nextInterceptor, LdapDN normName, Attributes entry)
+ public void add(NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
String principal = getPrincipal().getName();
+ Attributes entry = ((AddOperationContext)opContext).getEntry();
- Attribute attribute = new AttributeImpl( "creatorsName" );
+ Attribute attribute = new AttributeImpl( SchemaConstants.CREATORS_NAME_AT );
attribute.add( principal );
entry.put( attribute );
- attribute = new AttributeImpl( "createTimestamp" );
+ attribute = new AttributeImpl( SchemaConstants.CREATE_TIMESTAMP_AT );
attribute.add( DateUtils.getGeneralizedTime() );
entry.put( attribute );
- nextInterceptor.add(normName, entry );
+ nextInterceptor.add( opContext );
}
-
-
- public void modify( NextInterceptor nextInterceptor, LdapDN name, int modOp, Attributes attrs )
+
+ public void modify( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
- nextInterceptor.modify( name, modOp, attrs );
+ nextInterceptor.modify( opContext );
- if ( name.getNormName().equals( subschemaSubentryDn.getNormName() ) )
+ if ( opContext.getDn().getNormName().equals( subschemaSubentryDn.getNormName() ) )
{
return;
}
// add operational attributes after call in case the operation fails
Attributes attributes = new AttributesImpl( true );
- Attribute attribute = new AttributeImpl( "modifiersName" );
+ Attribute attribute = new AttributeImpl( SchemaConstants.MODIFIERS_NAME_AT );
attribute.add( getPrincipal().getName() );
attributes.put( attribute );
- attribute = new AttributeImpl( "modifyTimestamp" );
+ attribute = new AttributeImpl( SchemaConstants.MODIFY_TIMESTAMP_AT );
attribute.add( DateUtils.getGeneralizedTime() );
attributes.put( attribute );
-
- nexus.modify( name, DirContext.REPLACE_ATTRIBUTE, attributes );
- }
-
-
- public void modify( NextInterceptor nextInterceptor, LdapDN name, ModificationItemImpl[] items ) throws NamingException
- {
- nextInterceptor.modify( name, items );
-
- if ( name.getNormName().equals( subschemaSubentryDn.getNormName() ) )
- {
- return;
- }
- // add operational attributes after call in case the operation fails
- Attributes attributes = new AttributesImpl( true );
- Attribute attribute = new AttributeImpl( "modifiersName" );
- attribute.add( getPrincipal().getName() );
- attributes.put( attribute );
+ ModificationItemImpl[] items = ModifyOperationContext.createModItems( attributes, DirContext.REPLACE_ATTRIBUTE );
- attribute = new AttributeImpl( "modifyTimestamp" );
- attribute.add( DateUtils.getGeneralizedTime() );
- attributes.put( attribute );
-
- nexus.modify( name, DirContext.REPLACE_ATTRIBUTE, attributes );
+ ModifyOperationContext newModify = new ModifyOperationContext( opContext.getDn(), items );
+ nexus.modify( newModify );
}
- public void modifyRn( NextInterceptor nextInterceptor, LdapDN name, String newRn, boolean deleteOldRn )
+ public void rename( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
- nextInterceptor.modifyRn( name, newRn, deleteOldRn );
+ nextInterceptor.rename( opContext );
// add operational attributes after call in case the operation fails
Attributes attributes = new AttributesImpl( true );
- Attribute attribute = new AttributeImpl( "modifiersName" );
+ Attribute attribute = new AttributeImpl( SchemaConstants.MODIFIERS_NAME_AT );
attribute.add( getPrincipal().getName() );
attributes.put( attribute );
- attribute = new AttributeImpl( "modifyTimestamp" );
+ attribute = new AttributeImpl( SchemaConstants.MODIFY_TIMESTAMP_AT );
attribute.add( DateUtils.getGeneralizedTime() );
attributes.put( attribute );
- LdapDN newDn = ( LdapDN ) name.clone();
- newDn.remove( name.size() - 1 );
- newDn.add( newRn );
+ LdapDN newDn = ( LdapDN ) opContext.getDn().clone();
+ newDn.remove( opContext.getDn().size() - 1 );
+ newDn.add( ((RenameOperationContext)opContext).getNewRdn() );
newDn.normalize( registry.getNormalizerMapping() );
- nexus.modify( newDn, DirContext.REPLACE_ATTRIBUTE, attributes );
+
+ ModificationItemImpl[] items = ModifyOperationContext.createModItems( attributes, DirContext.REPLACE_ATTRIBUTE );
+
+ ModifyOperationContext newModify = new ModifyOperationContext( newDn, items );
+
+ nexus.modify( newModify );
}
- public void move( NextInterceptor nextInterceptor, LdapDN name, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- nextInterceptor.move( name, newParentName );
+ nextInterceptor.move( opContext );
// add operational attributes after call in case the operation fails
Attributes attributes = new AttributesImpl( true );
- Attribute attribute = new AttributeImpl( "modifiersName" );
+ Attribute attribute = new AttributeImpl( SchemaConstants.MODIFIERS_NAME_AT );
attribute.add( getPrincipal().getName() );
attributes.put( attribute );
- attribute = new AttributeImpl( "modifyTimestamp" );
+ attribute = new AttributeImpl( SchemaConstants.MODIFY_TIMESTAMP_AT );
attribute.add( DateUtils.getGeneralizedTime() );
attributes.put( attribute );
- nexus.modify( newParentName, DirContext.REPLACE_ATTRIBUTE, attributes );
+ ModificationItemImpl[] items = ModifyOperationContext.createModItems( attributes, DirContext.REPLACE_ATTRIBUTE );
+
+
+ ModifyOperationContext newModify =
+ new ModifyOperationContext( ((MoveOperationContext)opContext).getParent(), items );
+
+ nexus.modify( newModify );
}
- public void move( NextInterceptor nextInterceptor, LdapDN name, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor nextInterceptor, OperationContext opContext )
throws NamingException
{
- nextInterceptor.move( name, newParentName, newRn, deleteOldRn );
+ nextInterceptor.moveAndRename( opContext );
// add operational attributes after call in case the operation fails
Attributes attributes = new AttributesImpl( true );
- Attribute attribute = new AttributeImpl( "modifiersName" );
+ Attribute attribute = new AttributeImpl( SchemaConstants.MODIFIERS_NAME_AT );
attribute.add( getPrincipal().getName() );
attributes.put( attribute );
- attribute = new AttributeImpl( "modifyTimestamp" );
+ attribute = new AttributeImpl( SchemaConstants.MODIFY_TIMESTAMP_AT );
attribute.add( DateUtils.getGeneralizedTime() );
attributes.put( attribute );
- nexus.modify( newParentName, DirContext.REPLACE_ATTRIBUTE, attributes );
+ ModificationItemImpl[] items = ModifyOperationContext.createModItems( attributes, DirContext.REPLACE_ATTRIBUTE );
+
+ ModifyOperationContext newModify =
+ new ModifyOperationContext(
+ ((MoveAndRenameOperationContext)opContext).getParent(), items );
+ nexus.modify( newModify );
}
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public Attributes lookup( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- Attributes result = nextInterceptor.lookup( name );
- if ( result == null )
- {
- return null;
- }
- filter( result );
- return result;
- }
-
-
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name, String[] attrIds ) throws NamingException
- {
- Attributes result = nextInterceptor.lookup( name, attrIds );
+ Attributes result = nextInterceptor.lookup( opContext );
+
if ( result == null )
{
return null;
}
- filter( name, result, attrIds );
+ if ( ((LookupOperationContext)opContext).getAttrsId() == null )
+ {
+ filter( result );
+ }
+ else
+ {
+ filter( opContext, result );
+ }
+
return result;
}
- public NamingEnumeration list( NextInterceptor nextInterceptor, LdapDN base ) throws NamingException
+ public NamingEnumeration list( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- NamingEnumeration e = nextInterceptor.list( base );
+ NamingEnumeration e = nextInterceptor.list( opContext );
Invocation invocation = InvocationStack.getInstance().peek();
- return new SearchResultFilteringEnumeration( e, new SearchControls(), invocation, SEARCH_FILTER );
+ return new SearchResultFilteringEnumeration( e, new SearchControls(), invocation, SEARCH_FILTER, "List Operational Filter" );
}
- public NamingEnumeration search( NextInterceptor nextInterceptor, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
Invocation invocation = InvocationStack.getInstance().peek();
- NamingEnumeration e = nextInterceptor.search( base, env, filter, searchCtls );
+ NamingEnumeration e = nextInterceptor.search( opContext );
+ SearchControls searchCtls = ((SearchOperationContext)opContext).getSearchControls();
+
if ( searchCtls.getReturningAttributes() != null )
{
if ( isDenormalizeOpAttrsEnabled )
{
- return new SearchResultFilteringEnumeration( e, searchCtls, invocation, DENORMALIZING_SEARCH_FILTER );
+ return new SearchResultFilteringEnumeration( e, searchCtls, invocation, DENORMALIZING_SEARCH_FILTER, "Search Operational Filter denormalized" );
}
return e;
}
- return new SearchResultFilteringEnumeration( e, searchCtls, invocation, SEARCH_FILTER );
+ return new SearchResultFilteringEnumeration( e, searchCtls, invocation, SEARCH_FILTER , "Search Operational Filter");
}
@@ -352,18 +355,21 @@
}
- private void filter( Name dn, Attributes entry, String[] ids ) throws NamingException
+ private void filter( OperationContext lookupContext, Attributes entry ) throws NamingException
{
+ LdapDN dn = ((LookupOperationContext)lookupContext).getDn();
+ List<String> ids = ((LookupOperationContext)lookupContext).getAttrsId();
+
// still need to protect against returning op attrs when ids is null
if ( ids == null )
{
- OperationalAttributeService.this.filter( entry );
+ filter( entry );
return;
}
if ( dn.size() == 0 )
{
- Set<String> idsSet = new HashSet<String>( ids.length );
+ Set<String> idsSet = new HashSet<String>( ids.size() );
for ( String id:ids )
{
@@ -395,7 +401,7 @@
{
if ( isDenormalizeOpAttrsEnabled )
{
- AttributeType type = registry.lookup( SystemSchemaConstants.CREATORS_NAME_AT );
+ AttributeType type = registry.lookup( SchemaConstants.CREATORS_NAME_AT );
Attribute attr = AttributeUtils.getAttribute( entry, type );
if ( attr != null )
@@ -407,7 +413,7 @@
}
type = null;
- type = registry.lookup( SystemSchemaConstants.MODIFIERS_NAME_AT );
+ type = registry.lookup( SchemaConstants.MODIFIERS_NAME_AT );
attr = null;
attr = AttributeUtils.getAttribute( entry, type );
@@ -453,7 +459,9 @@
}
else if ( rdn.size() == 1 )
{
- newDn.add( new Rdn( registry.lookup( rdn.getNormType() ).getName(), (String)rdn.getAtav().getValue() ) );
+ String name = registry.lookup( rdn.getNormType() ).getName();
+ String value = (String)rdn.getAtav().getValue();
+ newDn.add( new Rdn( name, name, value, value ) );
continue;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/AbstractPartition.java b/core/src/main/java/org/apache/directory/server/core/partition/AbstractPartition.java
index c798ef0..a8f4e90 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/AbstractPartition.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/AbstractPartition.java
@@ -20,22 +20,19 @@
package org.apache.directory.server.core.partition;
-import java.util.ArrayList;
-import java.util.List;
-
import javax.naming.NameNotFoundException;
-import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.OperationNotSupportedException;
-import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.PartitionConfiguration;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
import org.apache.directory.shared.ldap.name.LdapDN;
-
/**
* A {@link Partition} that helps users to implement their own partition.
* Most methods are implemented by default. Please look at the description of
@@ -177,12 +174,6 @@
}
- public final boolean isSuffix( LdapDN name ) throws NamingException
- {
- return getSuffix().equals( name );
- }
-
-
/**
* This method does nothing by default.
*/
@@ -192,15 +183,15 @@
/**
- * This method calls {@link Partition#lookup(org.apache.directory.shared.ldap.name.LdapDN)} and return <tt>true</tt>
+ * This method calls {@link Partition#lookup(OperationContext)} and return <tt>true</tt>
* if it returns an entry by default. Please override this method if
* there is more effective way for your implementation.
*/
- public boolean hasEntry( LdapDN name ) throws NamingException
+ public boolean hasEntry( OperationContext entryContext ) throws NamingException
{
try
{
- return lookup( name ) != null;
+ return lookup( new LookupOperationContext( entryContext.getDn() ) ) != null;
}
catch ( NameNotFoundException e )
{
@@ -214,46 +205,24 @@
* with null <tt>attributeIds</tt> by default. Please override
* this method if there is more effective way for your implementation.
*/
- public Attributes lookup( LdapDN name ) throws NamingException
+ public Attributes lookup( OperationContext lookupContext ) throws NamingException
{
- return lookup( name, null );
+ return null;
}
/**
- * This method forwards the request to
- * {@link Partition#modify(org.apache.directory.shared.ldap.name.LdapDN,javax.naming.directory.ModificationItemImpl[])} after
- * translating parameters to {@link ModificationItemImpl}<tt>[]</tt> by default.
- * Please override this method if there is more effactive way for your
- * implementation.
- */
- public void modify( LdapDN name, int modOp, Attributes mods ) throws NamingException
- {
- List<ModificationItemImpl> items = new ArrayList<ModificationItemImpl>( mods.size() );
- NamingEnumeration e = mods.getAll();
- while ( e.hasMore() )
- {
- items.add( new ModificationItemImpl( modOp, ( Attribute ) e.next() ) );
- }
-
- ModificationItemImpl[] itemsArray = new ModificationItemImpl[items.size()];
- itemsArray = items.toArray( itemsArray );
- modify( name, itemsArray );
- }
-
-
- /**
- * This method calls {@link Partition#move(org.apache.directory.shared.ldap.name.LdapDN,org.apache.directory.shared.ldap.name.LdapDN)} and
- * {@link Partition#modifyRn(org.apache.directory.shared.ldap.name.LdapDN,String,boolean)} subsequently
+ * This method calls {@link Partition#move(OperationContext)} and
+ * {@link Partition#rename(OperationContext)} subsequently
* by default. Please override this method if there is more effactive
* way for your implementation.
*/
- public void move( LdapDN oldName, LdapDN newParentName, String newRn, boolean deleteOldRn ) throws NamingException
+ public void move( LdapDN oldName, LdapDN newParentName, String newRdn, boolean deleteOldRn ) throws NamingException
{
LdapDN newName = ( LdapDN ) newParentName.clone();
- newName.add( newRn );
- move( oldName, newParentName );
- modifyRn( newName, newRn, deleteOldRn );
+ newName.add( newRdn );
+ replace( new MoveOperationContext( oldName, newParentName ) );
+ rename( new RenameOperationContext( newName, newRdn, deleteOldRn ) );
}
@@ -261,7 +230,7 @@
* This method throws {@link OperationNotSupportedException} by default.
* Please override this method to implement move operation.
*/
- public void move( LdapDN oldName, LdapDN newParentName ) throws NamingException
+ public void replace( OperationContext replaceContext ) throws NamingException
{
throw new OperationNotSupportedException( "Moving an entry to other parent entry is not supported." );
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java b/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java
index 771cca5..6b229df 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/DefaultPartitionNexus.java
@@ -24,6 +24,7 @@
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
+import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
@@ -44,6 +45,13 @@
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.PartitionConfiguration;
+import org.apache.directory.server.core.interceptor.context.AddContextPartitionOperationContext;
+import org.apache.directory.server.core.interceptor.context.CompareOperationContext;
+import org.apache.directory.server.core.interceptor.context.EntryOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.RemoveContextPartitionOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration;
import org.apache.directory.server.core.partition.impl.btree.jdbm.JdbmPartition;
import org.apache.directory.server.ldap.constants.SupportedSASLMechanisms;
@@ -51,6 +59,7 @@
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.shared.ldap.MultiException;
import org.apache.directory.shared.ldap.NotImplementedException;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidAttributeIdentifierException;
import org.apache.directory.shared.ldap.exception.LdapNameNotFoundException;
import org.apache.directory.shared.ldap.exception.LdapNoSuchAttributeException;
@@ -60,11 +69,12 @@
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.ManageDsaITControl;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.message.PersistentSearchControl;
+import org.apache.directory.shared.ldap.message.ServerSearchResult;
import org.apache.directory.shared.ldap.message.SubentriesControl;
import org.apache.directory.shared.ldap.message.extended.NoticeOfDisconnect;
import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.name.Rdn;
import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.schema.Normalizer;
import org.apache.directory.shared.ldap.schema.UsageEnum;
@@ -113,6 +123,99 @@
/** the backends keyed by normalized suffix strings */
private Map<String, Partition> partitions = new HashMap<String, Partition>();
+
+ private PartitionStructure partitionList = new PartitionContainer();
+
+ private interface PartitionStructure
+ {
+ boolean isPartition();
+ public PartitionStructure addPartitionHandler( String name, PartitionStructure children );
+ }
+
+ private class PartitionContainer implements PartitionStructure
+ {
+ private Map<String, PartitionStructure> children;
+
+ private PartitionContainer()
+ {
+ children = new HashMap<String, PartitionStructure>();
+ }
+
+ public boolean isPartition()
+ {
+ return false;
+ }
+
+ public PartitionStructure addPartitionHandler( String name, PartitionStructure child )
+ {
+ children.put( name, child );
+ return this;
+ }
+
+ public String toString()
+ {
+ StringBuilder sb = new StringBuilder();
+
+ sb.append( "Partition container :\n" );
+
+ for ( PartitionStructure child:children.values() )
+ {
+ sb.append( '{' ).append( child.toString() ).append( "} " );
+ }
+
+ return sb.toString();
+ }
+ }
+
+ private class PartitionHandler implements PartitionStructure
+ {
+ private Partition partition;
+
+ private PartitionHandler( Partition partition )
+ {
+ this.partition = partition;
+ }
+
+ public boolean isPartition()
+ {
+ return true;
+ }
+
+ public PartitionStructure addPartitionHandler( String name, PartitionStructure partition )
+ {
+ return this;
+ }
+
+ public Partition getpartition()
+ {
+ return partition;
+ }
+
+ public String toString()
+ {
+ try
+ {
+ return partition.getSuffix().getUpName();
+ }
+ catch ( NamingException ne )
+ {
+ return "Unkown partition";
+ }
+ }
+}
+
+ private PartitionStructure buildPartitionStructure( PartitionStructure current, LdapDN dn, int index, Partition partition )
+ {
+ if ( index == dn.size() - 1 )
+ {
+ return current.addPartitionHandler( dn.getRdn( index ).toString(), new PartitionHandler( partition ) );
+ }
+ else
+ {
+ return current.addPartitionHandler( dn.getRdn( index ).toString(),
+ buildPartitionStructure( new PartitionContainer(), dn, index + 1, partition ) );
+ }
+ }
/** the read only rootDSE attributes */
private final Attributes rootDSE;
@@ -163,10 +266,10 @@
attr.add( SubentriesControl.CONTROL_OID );
attr.add( ManageDsaITControl.CONTROL_OID );
- attr = new AttributeImpl( "objectClass" );
+ attr = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
rootDSE.put( attr );
- attr.add( "top" );
- attr.add( "extensibleObject" );
+ attr.add( SchemaConstants.TOP_OC );
+ attr.add( SchemaConstants.EXTENSIBLE_OBJECT_OC );
attr = new AttributeImpl( NAMINGCTXS_ATTR );
rootDSE.put( attr );
@@ -213,7 +316,7 @@
while ( i.hasNext() )
{
PartitionConfiguration c = ( PartitionConfiguration ) i.next();
- addContextPartition( c );
+ addContextPartition( new AddContextPartitionOperationContext( c ) );
initializedPartitionCfgs.add( 0, c );
}
initialized = true;
@@ -261,17 +364,17 @@
// ---------------------------------------------------------------
Attributes systemEntry = systemCfg.getContextEntry();
- Attribute objectClassAttr = systemEntry.get( "objectClass" );
+ Attribute objectClassAttr = systemEntry.get( SchemaConstants.OBJECT_CLASS_AT );
if ( objectClassAttr == null )
{
- objectClassAttr = new AttributeImpl( "objectClass" );
+ objectClassAttr = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
systemEntry.put( objectClassAttr );
}
- objectClassAttr.add( "top" );
- objectClassAttr.add( "organizationalUnit" );
- objectClassAttr.add( "extensibleObject" );
- systemEntry.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL );
- systemEntry.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ objectClassAttr.add( SchemaConstants.TOP_OC );
+ objectClassAttr.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
+ objectClassAttr.add( SchemaConstants.EXTENSIBLE_OBJECT_OC );
+ systemEntry.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL );
+ systemEntry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
systemEntry.put( NamespaceTools.getRdnAttribute( PartitionNexus.SYSTEM_PARTITION_SUFFIX ),
NamespaceTools.getRdnValue( PartitionNexus.SYSTEM_PARTITION_SUFFIX ) );
systemCfg.setContextEntry( systemEntry );
@@ -330,12 +433,12 @@
indices.add( Oid.UPDN );
}
- if ( ! indexOids.contains( registry.getOid( "objectClass" ) ) )
+ if ( ! indexOids.contains( registry.getOid( SchemaConstants.OBJECT_CLASS_AT ) ) )
{
log.warn( "CAUTION: You have not included objectClass as an indexed attribute" +
"in the system partition configuration. This will lead to poor " +
"performance. The server is automatically adding this index for you." );
- indices.add( "objectClass" );
+ indices.add( SchemaConstants.OBJECT_CLASS_AT );
}
}
else
@@ -357,18 +460,18 @@
indexedSystemAttrs.add( Oid.ONEALIAS );
indexedSystemAttrs.add( Oid.SUBALIAS );
indexedSystemAttrs.add( Oid.UPDN );
- indexedSystemAttrs.add( "objectClass" );
+ indexedSystemAttrs.add( SchemaConstants.OBJECT_CLASS_AT );
systemCfg.setIndexedAttributes( indexedSystemAttrs );
// Add context entry for system partition
Attributes systemEntry = new AttributesImpl();
- Attribute objectClassAttr = new AttributeImpl( "objectClass" );
- objectClassAttr.add( "top" );
- objectClassAttr.add( "organizationalUnit" );
- objectClassAttr.add( "extensibleObject" );
+ Attribute objectClassAttr = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClassAttr.add( SchemaConstants.TOP_OC );
+ objectClassAttr.add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
+ objectClassAttr.add( SchemaConstants.EXTENSIBLE_OBJECT_OC );
systemEntry.put( objectClassAttr );
- systemEntry.put( "creatorsName", PartitionNexus.ADMIN_PRINCIPAL );
- systemEntry.put( "createTimestamp", DateUtils.getGeneralizedTime() );
+ systemEntry.put( SchemaConstants.CREATORS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL );
+ systemEntry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
systemEntry.put( NamespaceTools.getRdnAttribute( PartitionNexus.SYSTEM_PARTITION_SUFFIX ),
NamespaceTools.getRdnValue( PartitionNexus.SYSTEM_PARTITION_SUFFIX ) );
systemCfg.setContextEntry( systemEntry );
@@ -378,14 +481,18 @@
system.init( factoryCfg, systemCfg );
systemCfg.setContextPartition( system );
String key = system.getSuffix().toString();
+
if ( partitions.containsKey( key ) )
{
throw new ConfigurationException( "Duplicate partition suffix: " + key );
}
+
partitions.put( key, system );
+
+ buildPartitionStructure( partitionList, system.getSuffix(), 0, system );
Attribute namingContexts = rootDSE.get( NAMINGCTXS_ATTR );
- namingContexts.add( system.getUpSuffix().toString() );
+ namingContexts.add( system.getUpSuffix().getUpName() );
return systemCfg;
}
@@ -411,9 +518,10 @@
while ( suffixes.hasNext() )
{
String suffix = suffixes.next();
+
try
{
- removeContextPartition( new LdapDN( suffix ) );
+ removeContextPartition( new RemoveContextPartitionOperationContext( new LdapDN( suffix ) ) );
}
catch ( NamingException e )
{
@@ -432,6 +540,7 @@
{
MultiException error = null;
Iterator list = this.partitions.values().iterator();
+
while ( list.hasNext() )
{
Partition partition = ( Partition ) list.next();
@@ -466,19 +575,22 @@
// ContextPartitionNexus Method Implementations
// ------------------------------------------------------------------------
- public boolean compare( LdapDN name, String oid, Object value ) throws NamingException
+ public boolean compare( OperationContext compareContext ) throws NamingException
{
- Partition partition = getBackend( name );
+ Partition partition = getBackend( compareContext.getDn() );
AttributeTypeRegistry registry = factoryCfg.getRegistries().getAttributeTypeRegistry();
+
+ CompareOperationContext ctx = (CompareOperationContext)compareContext;
// complain if we do not recognize the attribute being compared
- if ( !registry.hasAttributeType( oid ) )
+ if ( !registry.hasAttributeType( ctx.getOid() ) )
{
- throw new LdapInvalidAttributeIdentifierException( oid + " not found within the attributeType registry" );
+ throw new LdapInvalidAttributeIdentifierException( ctx.getOid() + " not found within the attributeType registry" );
}
- AttributeType attrType = registry.lookup( oid );
- Attribute attr = partition.lookup( name ).get( attrType.getName() );
+ AttributeType attrType = registry.lookup( ctx.getOid() );
+
+ Attribute attr = partition.lookup( new LookupOperationContext( ctx.getDn() ) ).get( attrType.getName() );
// complain if the attribute being compared does not exist in the entry
if ( attr == null )
@@ -487,7 +599,7 @@
}
// see first if simple match without normalization succeeds
- if ( attr.contains( value ) )
+ if ( attr.contains( ctx.getValue() ) )
{
return true;
}
@@ -500,11 +612,12 @@
* through all values looking for a match.
*/
Normalizer normalizer = attrType.getEquality().getNormalizer();
- Object reqVal = normalizer.normalize( value );
+ Object reqVal = normalizer.normalize( ctx.getValue() );
for ( int ii = 0; ii < attr.size(); ii++ )
{
Object attrValObj = normalizer.normalize( attr.get( ii ) );
+
if ( attrValObj instanceof String )
{
String attrVal = ( String ) attrValObj;
@@ -531,12 +644,14 @@
}
- public synchronized void addContextPartition( PartitionConfiguration config ) throws NamingException
+ public synchronized void addContextPartition( OperationContext addContextPartitionContext ) throws NamingException
{
+ PartitionConfiguration config = ((AddContextPartitionOperationContext)addContextPartitionContext).getCfg();
Partition partition = config.getContextPartition();
// Turn on default indices
String key = config.getSuffix();
+
if ( partitions.containsKey( key ) )
{
throw new ConfigurationException( "Duplicate partition suffix: " + key );
@@ -548,23 +663,26 @@
}
partitions.put( partition.getSuffix().toString(), partition );
+
+ buildPartitionStructure( partitionList, partition.getSuffix(), 0, partition );
Attribute namingContexts = rootDSE.get( NAMINGCTXS_ATTR );
- namingContexts.add( partition.getUpSuffix().toString() );
+ namingContexts.add( partition.getUpSuffix().getUpName() );
}
- public synchronized void removeContextPartition( LdapDN suffix ) throws NamingException
+ public synchronized void removeContextPartition( OperationContext removeContextPartition ) throws NamingException
{
- String key = suffix.toString();
- Partition partition = ( Partition ) partitions.get( key );
+ String key = removeContextPartition.getDn().getNormName();
+ Partition partition = partitions.get( key );
+
if ( partition == null )
{
throw new NameNotFoundException( "No partition with suffix: " + key );
}
Attribute namingContexts = rootDSE.get( NAMINGCTXS_ATTR );
- namingContexts.remove( partition.getUpSuffix().toString() );
+ namingContexts.remove( partition.getUpSuffix().getUpName() );
partitions.remove( key );
partition.sync();
@@ -588,14 +706,15 @@
/**
- * @see PartitionNexus#getMatchedName(org.apache.directory.shared.ldap.name.LdapDN)
+ * @see PartitionNexus#getMatchedName( OperationContext )
*/
- public LdapDN getMatchedName ( LdapDN dn ) throws NamingException
+ public LdapDN getMatchedName ( OperationContext getMatchedNameContext ) throws NamingException
{
- dn = ( LdapDN ) dn.clone();
+ LdapDN dn = ( LdapDN ) getMatchedNameContext.getDn().clone();
+
while ( dn.size() > 0 )
{
- if ( hasEntry( dn ) )
+ if ( hasEntry( new EntryOperationContext( dn ) ) )
{
return dn;
}
@@ -619,25 +738,25 @@
/**
- * @see PartitionNexus#getSuffix(org.apache.directory.shared.ldap.name.LdapDN)
+ * @see PartitionNexus#getSuffix( OperationContext )
*/
- public LdapDN getSuffix ( LdapDN dn ) throws NamingException
+ public LdapDN getSuffix ( OperationContext getSuffixContext ) throws NamingException
{
- Partition backend = getBackend( dn );
+ Partition backend = getBackend( getSuffixContext.getDn() );
return backend.getSuffix();
}
/**
- * @see PartitionNexus#listSuffixes()
+ * @see PartitionNexus#listSuffixes( OperationContext )
*/
- public Iterator listSuffixes () throws NamingException
+ public Iterator listSuffixes ( OperationContext emptyContext ) throws NamingException
{
return Collections.unmodifiableSet( partitions.keySet() ).iterator();
}
- public Attributes getRootDSE()
+ public Attributes getRootDSE( OperationContext getRootDSEContext )
{
return rootDSE;
}
@@ -658,7 +777,7 @@
private void unregister( Partition partition ) throws NamingException
{
Attribute namingContexts = rootDSE.get( NAMINGCTXS_ATTR );
- namingContexts.remove( partition.getSuffix().toString() );
+ namingContexts.remove( partition.getSuffix().getUpName() );
partitions.remove( partition.getSuffix().toString() );
}
@@ -666,28 +785,26 @@
// ------------------------------------------------------------------------
// DirectoryPartition Interface Method Implementations
// ------------------------------------------------------------------------
-
- public void bind( LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId ) throws NamingException
+ public void bind( OperationContext bindContext ) throws NamingException
{
- Partition partition = getBackend( bindDn );
- partition.bind( bindDn, credentials, mechanisms, saslAuthId );
+ Partition partition = getBackend( bindContext.getDn() );
+ partition.bind( bindContext );
}
-
- public void unbind( LdapDN bindDn ) throws NamingException
+ public void unbind( OperationContext unbindContext ) throws NamingException
{
- Partition partition = getBackend( bindDn );
- partition.unbind( bindDn );
+ Partition partition = getBackend( unbindContext.getDn() );
+ partition.unbind( unbindContext );
}
/**
* @see Partition#delete(org.apache.directory.shared.ldap.name.LdapDN)
*/
- public void delete( LdapDN dn ) throws NamingException
+ public void delete( OperationContext deleteContext ) throws NamingException
{
- Partition backend = getBackend( dn );
- backend.delete( dn );
+ Partition backend = getBackend( deleteContext.getDn() );
+ backend.delete( deleteContext );
}
@@ -698,58 +815,64 @@
* here so backend implementors do not have to worry about performing these
* kinds of checks.
*
- * @see Partition#add(org.apache.directory.shared.ldap.name.LdapDN,javax.naming.directory.Attributes)
+ * @see Partition#add( OperationContext )
*/
- public void add( LdapDN dn, Attributes entry ) throws NamingException
+ public void add( OperationContext addContext ) throws NamingException
{
- Partition backend = getBackend( dn );
- backend.add( dn, entry );
+ Partition backend = getBackend( addContext.getDn() );
+ backend.add( addContext );
}
/**
* @see Partition#modify(org.apache.directory.shared.ldap.name.LdapDN,int,javax.naming.directory.Attributes)
*/
- public void modify( LdapDN dn, int modOp, Attributes mods ) throws NamingException
+ public void modify( OperationContext modifyContext ) throws NamingException
{
- Partition backend = getBackend( dn );
- backend.modify( dn, modOp, mods );
+ Partition backend = getBackend( modifyContext.getDn() );
+ backend.modify( modifyContext );
}
/**
+<<<<<<< .mine
+=======
* @see Partition#modify(org.apache.directory.shared.ldap.name.LdapDN,javax.naming.directory.ModificationItem[])
*/
- public void modify( LdapDN dn, ModificationItemImpl[] mods ) throws NamingException
+ /*public void modify( LdapDN dn, ModificationItemImpl[] mods ) throws NamingException
{
Partition backend = getBackend( dn );
backend.modify( dn, mods );
- }
+ }*/
/**
+>>>>>>> .r530934
* @see Partition#list(org.apache.directory.shared.ldap.name.LdapDN)
*/
- public NamingEnumeration list( LdapDN base ) throws NamingException
+ public NamingEnumeration list( OperationContext opContext ) throws NamingException
{
- Partition backend = getBackend( base );
- return backend.list( base );
+ Partition backend = getBackend( opContext.getDn() );
+ return backend.list( opContext );
}
/**
* @see Partition#search(org.apache.directory.shared.ldap.name.LdapDN,java.util.Map,org.apache.directory.shared.ldap.filter.ExprNode,javax.naming.directory.SearchControls)
*/
- public NamingEnumeration<SearchResult> search( LdapDN base, Map env, ExprNode filter, SearchControls searchCtls )
+ public NamingEnumeration<SearchResult> search( OperationContext opContext )
throws NamingException
{
-
+ LdapDN base = opContext.getDn();
+ SearchControls searchCtls = ((SearchOperationContext)opContext).getSearchControls();
+ ExprNode filter = ((SearchOperationContext)opContext).getFilter();
+
if ( base.size() == 0 )
{
boolean isObjectScope = searchCtls.getSearchScope() == SearchControls.OBJECT_SCOPE;
// test for (objectClass=*)
- boolean isSearchAll = ( ( PresenceNode ) filter ).getAttribute().equalsIgnoreCase( "2.5.4.0" );
+ boolean isSearchAll = ( ( PresenceNode ) filter ).getAttribute().equals( SchemaConstants.OBJECT_CLASS_AT_OID );
/*
* if basedn is "", filter is "(objectclass=*)" and scope is object
@@ -765,7 +888,7 @@
// -----------------------------------------------------------
if ( ids == null || ids.length == 0 )
{
- SearchResult result = new SearchResult( "", null, ( Attributes ) getRootDSE().clone(), false );
+ SearchResult result = new ServerSearchResult( "", null, ( Attributes ) getRootDSE( null ).clone(), false );
return new SingletonEnumeration( result );
}
@@ -809,21 +932,21 @@
// return nothing
if ( containsOneDotOne )
{
- SearchResult result = new SearchResult( "", null, new AttributesImpl(), false );
+ SearchResult result = new ServerSearchResult( "", null, new AttributesImpl(), false );
return new SingletonEnumeration( result );
}
// return everything
if ( containsAsterisk && containsPlus )
{
- SearchResult result = new SearchResult( "", null, ( Attributes ) getRootDSE().clone(), false );
+ SearchResult result = new ServerSearchResult( "", null, ( Attributes ) getRootDSE( null ).clone(), false );
return new SingletonEnumeration( result );
}
Attributes attrs = new AttributesImpl();
if ( containsAsterisk )
{
- for ( NamingEnumeration ii = getRootDSE().getAll(); ii.hasMore(); /**/ )
+ for ( NamingEnumeration ii = getRootDSE( null ).getAll(); ii.hasMore(); /**/ )
{
// add all user attribute
Attribute attr = ( Attribute ) ii.next();
@@ -841,7 +964,7 @@
}
else if ( containsPlus )
{
- for ( NamingEnumeration ii = getRootDSE().getAll(); ii.hasMore(); /**/ )
+ for ( NamingEnumeration ii = getRootDSE( null ).getAll(); ii.hasMore(); /**/ )
{
// add all operational attributes
Attribute attr = ( Attribute ) ii.next();
@@ -859,7 +982,7 @@
}
else
{
- for ( NamingEnumeration ii = getRootDSE().getAll(); ii.hasMore(); /**/ )
+ for ( NamingEnumeration ii = getRootDSE( null ).getAll(); ii.hasMore(); /**/ )
{
// add user attributes specifically asked for
Attribute attr = ( Attribute ) ii.next();
@@ -871,7 +994,7 @@
}
}
- SearchResult result = new SearchResult( "", null, attrs, false );
+ SearchResult result = new ServerSearchResult( "", null, attrs, false );
return new SingletonEnumeration( result );
}
@@ -879,53 +1002,62 @@
}
Partition backend = getBackend( base );
- return backend.search( base, env, filter, searchCtls );
- }
-
-
- /**
- * @see Partition#lookup(org.apache.directory.shared.ldap.name.LdapDN)
- */
- public Attributes lookup( LdapDN dn ) throws NamingException
- {
- if ( dn.size() == 0 )
- {
- return ( Attributes ) rootDSE.clone();
- }
-
- Partition backend = getBackend( dn );
- return backend.lookup( dn );
+ return backend.search( opContext );
}
/**
* @see Partition#lookup(org.apache.directory.shared.ldap.name.LdapDN,String[])
*/
- public Attributes lookup( LdapDN dn, String[] attrIds ) throws NamingException
+ public Attributes lookup( OperationContext opContext ) throws NamingException
{
+ LookupOperationContext ctx = (LookupOperationContext)opContext;
+ LdapDN dn = ctx.getDn();
+
if ( dn.size() == 0 )
{
Attributes retval = new AttributesImpl();
NamingEnumeration list = rootDSE.getIDs();
- while ( list.hasMore() )
+
+ if ( ctx.getAttrsId() != null )
{
- String id = ( String ) list.next();
- Attribute attr = rootDSE.get( id );
- retval.put( ( Attribute ) attr.clone() );
+ while ( list.hasMore() )
+ {
+ String id = ( String ) list.next();
+
+ if ( ctx.getAttrsId().contains( id ) )
+ {
+ Attribute attr = rootDSE.get( id );
+ retval.put( ( Attribute ) attr.clone() );
+ }
+ }
}
+ else
+ {
+ while ( list.hasMore() )
+ {
+ String id = ( String ) list.next();
+
+ Attribute attr = rootDSE.get( id );
+ retval.put( ( Attribute ) attr.clone() );
+ }
+ }
+
return retval;
}
Partition backend = getBackend( dn );
- return backend.lookup( dn, attrIds );
+ return backend.lookup( ctx );
}
/**
- * @see Partition#hasEntry(org.apache.directory.shared.ldap.name.LdapDN)
+ * @see Partition#hasEntry(OperationContext)
*/
- public boolean hasEntry( LdapDN dn ) throws NamingException
+ public boolean hasEntry( OperationContext opContext ) throws NamingException
{
+ LdapDN dn = opContext.getDn();
+
if ( IS_DEBUG )
{
log.debug( "Check if DN '" + dn + "' exists." );
@@ -937,46 +1069,37 @@
}
Partition backend = getBackend( dn );
- return backend.hasEntry( dn );
+ return backend.hasEntry( opContext );
}
/**
- * @see Partition#isSuffix(org.apache.directory.shared.ldap.name.LdapDN)
+ * @see Partition#rename(OperationContext)
*/
- public boolean isSuffix( LdapDN dn )
+ public void rename( OperationContext opContext ) throws NamingException
{
- return partitions.containsKey( dn.toString() );
+ Partition backend = getBackend( opContext.getDn() );
+ backend.rename( opContext );
}
/**
- * @see Partition#modifyRn(org.apache.directory.shared.ldap.name.LdapDN,String,boolean)
+ * @see Partition#move(OperationContext)
*/
- public void modifyRn( LdapDN dn, String newRdn, boolean deleteOldRdn ) throws NamingException
+ public void move( OperationContext opContext ) throws NamingException
{
- Partition backend = getBackend( dn );
- backend.modifyRn( dn, newRdn, deleteOldRdn );
+ Partition backend = getBackend( opContext.getDn() );
+ backend.move( opContext );
}
/**
- * @see Partition#move(org.apache.directory.shared.ldap.name.LdapDN,org.apache.directory.shared.ldap.name.LdapDN)
+ * @see Partition#moveAndRename( OperationContext )
*/
- public void move( LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void moveAndRename( OperationContext opContext ) throws NamingException
{
- Partition backend = getBackend( oriChildName );
- backend.move( oriChildName, newParentName );
- }
-
-
- /**
- * @see Partition#move(org.apache.directory.shared.ldap.name.LdapDN,org.apache.directory.shared.ldap.name.LdapDN,String,boolean)
- */
- public void move( LdapDN oldChildDn, LdapDN newParentDn, String newRdn, boolean deleteOldRdn ) throws NamingException
- {
- Partition backend = getBackend( oldChildDn );
- backend.move( oldChildDn, newParentDn, newRdn, deleteOldRdn );
+ Partition backend = getBackend( opContext.getDn() );
+ backend.moveAndRename( opContext );
}
@@ -994,15 +1117,17 @@
private Partition getBackend( LdapDN dn ) throws NamingException
{
LdapDN clonedDn = ( LdapDN ) dn.clone();
+
while ( clonedDn.size() > 0 )
{
if ( partitions.containsKey( clonedDn.toString() ) )
{
- return ( Partition ) partitions.get( clonedDn.toString() );
+ return partitions.get( clonedDn.toString() );
}
clonedDn.remove( clonedDn.size() - 1 );
}
+
throw new LdapNameNotFoundException( dn.getUpName() );
}
@@ -1023,7 +1148,7 @@
}
for ( Iterator oids = extensionOids.iterator(); oids.hasNext(); )
{
- supportedExtension.add( ( String ) oids.next() );
+ supportedExtension.add( oids.next() );
}
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/Partition.java b/core/src/main/java/org/apache/directory/server/core/partition/Partition.java
index e91e7ca..7c53f4b 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/Partition.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/Partition.java
@@ -20,20 +20,15 @@
package org.apache.directory.server.core.partition;
-import java.util.List;
-import java.util.Map;
-
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.PartitionConfiguration;
-import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -106,52 +101,37 @@
* Deletes a leaf entry from this ContextPartition: non-leaf entries cannot be
* deleted until this operation has been applied to their children.
*
- * @param name the normalized distinguished/absolute name of the entry to
+ * @param opContext the context of the entry to
* delete from this ContextPartition.
* @throws NamingException if there are any problems
*/
- void delete( LdapDN name ) throws NamingException;
+ void delete( OperationContext opContext ) throws NamingException;
/**
* Adds an entry to this ContextPartition.
*
- * @param name
- * @param entry the entry to add to this ContextPartition
+ * @param opContext the context used to add and entry to this ContextPartition
* @throws NamingException if there are any problems
*/
- void add( LdapDN name, Attributes entry ) throws NamingException;
+ void add( OperationContext opContext ) throws NamingException;
/**
* Modifies an entry by adding, removing or replacing a set of attributes.
*
- * @param name the normalized distinguished/absolute name of the entry to
- * modify
- * @param modOp the modification operation to perform on the entry which
- * is one of constants specified by the DirContext interface:
+ * @param opContext The contetx containin the modification operation
+ * to perform on the entry which is one of constants specified by the
+ * DirContext interface:
* <code>ADD_ATTRIBUTE, REMOVE_ATTRIBUTE, REPLACE_ATTRIBUTE</code>.
- * @param attributes the attributes and their values used to affect the
- * modification with.
+ *
* @throws NamingException if there are any problems
* @see javax.naming.directory.DirContext
* @see javax.naming.directory.DirContext#ADD_ATTRIBUTE
* @see javax.naming.directory.DirContext#REMOVE_ATTRIBUTE
* @see javax.naming.directory.DirContext#REPLACE_ATTRIBUTE
*/
- void modify( LdapDN name, int modOp, Attributes attributes ) throws NamingException;
-
-
- /**
- * Modifies an entry by using a combination of adds, removes or replace
- * operations using a set of ModificationItems.
- *
- * @param name the normalized distinguished/absolute name of the entry to modify
- * @param items the ModificationItems used to affect the modification with
- * @throws NamingException if there are any problems
- * @see javax.naming.directory.ModificationItem
- */
- void modify( LdapDN name, ModificationItemImpl[] items ) throws NamingException;
+ void modify( OperationContext opContext ) throws NamingException;
/**
@@ -160,11 +140,11 @@
* used to optimize operations rather than conducting a full search with
* retrieval.
*
- * @param baseName the base distinguished/absolute name for the search/listing
+ * @param opContext the context containing the distinguished/absolute name for the search/listing
* @return a NamingEnumeration containing objects of type {@link SearchResult}
* @throws NamingException if there are any problems
*/
- NamingEnumeration list( LdapDN baseName ) throws NamingException;
+ NamingEnumeration list( OperationContext opContext ) throws NamingException;
/**
@@ -175,16 +155,13 @@
* namespace specific or implementation specific key for the set of LDAP
* Controls.
*
- * @param baseName the normalized distinguished/absolute name of the search base
- * @param environment the environment under which operation occurs
- * @param filter the root node of the filter expression tree
- * @param searchControls the search controls
+ * @param opContext The context containing the information used by the operation
* @throws NamingException if there are any problems
* @return a NamingEnumeration containing objects of type
* <a href="http://java.sun.com/j2se/1.4.2/docs/api/
* javax/naming/directory/SearchResult.html">SearchResult</a>.
*/
- NamingEnumeration<SearchResult> search( LdapDN baseName, Map environment, ExprNode filter, SearchControls searchControls )
+ NamingEnumeration<SearchResult> search( OperationContext opContext )
throws NamingException;
@@ -192,48 +169,24 @@
* Looks up an entry by distinguished/absolute name. This is a simplified
* version of the search operation used to point read an entry used for
* convenience.
+ *
+ * Depending on the context parameters, we my look for a simple entry,
+ * or for a restricted set of attributes for this entry
*
- * @param name the normalized distinguished name of the object to lookup
+ * @param lookupContext The context containing the parameters
* @return an Attributes object representing the entry
* @throws NamingException if there are any problems
*/
- Attributes lookup( LdapDN name ) throws NamingException;
-
-
- /**
- * Looks up an entry by distinguished/absolute name. This is a simplified
- * version of the search operation used to point read an entry used for
- * convenience with a set of attributes to return. If the attributes is
- * null or empty, the returned entry will contain all attributes.
- *
- * @param name the normalized distinguished name of the object to lookup
- * @param attrIds the set of attributes to return
- * @return an Attributes object representing the entry
- * @throws NamingException if there are any problems
- */
- Attributes lookup( LdapDN name, String[] attrIds ) throws NamingException;
-
+ Attributes lookup( OperationContext lookupContext ) throws NamingException;
/**
* Fast operation to check and see if a particular entry exists.
*
- * @param name the normalized distinguished/absolute name of the object to
- * check for existance
+ * @param opContext The context used to pass informations
* @return true if the entry exists, false if it does not
* @throws NamingException if there are any problems
*/
- boolean hasEntry( LdapDN name ) throws NamingException;
-
-
- /**
- * Checks to see if name is a context suffix.
- *
- * @param name the normalized distinguished/absolute name of the context
- * @return true if the name is a context suffix, false if it is not.
- * @throws NamingException if there are any problems
- */
- boolean isSuffix( LdapDN name ) throws NamingException;
-
+ boolean hasEntry( OperationContext opContext ) throws NamingException;
/**
* Modifies an entry by changing its relative name. Optionally attributes
@@ -241,27 +194,20 @@
* This makes sense only in certain namespaces like LDAP and will be ignored
* if it is irrelavent.
*
- * @param name the normalized distinguished/absolute name of the entry to
- * modify the RN of.
- * @param newRn the new RN of the entry specified by name
- * @param deleteOldRn boolean flag which removes the old RN attribute
- * from the entry if set to true, and has no affect if set to false
+ * @param opContext the modify DN context
* @throws NamingException if there are any problems
*/
- void modifyRn( LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException;
+ void rename( OperationContext opContext ) throws NamingException;
/**
* Transplants a child entry, to a position in the namespace under a new
* parent entry.
*
- * @param oldName the normalized distinguished/absolute name of the
- * original child name representing the child entry to move
- * @param newParentName the normalized distinguished/absolute name of the
- * new parent to move the target entry to
+ * @param opContext The context containing the DNs to move
* @throws NamingException if there are any problems
*/
- void move( LdapDN oldName, LdapDN newParentName ) throws NamingException;
+ void move( OperationContext opContext ) throws NamingException;
/**
@@ -272,16 +218,11 @@
* namespace this parameters is ignored. An example of a namespace where
* this parameter is significant is the LDAP namespace.
*
- * @param oldName the normalized distinguished/absolute name of the
- * original child name representing the child entry to move
- * @param newParentName the normalized distinguished/absolute name of the
- * new parent to move the targeted entry to
- * @param newRn the new RN of the entry
- * @param deleteOldRn boolean flag which removes the old RN attribute
- * from the entry if set to true, and has no affect if set to false
+ * @param opContext The context contain all the information about
+ * the modifyDN operation
* @throws NamingException if there are any problems
*/
- void move( LdapDN oldName, LdapDN newParentName, String newRn, boolean deleteOldRn ) throws NamingException;
+ void moveAndRename( OperationContext opContext ) throws NamingException;
/**
@@ -289,23 +230,18 @@
* need not support this operation. This operation is here to enable those
* interested in implementing virtual directories with ApacheDS.
*
- * @param bindDn the normalized dn of the principal
- * @param credentials the credentials of the principal
- * @param mechanisms the mechanisms requested by the JNDI caller or a single
- * mechanism representing the SASL bind mechanism used by a networked client (Strings)
- * @param saslAuthId the SASL authentication (may be null)
+ * @param opContext the bind context, containing all the needed informations to bind
* @throws NamingException if something goes wrong
*/
- void bind( LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId ) throws NamingException;
-
+ void bind( OperationContext opContext ) throws NamingException;
/**
* Represents an unbind operation issued by an authenticated client. Partitions
* need not support this operation. This operation is here to enable those
* interested in implementing virtual directories with ApacheDS.
*
- * @param bindDn the normalized dn of the principal attempting to unbind
+ * @param opContext the context used to unbind
* @throws NamingException if something goes wrong
*/
- void unbind( LdapDN bindDn ) throws NamingException;
+ void unbind( OperationContext opContext ) throws NamingException;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexus.java b/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexus.java
index 9452ca0..548e79a 100755
--- a/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexus.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexus.java
@@ -30,7 +30,8 @@
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapContext;
-import org.apache.directory.server.core.configuration.PartitionConfiguration;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.NoOpNormalizer;
import org.apache.directory.shared.ldap.schema.OidNormalizer;
@@ -68,16 +69,6 @@
/** the base dn under which all groups reside */
public final static String GROUPS_BASE_NAME = "ou=groups,ou=system";
- /** UID attribute name and OID */
- private static final String UID_ATTRIBUTE = "uid";
- private static final String UID_ATTRIBUTE_ALIAS = "userid";
- private static final String UID_ATTRIBUTE_OID = "0.9.2342.19200300.100.1.1";
-
- /** OU attribute names and OID **/
- private static final String OU_ATTRIBUTE = "ou";
- private static final String OU_ATTRIBUTE_ALIAS = "organizationalUnitName";
- private static final String OU_ATTRIBUTE_OID = "2.5.4.11";
-
/**
* System partition suffix constant. Should be kept down to a single Dn name
* component or the default constructor will have to parse it instead of
@@ -109,13 +100,13 @@
{
Map<String, OidNormalizer> oidsMap = new HashMap<String, OidNormalizer>();
- oidsMap.put( UID_ATTRIBUTE, new OidNormalizer( UID_ATTRIBUTE_OID, new NoOpNormalizer() ) );
- oidsMap.put( UID_ATTRIBUTE_ALIAS, new OidNormalizer( UID_ATTRIBUTE_OID, new NoOpNormalizer() ) );
- oidsMap.put( UID_ATTRIBUTE_OID, new OidNormalizer( UID_ATTRIBUTE_OID, new NoOpNormalizer() ) );
+ oidsMap.put( SchemaConstants.UID_AT, new OidNormalizer( SchemaConstants.UID_AT_OID, new NoOpNormalizer() ) );
+ oidsMap.put( SchemaConstants.USER_ID_AT, new OidNormalizer( SchemaConstants.UID_AT_OID, new NoOpNormalizer() ) );
+ oidsMap.put( SchemaConstants.UID_AT_OID, new OidNormalizer( SchemaConstants.UID_AT_OID, new NoOpNormalizer() ) );
- oidsMap.put( OU_ATTRIBUTE, new OidNormalizer( OU_ATTRIBUTE_OID, new NoOpNormalizer() ) );
- oidsMap.put( OU_ATTRIBUTE_ALIAS, new OidNormalizer( OU_ATTRIBUTE_OID, new NoOpNormalizer() ) );
- oidsMap.put( OU_ATTRIBUTE_OID, new OidNormalizer( OU_ATTRIBUTE_OID, new NoOpNormalizer() ) );
+ oidsMap.put( SchemaConstants.OU_AT, new OidNormalizer( SchemaConstants.OU_AT_OID, new NoOpNormalizer() ) );
+ oidsMap.put( SchemaConstants.ORGANIZATIONAL_UNIT_NAME_AT, new OidNormalizer( SchemaConstants.OU_AT_OID, new NoOpNormalizer() ) );
+ oidsMap.put( SchemaConstants.OU_AT_OID, new OidNormalizer( SchemaConstants.OU_AT_OID, new NoOpNormalizer() ) );
adminDn.normalize( oidsMap );
}
@@ -190,26 +181,24 @@
*
* @return the attributes of the RootDSE
*/
- public abstract Attributes getRootDSE() throws NamingException;
+ public abstract Attributes getRootDSE( OperationContext opContext ) throws NamingException;
/**
* Performs a comparison check to see if an attribute of an entry has
* a specified value.
*
- * @param name the normalized name of the entry
- * @param oid the attribute being compared
- * @param value the value the attribute is compared to
+ * @param compareContext the context used to compare
* @return true if the entry contains an attribute with the value, false otherwise
* @throws NamingException if there is a problem accessing the entry and its values
*/
- public abstract boolean compare( LdapDN name, String oid, Object value ) throws NamingException;
+ public abstract boolean compare( OperationContext opContext ) throws NamingException;
- public abstract void addContextPartition( PartitionConfiguration config ) throws NamingException;
+ public abstract void addContextPartition( OperationContext opContext ) throws NamingException;
- public abstract void removeContextPartition( LdapDN suffix ) throws NamingException;
+ public abstract void removeContextPartition( OperationContext opContext ) throws NamingException;
public abstract Partition getSystemPartition();
@@ -231,13 +220,14 @@
/**
* Gets the most significant Dn that exists within the server for any Dn.
*
- * @param name the normalized distinguished name to use for matching.
+ * @param getMatchedNameContext the context containing the distinguished name
+ * to use for matching.
* @return a distinguished name representing the matching portion of dn,
* as originally provided by the user on creation of the matched entry or
* the empty string distinguished name if no match was found.
* @throws NamingException if there are any problems
*/
- public abstract LdapDN getMatchedName ( LdapDN name ) throws NamingException;
+ public abstract LdapDN getMatchedName ( OperationContext opContext ) throws NamingException;
/**
@@ -245,12 +235,13 @@
* the supplied distinguished name parameter. If the DN argument does not
* fall under a partition suffix then the empty string Dn is returned.
*
- * @param name the normalized distinguished name to use for finding a suffix.
+ * @param getSuffixContext the Context containing normalized distinguished
+ * name to use for finding a suffix.
* @return the suffix portion of dn, or the valid empty string Dn if no
* naming context was found for dn.
* @throws NamingException if there are any problems
*/
- public abstract LdapDN getSuffix ( LdapDN name ) throws NamingException;
+ public abstract LdapDN getSuffix ( OperationContext opContext ) throws NamingException;
/**
@@ -260,7 +251,7 @@
* @return Iteration over ContextPartition suffix names as Names.
* @throws NamingException if there are any problems
*/
- public abstract Iterator listSuffixes () throws NamingException;
+ public abstract Iterator listSuffixes( OperationContext opContext ) throws NamingException;
/**
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexusProxy.java b/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexusProxy.java
index efcd280..973217b 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexusProxy.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/PartitionNexusProxy.java
@@ -25,7 +25,6 @@
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
-import java.util.Map;
import java.util.Set;
import javax.naming.Context;
@@ -35,7 +34,6 @@
import javax.naming.ServiceUnavailableException;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
-import javax.naming.directory.DirContext;
import javax.naming.directory.SearchResult;
import javax.naming.event.EventContext;
import javax.naming.event.NamingListener;
@@ -43,17 +41,29 @@
import org.apache.directory.server.core.DirectoryService;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
+import org.apache.directory.server.core.authn.AuthenticationService;
+import org.apache.directory.server.core.authz.AuthorizationService;
+import org.apache.directory.server.core.authz.DefaultAuthorizationService;
import org.apache.directory.server.core.configuration.PartitionConfiguration;
import org.apache.directory.server.core.enumeration.SearchResultFilter;
import org.apache.directory.server.core.enumeration.SearchResultFilteringEnumeration;
import org.apache.directory.server.core.event.EventService;
import org.apache.directory.server.core.interceptor.InterceptorChain;
+import org.apache.directory.server.core.interceptor.context.GetRootDSEOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
+import org.apache.directory.server.core.normalization.NormalizationService;
+import org.apache.directory.server.core.operational.OperationalAttributeService;
+import org.apache.directory.server.core.referral.ReferralService;
+import org.apache.directory.server.core.schema.SchemaService;
+import org.apache.directory.server.core.subtree.SubentryService;
+import org.apache.directory.server.core.trigger.TriggerService;
import org.apache.directory.shared.ldap.exception.LdapSizeLimitExceededException;
import org.apache.directory.shared.ldap.exception.LdapTimeLimitExceededException;
import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -84,15 +94,18 @@
/** Bypass String to use when ALL interceptors should be skipped */
public static final Collection BYPASS_ALL_COLLECTION = Collections.singleton( BYPASS_ALL );
- /** Integer const for DirContext.ADD_ATTRIBUTE */
- private static final Integer ADD_MODOP = new Integer( DirContext.ADD_ATTRIBUTE );
-
- /** Integer const for DirContext.REMOVE_ATTRIBUTE */
- private static final Integer REMOVE_MODOP = new Integer( DirContext.REMOVE_ATTRIBUTE );
-
- /** Integer const for DirContext.REPLACE_ATTRIBUTE */
- private static final Integer REPLACE_MODOP = new Integer( DirContext.REPLACE_ATTRIBUTE );
+ /** A static object to store the rootDSE entry with all the attributes */
+ private static Attributes ROOT_DSE_ALL;
+ /** A static object to store the rootDSE entry without operationnal attributes */
+ private static Attributes ROOT_DSE_NO_OPERATIONNAL;
+
+ /** A mutex to protect the rootDSE construction */
+ private static final Object ROOT_DSE_ALL_MUTEX = new Object();
+
+ /** A mutex to protect the rootDSE construction */
+ private static final Object ROOT_DSE_NOOP_MUTEX = new Object();
+
private final Context caller;
private final DirectoryService service;
private final DirectoryServiceConfiguration configuration;
@@ -100,38 +113,38 @@
static
{
Collection<String> c = new HashSet<String>();
- c.add( "normalizationService" );
- c.add( "authenticationService" );
- c.add( "authorizationService" );
- c.add( "defaultAuthorizationService" );
- c.add( "schemaService" );
- c.add( "subentryService" );
- c.add( "operationalAttributeService" );
- c.add( "referralService" );
- c.add( "eventService" );
+ c.add( NormalizationService.NAME );
+ c.add( AuthenticationService.NAME );
+ c.add( AuthorizationService.NAME );
+ c.add( DefaultAuthorizationService.NAME );
+ c.add( SchemaService.NAME );
+ c.add( SubentryService.NAME );
+ c.add( OperationalAttributeService.NAME );
+ c.add( ReferralService.NAME );
+ c.add( EventService.NAME );
LOOKUP_BYPASS = Collections.unmodifiableCollection( c );
c = new HashSet<String>();
- c.add( "authenticationService" );
- c.add( "authorizationService" );
- c.add( "defaultAuthorizationService" );
- c.add( "schemaService" );
- c.add( "subentryService" );
- c.add( "operationalAttributeService" );
- c.add( "referralService" );
- c.add( "eventService" );
+ c.add( AuthenticationService.NAME );
+ c.add( AuthorizationService.NAME );
+ c.add( DefaultAuthorizationService.NAME );
+ c.add( SchemaService.NAME );
+ c.add( SubentryService.NAME );
+ c.add( OperationalAttributeService.NAME );
+ c.add( ReferralService.NAME );
+ c.add( EventService.NAME );
GETMATCHEDDN_BYPASS = Collections.unmodifiableCollection( c );
c = new HashSet<String>();
- c.add( "normalizationService" );
- c.add( "authenticationService" );
- c.add( "authorizationService" );
- c.add( "defaultAuthorizationService" );
- c.add( "schemaService" );
- c.add( "subentryService" );
- c.add( "referralService" );
- c.add( "eventService" );
- c.add( "triggerService" );
+ c.add( NormalizationService.NAME );
+ c.add( AuthenticationService.NAME );
+ c.add( AuthorizationService.NAME );
+ c.add( DefaultAuthorizationService.NAME );
+ c.add( SchemaService.NAME );
+ c.add( SubentryService.NAME );
+ c.add( ReferralService.NAME );
+ c.add( EventService.NAME );
+ c.add( TriggerService.NAME );
LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS = Collections.unmodifiableCollection( c );
}
@@ -142,7 +155,7 @@
* @param caller a JNDI {@link Context} object that will call this proxy
* @param service a JNDI service
*/
- public PartitionNexusProxy(Context caller, DirectoryService service)
+ public PartitionNexusProxy(Context caller, DirectoryService service) throws NamingException
{
this.caller = caller;
this.service = service;
@@ -156,7 +169,7 @@
}
- public void init( DirectoryServiceConfiguration factoryCfg, PartitionConfiguration cfg )
+ public void init( DirectoryServiceConfiguration factoryCfg, PartitionConfiguration cfg ) throws NamingException
{
}
@@ -207,21 +220,22 @@
}
- public LdapDN getMatchedName ( LdapDN dn ) throws NamingException
+ public LdapDN getMatchedName ( OperationContext opContext ) throws NamingException
{
- return getMatchedName( dn, null );
+ return getMatchedName( opContext, null );
}
- public LdapDN getMatchedName( LdapDN dn, Collection bypass ) throws NamingException
+ public LdapDN getMatchedName( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
- Object[] args = new Object[] { dn };
- stack.push( new Invocation( this, caller, "getMatchedDn", args, bypass ) );
+ Object[] args = new Object[] { opContext };
+ stack.push( new Invocation( this, caller, "getMatchedName", args, bypass ) );
+
try
{
- return this.configuration.getInterceptorChain().getMatchedName( dn );
+ return this.configuration.getInterceptorChain().getMatchedName( opContext );
}
finally
{
@@ -230,21 +244,21 @@
}
- public LdapDN getSuffix ( LdapDN dn ) throws NamingException
+ public LdapDN getSuffix ( OperationContext opContext ) throws NamingException
{
- return getSuffix( dn, null );
+ return getSuffix( opContext, null );
}
- public LdapDN getSuffix( LdapDN dn, Collection bypass ) throws NamingException
+ public LdapDN getSuffix( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
- Object[] args = new Object[] { dn };
+ Object[] args = new Object[] { opContext };
stack.push( new Invocation( this, caller, "getSuffix", args, bypass ) );
try
{
- return this.configuration.getInterceptorChain().getSuffix( dn );
+ return this.configuration.getInterceptorChain().getSuffix( opContext );
}
finally
{
@@ -253,13 +267,13 @@
}
- public Iterator listSuffixes () throws NamingException
+ public Iterator listSuffixes( OperationContext opContext ) throws NamingException
{
- return listSuffixes( null );
+ return listSuffixes( opContext );
}
- public Iterator listSuffixes( Collection bypass ) throws NamingException
+ public Iterator listSuffixes( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
@@ -267,7 +281,7 @@
stack.push( new Invocation( this, caller, "listSuffixes", args, bypass ) );
try
{
- return this.configuration.getInterceptorChain().listSuffixes();
+ return this.configuration.getInterceptorChain().listSuffixes( opContext );
}
finally
{
@@ -276,21 +290,21 @@
}
- public boolean compare( LdapDN name, String oid, Object value ) throws NamingException
+ public boolean compare( OperationContext opContext ) throws NamingException
{
- return compare( name, oid, value, null );
+ return compare( opContext, null );
}
- public boolean compare( LdapDN name, String oid, Object value, Collection bypass ) throws NamingException
+ public boolean compare( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "compare", new Object[]
- { name, oid, value }, bypass ) );
+ { opContext }, bypass ) );
try
{
- return this.configuration.getInterceptorChain().compare( name, oid, value );
+ return this.configuration.getInterceptorChain().compare( opContext );
}
finally
{
@@ -299,21 +313,21 @@
}
- public void delete( LdapDN name ) throws NamingException
+ public void delete( OperationContext opContext ) throws NamingException
{
- delete( name, null );
+ delete( opContext, null );
}
- public void delete( LdapDN name, Collection bypass ) throws NamingException
+ public void delete( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "delete", new Object[]
- { name }, bypass ) );
+ { opContext }, bypass ) );
try
{
- this.configuration.getInterceptorChain().delete( name );
+ this.configuration.getInterceptorChain().delete( opContext );
}
finally
{
@@ -322,21 +336,21 @@
}
- public void add( LdapDN normName, Attributes entry ) throws NamingException
+ public void add( OperationContext opContext ) throws NamingException
{
- add( normName, entry, null );
+ add( opContext, null );
}
- public void add( LdapDN normName, Attributes entry, Collection bypass ) throws NamingException
+ public void add( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "add", new Object[]
- { normName, entry }, bypass ) );
+ { opContext }, bypass ) );
try
{
- this.configuration.getInterceptorChain().add( normName, entry );
+ this.configuration.getInterceptorChain().add( opContext );
}
finally
{
@@ -345,61 +359,22 @@
}
- public void modify( LdapDN name, int modOp, Attributes mods ) throws NamingException
+ public void modify( OperationContext opContext ) throws NamingException
{
- modify( name, modOp, mods, null );
+ modify( opContext, null );
}
- public void modify( LdapDN name, int modOp, Attributes mods, Collection bypass ) throws NamingException
- {
- ensureStarted();
- InvocationStack stack = InvocationStack.getInstance();
- Integer modOpObj;
-
- switch ( modOp )
- {
- case ( DirContext.ADD_ATTRIBUTE ):
- modOpObj = ADD_MODOP;
- break;
- case ( DirContext.REMOVE_ATTRIBUTE ):
- modOpObj = REMOVE_MODOP;
- break;
- case ( DirContext.REPLACE_ATTRIBUTE ):
- modOpObj = REPLACE_MODOP;
- break;
- default:
- throw new IllegalArgumentException( "bad modification operation value: " + modOp );
- }
-
- stack.push( new Invocation( this, caller, "modify", new Object[]
- { name, modOpObj, mods }, bypass ) );
- try
- {
- this.configuration.getInterceptorChain().modify( name, modOp, mods );
- }
- finally
- {
- stack.pop();
- }
- }
-
-
- public void modify( LdapDN name, ModificationItemImpl[] mods ) throws NamingException
- {
- modify( name, mods, null );
- }
-
-
- public void modify( LdapDN name, ModificationItemImpl[] mods, Collection bypass ) throws NamingException
+ public void modify( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "modify", new Object[]
- { name, mods }, bypass ) );
+ { opContext }, bypass ) );
+
try
{
- this.configuration.getInterceptorChain().modify( name, mods );
+ this.configuration.getInterceptorChain().modify( opContext );
}
finally
{
@@ -408,21 +383,21 @@
}
- public NamingEnumeration list( LdapDN base ) throws NamingException
+ public NamingEnumeration list( OperationContext opContext ) throws NamingException
{
- return list( base, null );
+ return list( opContext, null );
}
- public NamingEnumeration list( LdapDN base, Collection bypass ) throws NamingException
+ public NamingEnumeration list( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "list", new Object[]
- { base }, bypass ) );
+ { opContext }, bypass ) );
try
{
- return this.configuration.getInterceptorChain().list( base );
+ return this.configuration.getInterceptorChain().list( opContext );
}
finally
{
@@ -431,14 +406,16 @@
}
- public NamingEnumeration search( LdapDN base, Map env, ExprNode filter, SearchControls searchCtls )
+ public NamingEnumeration<SearchResult> search( OperationContext opContext )
throws NamingException
{
- NamingEnumeration ne = search( base, env, filter, searchCtls, null );
+ NamingEnumeration<SearchResult> ne = search( opContext, null );
if ( ne instanceof SearchResultFilteringEnumeration )
{
SearchResultFilteringEnumeration results = ( SearchResultFilteringEnumeration ) ne;
+ SearchControls searchCtls = ((SearchOperationContext)opContext).getSearchControls();
+
if ( searchCtls.getTimeLimit() + searchCtls.getCountLimit() > 0 )
{
// this will be he last filter added so other filters before it must
@@ -476,20 +453,21 @@
} );
}
}
+
return ne;
}
- public NamingEnumeration search( LdapDN base, Map env, ExprNode filter, SearchControls searchCtls, Collection bypass )
+ public NamingEnumeration<SearchResult> search( OperationContext opContext, Collection bypass )
throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "search", new Object[]
- { base, env, filter, searchCtls }, bypass ) );
+ { opContext }, bypass ) );
try
{
- return this.configuration.getInterceptorChain().search( base, env, filter, searchCtls );
+ return this.configuration.getInterceptorChain().search( opContext );
}
finally
{
@@ -498,21 +476,52 @@
}
- public Attributes lookup( LdapDN name ) throws NamingException
+ public Attributes lookup( OperationContext opContext ) throws NamingException
{
- return lookup( name, ( Collection ) null );
+ if ( opContext.getDn().size() == 0 )
+ {
+ List<String> attrs = ( (LookupOperationContext)opContext).getAttrsId();
+
+ if ( ( attrs == null ) || ( attrs.size() == 0 ) )
+ {
+ synchronized( ROOT_DSE_NOOP_MUTEX )
+ {
+ if ( ROOT_DSE_NO_OPERATIONNAL == null )
+ {
+ ROOT_DSE_NO_OPERATIONNAL = lookup( opContext, ( Collection ) null );
+ }
+ }
+
+ return ROOT_DSE_NO_OPERATIONNAL;
+ }
+ else if ( ( attrs.size() == 1 ) && ( attrs.contains( "+" ) ) )
+ {
+ synchronized( ROOT_DSE_ALL_MUTEX )
+ {
+ if ( ROOT_DSE_ALL == null )
+ {
+ ROOT_DSE_ALL = lookup( opContext, ( Collection ) null );
+ }
+ }
+
+ return ROOT_DSE_ALL;
+ }
+
+ }
+
+ return lookup( opContext, ( Collection ) null );
}
- public Attributes lookup( LdapDN name, Collection bypass ) throws NamingException
+ public Attributes lookup( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "lookup", new Object[]
- { name }, bypass ) );
+ { opContext }, bypass ) );
try
{
- return this.configuration.getInterceptorChain().lookup( name );
+ return this.configuration.getInterceptorChain().lookup( opContext );
}
finally
{
@@ -520,45 +529,21 @@
}
}
-
- public Attributes lookup( LdapDN dn, String[] attrIds ) throws NamingException
+ public boolean hasEntry( OperationContext opContext ) throws NamingException
{
- return lookup( dn, attrIds, null );
+ return hasEntry( opContext, null );
}
- public Attributes lookup( LdapDN dn, String[] attrIds, Collection bypass ) throws NamingException
- {
- ensureStarted();
- InvocationStack stack = InvocationStack.getInstance();
- stack.push( new Invocation( this, caller, "lookup", new Object[]
- { dn, attrIds }, bypass ) );
- try
- {
- return this.configuration.getInterceptorChain().lookup( dn, attrIds );
- }
- finally
- {
- stack.pop();
- }
- }
-
-
- public boolean hasEntry( LdapDN name ) throws NamingException
- {
- return hasEntry( name, null );
- }
-
-
- public boolean hasEntry( LdapDN name, Collection bypass ) throws NamingException
+ public boolean hasEntry( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "hasEntry", new Object[]
- { name }, bypass ) );
+ { opContext }, bypass ) );
try
{
- return this.configuration.getInterceptorChain().hasEntry( name );
+ return this.configuration.getInterceptorChain().hasEntry( opContext );
}
finally
{
@@ -567,45 +552,22 @@
}
- public boolean isSuffix( LdapDN name ) throws NamingException
+ public void rename( OperationContext opContext ) throws NamingException
{
- return isSuffix( name, null );
+ rename( opContext, null );
}
- public boolean isSuffix( LdapDN name, Collection bypass ) throws NamingException
- {
- ensureStarted();
- InvocationStack stack = InvocationStack.getInstance();
- stack.push( new Invocation( this, caller, "isSuffix", new Object[]
- { name }, bypass ) );
- try
- {
- return this.configuration.getInterceptorChain().isSuffix( name );
- }
- finally
- {
- stack.pop();
- }
- }
-
-
- public void modifyRn( LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
- {
- modifyRn( name, newRn, deleteOldRn, null );
- }
-
-
- public void modifyRn( LdapDN name, String newRn, boolean deleteOldRn, Collection bypass ) throws NamingException
+ public void rename( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
Object[] args = new Object[]
- { name, newRn, deleteOldRn ? Boolean.TRUE : Boolean.FALSE };
- stack.push( new Invocation( this, caller, "modifyRn", args, bypass ) );
+ { opContext };
+ stack.push( new Invocation( this, caller, "rename", args, bypass ) );
try
{
- this.configuration.getInterceptorChain().modifyRn( name, newRn, deleteOldRn );
+ this.configuration.getInterceptorChain().rename( opContext );
}
finally
{
@@ -614,21 +576,21 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( OperationContext opContext ) throws NamingException
{
- move( oriChildName, newParentName, null );
+ move( opContext, null );
}
- public void move( LdapDN oriChildName, LdapDN newParentName, Collection bypass ) throws NamingException
+ public void move( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "move", new Object[]
- { oriChildName, newParentName }, bypass ) );
+ { opContext }, bypass ) );
try
{
- this.configuration.getInterceptorChain().move( oriChildName, newParentName );
+ this.configuration.getInterceptorChain().move( opContext );
}
finally
{
@@ -637,23 +599,23 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn ) throws NamingException
+ public void moveAndRename( OperationContext opContext ) throws NamingException
{
- move( oriChildName, newParentName, newRn, deleteOldRn, null );
+ moveAndRename( opContext, null );
}
- public void move( LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn, Collection bypass )
+ public void moveAndRename( OperationContext opContext, Collection bypass )
throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
Object[] args = new Object[]
- { oriChildName, newParentName, newRn, deleteOldRn ? Boolean.TRUE : Boolean.FALSE };
- stack.push( new Invocation( this, caller, "move", args, bypass ) );
+ { opContext };
+ stack.push( new Invocation( this, caller, "moveAndRename", args, bypass ) );
try
{
- this.configuration.getInterceptorChain().move( oriChildName, newParentName, newRn, deleteOldRn );
+ this.configuration.getInterceptorChain().moveAndRename( opContext );
}
finally
{
@@ -664,26 +626,23 @@
/**
* TODO : check if we can find another way to procect ourselves from recursion.
*
- * @param bindDn
- * @param credentials
- * @param mechanisms
- * @param saslAuthId
+ * @param opContext The operation context
* @param bypass
* @throws NamingException
*/
- public void bind( LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId, Collection bypass )
+ public void bind( OperationContext opContext, Collection bypass )
throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
Object[] args = new Object[]
- { bindDn, credentials, mechanisms, saslAuthId };
+ { opContext };
stack.push( new Invocation( this, caller, "bind", args, bypass ) );
try
{
- this.configuration.getInterceptorChain().bind( bindDn, credentials, mechanisms, saslAuthId );
+ configuration.getInterceptorChain().bind( opContext );
}
finally
{
@@ -691,17 +650,16 @@
}
}
-
- public void unbind( LdapDN bindDn, Collection bypass ) throws NamingException
+ public void unbind( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
Object[] args = new Object[]
- { bindDn };
+ { opContext };
stack.push( new Invocation( this, caller, "unbind", args, bypass ) );
try
{
- this.configuration.getInterceptorChain().unbind( bindDn );
+ this.configuration.getInterceptorChain().unbind( opContext );
}
finally
{
@@ -710,32 +668,45 @@
}
- public void bind( LdapDN bindDn, byte[] credentials, List<String> mechanisms, String saslAuthId ) throws NamingException
+ public void bind( OperationContext opContext ) throws NamingException
{
- bind( bindDn, credentials, mechanisms, saslAuthId, null );
+ bind( opContext, null );
}
- public void unbind( LdapDN bindDn ) throws NamingException
+ public void unbind( OperationContext opContext ) throws NamingException
{
- unbind( bindDn, null );
+ unbind( opContext, null );
}
- public Attributes getRootDSE() throws NamingException
+ public Attributes getRootDSE( OperationContext opContext ) throws NamingException
{
- return getRootDSE( null );
+ if ( opContext.getDn().size() == 0 )
+ {
+ synchronized( ROOT_DSE_ALL_MUTEX )
+ {
+ if ( ROOT_DSE_ALL == null )
+ {
+ ROOT_DSE_ALL = getRootDSE( null, null );
+ }
+ }
+
+ return ROOT_DSE_ALL;
+ }
+
+ return getRootDSE( null, null );
}
- public Attributes getRootDSE( Collection bypass ) throws NamingException
+ public Attributes getRootDSE( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "getRootDSE", null, bypass ) );
try
{
- return this.configuration.getInterceptorChain().getRootDSE();
+ return this.configuration.getInterceptorChain().getRootDSE( opContext );
}
finally
{
@@ -744,21 +715,21 @@
}
- public void addContextPartition( PartitionConfiguration config ) throws NamingException
+ public void addContextPartition( OperationContext opContext ) throws NamingException
{
- addContextPartition( config, null );
+ addContextPartition( opContext, null );
}
- public void addContextPartition( PartitionConfiguration config, Collection bypass ) throws NamingException
+ public void addContextPartition( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "addContextPartition", new Object[]
- { config }, bypass ) );
+ { opContext }, bypass ) );
try
{
- this.configuration.getInterceptorChain().addContextPartition( config );
+ this.configuration.getInterceptorChain().addContextPartition( opContext );
}
finally
{
@@ -767,21 +738,21 @@
}
- public void removeContextPartition( LdapDN suffix ) throws NamingException
+ public void removeContextPartition( OperationContext opContext ) throws NamingException
{
- removeContextPartition( suffix, null );
+ removeContextPartition( opContext, null );
}
- public void removeContextPartition( LdapDN suffix, Collection bypass ) throws NamingException
+ public void removeContextPartition( OperationContext opContext, Collection bypass ) throws NamingException
{
ensureStarted();
InvocationStack stack = InvocationStack.getInstance();
stack.push( new Invocation( this, caller, "removeContextPartition", new Object[]
- { suffix }, bypass ) );
+ { opContext }, bypass ) );
try
{
- this.configuration.getInterceptorChain().removeContextPartition( suffix );
+ this.configuration.getInterceptorChain().removeContextPartition( opContext );
}
finally
{
@@ -820,7 +791,7 @@
NamingListener namingListener ) throws NamingException
{
InterceptorChain chain = this.configuration.getInterceptorChain();
- EventService interceptor = ( EventService ) chain.get( "eventService" );
+ EventService interceptor = ( EventService ) chain.get( EventService.NAME );
interceptor.addNamingListener( ctx, name, filter, searchControls, namingListener );
}
@@ -832,7 +803,7 @@
{
return;
}
- EventService interceptor = ( EventService ) chain.get( "eventService" );
+ EventService interceptor = ( EventService ) chain.get( EventService.NAME );
interceptor.removeNamingListener( ctx, namingListener );
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreePartition.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreePartition.java
index c0a84bf..c97ac1d 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreePartition.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreePartition.java
@@ -20,10 +20,8 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
import java.util.HashSet;
import java.util.Iterator;
-import java.util.Map;
import java.util.Set;
import javax.naming.NamingEnumeration;
@@ -31,24 +29,26 @@
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.PartitionConfiguration;
import org.apache.directory.server.core.enumeration.SearchResultEnumeration;
-import org.apache.directory.server.core.partition.Partition;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.Oid;
+import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.core.partition.impl.btree.gui.PartitionViewer;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.shared.ldap.exception.LdapContextNotEmptyException;
import org.apache.directory.shared.ldap.exception.LdapNameNotFoundException;
-import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.message.AttributesImpl;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
-import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.name.LdapDN;
-
+import org.apache.directory.shared.ldap.schema.AttributeType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -328,7 +328,7 @@
{
LdapDN dn = new LdapDN( suffix );
LdapDN normalizedSuffix = LdapDN.normalize( dn, attributeTypeRegistry.getNormalizerMapping() );
- add( normalizedSuffix, entry );
+ add( new AddOperationContext( normalizedSuffix, entry ) );
}
}
@@ -380,9 +380,11 @@
// ContextPartition Interface Method Implementations
// ------------------------------------------------------------------------
- public void delete( LdapDN dn ) throws NamingException
+ public void delete( OperationContext opContext ) throws NamingException
{
- BigInteger id = getEntryId( dn.toString() );
+ LdapDN dn = opContext.getDn();
+
+ Long id = getEntryId( dn.getNormName() );
// don't continue if id is null
if ( id == null )
@@ -402,56 +404,56 @@
}
- public abstract void add(LdapDN dn, Attributes entry) throws NamingException;
+ public abstract void add( OperationContext opContext ) throws NamingException;
- public abstract void modify( LdapDN dn, int modOp, Attributes mods ) throws NamingException;
-
-
- public abstract void modify( LdapDN dn, ModificationItemImpl[] mods ) throws NamingException;
+ public abstract void modify( OperationContext opContext ) throws NamingException;
private static final String[] ENTRY_DELETED_ATTRS = new String[] { "entrydeleted" };
- public NamingEnumeration list( LdapDN base ) throws NamingException
+
+ public NamingEnumeration list( OperationContext opContext ) throws NamingException
{
SearchResultEnumeration list;
- list = new BTreeSearchResultEnumeration( ENTRY_DELETED_ATTRS, list( getEntryId( base.toString() ) ),
+ list = new BTreeSearchResultEnumeration( ENTRY_DELETED_ATTRS, list( getEntryId( opContext.getDn().getNormName() ) ),
this, attributeTypeRegistry );
return list;
}
- public NamingEnumeration search( LdapDN base, Map env, ExprNode filter, SearchControls searchCtls )
+ public NamingEnumeration<SearchResult> search( OperationContext opContext )
throws NamingException
{
+ SearchControls searchCtls = ((SearchOperationContext)opContext).getSearchControls();
String[] attrIds = searchCtls.getReturningAttributes();
NamingEnumeration underlying = null;
- underlying = searchEngine.search( base, env, filter, searchCtls );
+ underlying = searchEngine.search(
+ opContext.getDn(),
+ ((SearchOperationContext)opContext).getEnv(),
+ ((SearchOperationContext)opContext).getFilter(),
+ searchCtls );
return new BTreeSearchResultEnumeration( attrIds, underlying, this, attributeTypeRegistry );
}
- public Attributes lookup( LdapDN dn ) throws NamingException
+ public Attributes lookup( OperationContext opContext ) throws NamingException
{
- return lookup( getEntryId( dn.getNormName() ) );
- }
+ LookupOperationContext ctx = (LookupOperationContext)opContext;
+
+ Attributes entry = lookup( getEntryId( ctx.getDn().getNormName() ) );
-
- public Attributes lookup( LdapDN dn, String[] attrIds ) throws NamingException
- {
- if ( attrIds == null || attrIds.length == 0 )
+ if ( ( ctx.getAttrsId() == null ) || ( ctx.getAttrsId().size() == 0 ) )
{
- return lookup( dn );
+ return entry;
}
- Attributes entry = lookup( dn );
Attributes retval = new AttributesImpl();
- for ( int ii = 0; ii < attrIds.length; ii++ )
+ for ( String attrId:ctx.getAttrsId() )
{
- Attribute attr = entry.get( attrIds[ii] );
+ Attribute attr = entry.get( attrId );
if ( attr != null )
{
@@ -463,19 +465,19 @@
}
- public boolean hasEntry( LdapDN dn ) throws NamingException
+ public boolean hasEntry( OperationContext opContext ) throws NamingException
{
- return null != getEntryId( dn.toString() );
+ return null != getEntryId( opContext.getDn().getNormName() );
}
- public abstract void modifyRn( LdapDN dn, String newRdn, boolean deleteOldRdn ) throws NamingException;
+ public abstract void rename( OperationContext opContext ) throws NamingException;
- public abstract void move( LdapDN oldChildDn, LdapDN newParentDn ) throws NamingException;
+ public abstract void move( OperationContext opContext ) throws NamingException;
- public abstract void move( LdapDN oldChildDn, LdapDN newParentDn, String newRdn, boolean deleteOldRdn )
+ public abstract void moveAndRename( OperationContext opContext )
throws NamingException;
@@ -488,12 +490,6 @@
public abstract boolean isInitialized();
- public boolean isSuffix( LdapDN dn ) throws NamingException
- {
- return getSuffix().equals( dn );
- }
-
-
public void inspect() throws Exception
{
PartitionViewer viewer = new PartitionViewer( this, searchEngine );
@@ -643,16 +639,16 @@
public abstract Index getSystemIndex( String attribute ) throws IndexNotFoundException;
- public abstract BigInteger getEntryId( String dn ) throws NamingException;
+ public abstract Long getEntryId( String dn ) throws NamingException;
- public abstract String getEntryDn( BigInteger id ) throws NamingException;
+ public abstract String getEntryDn( Long id ) throws NamingException;
- public abstract BigInteger getParentId( String dn ) throws NamingException;
+ public abstract Long getParentId( String dn ) throws NamingException;
- public abstract BigInteger getParentId( BigInteger childId ) throws NamingException;
+ public abstract Long getParentId( Long childId ) throws NamingException;
/**
@@ -662,7 +658,7 @@
* @return the user provided distinguished name
* @throws NamingException if the updn index cannot be accessed
*/
- public abstract String getEntryUpdn( BigInteger id ) throws NamingException;
+ public abstract String getEntryUpdn( Long id ) throws NamingException;
/**
@@ -675,16 +671,16 @@
public abstract String getEntryUpdn( String dn ) throws NamingException;
- public abstract Attributes lookup( BigInteger id ) throws NamingException;
+ public abstract Attributes lookup( Long id ) throws NamingException;
- public abstract void delete( BigInteger id ) throws NamingException;
+ public abstract void delete( Long id ) throws NamingException;
- public abstract NamingEnumeration list( BigInteger id ) throws NamingException;
+ public abstract NamingEnumeration list( Long id ) throws NamingException;
- public abstract int getChildCount( BigInteger id ) throws NamingException;
+ public abstract int getChildCount( Long id ) throws NamingException;
public abstract Attributes getSuffixEntry() throws NamingException;
@@ -702,7 +698,7 @@
public abstract Iterator getSystemIndices();
- public abstract Attributes getIndices( BigInteger id ) throws NamingException;
+ public abstract Attributes getIndices( Long id ) throws NamingException;
/**
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResult.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResult.java
index 994bcc6..0dade3d 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResult.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResult.java
@@ -20,11 +20,12 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
-
+import javax.naming.InvalidNameException;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchResult;
+import org.apache.directory.shared.ldap.message.ServerSearchResult;
+
/**
* A special search result that includes the unique database primary key or
@@ -34,12 +35,12 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$
*/
-public class BTreeSearchResult extends SearchResult
+public class BTreeSearchResult extends ServerSearchResult
{
private static final long serialVersionUID = 3976739172700860977L;
/** the primary key used for the resultant entry */
- private final BigInteger id;
+ private final Long id;
// ------------------------------------------------------------------------
@@ -54,7 +55,7 @@
* @param obj the object if any
* @param attrs the attributes of the entry
*/
- public BTreeSearchResult(BigInteger id, String name, Object obj, Attributes attrs)
+ public BTreeSearchResult(Long id, String name, Object obj, Attributes attrs) throws InvalidNameException
{
super( name, obj, attrs );
this.id = id;
@@ -70,7 +71,7 @@
* @param attrs the attributes of the entry
* @param isRelative whether or not the name is relative to the base
*/
- public BTreeSearchResult(BigInteger id, String name, Object obj, Attributes attrs, boolean isRelative)
+ public BTreeSearchResult(Long id, String name, Object obj, Attributes attrs, boolean isRelative) throws InvalidNameException
{
super( name, obj, attrs, isRelative );
this.id = id;
@@ -86,7 +87,7 @@
* @param obj the object if any
* @param attrs the attributes of the entry
*/
- public BTreeSearchResult(BigInteger id, String name, String className, Object obj, Attributes attrs)
+ public BTreeSearchResult(Long id, String name, String className, Object obj, Attributes attrs) throws InvalidNameException
{
super( name, className, obj, attrs );
this.id = id;
@@ -103,8 +104,8 @@
* @param attrs the attributes of the entry
* @param isRelative whether or not the name is relative to the base
*/
- public BTreeSearchResult(BigInteger id, String name, String className, Object obj, Attributes attrs,
- boolean isRelative)
+ public BTreeSearchResult(Long id, String name, String className, Object obj, Attributes attrs,
+ boolean isRelative) throws InvalidNameException
{
super( name, className, obj, attrs, isRelative );
this.id = id;
@@ -116,7 +117,7 @@
*
* @return Returns the id.
*/
- public BigInteger getId()
+ public Long getId()
{
return id;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResultEnumeration.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResultEnumeration.java
index 2c6b553..9fa54f5 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResultEnumeration.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/BTreeSearchResultEnumeration.java
@@ -104,11 +104,11 @@
{
IndexRecord rec = ( IndexRecord ) underlying.next();
Attributes entry;
- String name = partition.getEntryUpdn( rec.getEntryId() );
+ String name = partition.getEntryUpdn( (Long)rec.getEntryId() );
if ( null == rec.getAttributes() )
{
- rec.setAttributes( partition.lookup( rec.getEntryId() ) );
+ rec.setAttributes( partition.lookup( (Long)rec.getEntryId() ) );
}
if ( attrIds == null )
@@ -234,7 +234,7 @@
}
}
- BTreeSearchResult result = new BTreeSearchResult( rec.getEntryId(), name, null, entry );
+ BTreeSearchResult result = new BTreeSearchResult( (Long)rec.getEntryId(), name, null, entry );
result.setRelative( false );
return result;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/DefaultOptimizer.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/DefaultOptimizer.java
index 6eef8ae..fa2c701 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/DefaultOptimizer.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/DefaultOptimizer.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
import java.util.List;
import javax.naming.NamingException;
@@ -44,7 +43,7 @@
public class DefaultOptimizer implements Optimizer
{
/** the maximum size for a count Integer.MAX_VALUE as a BigInteger */
- private static final BigInteger MAX = BigInteger.valueOf( Integer.MAX_VALUE );
+ private static final Long MAX = Long.MAX_VALUE;
/** the database this optimizer operates on */
private BTreePartition db;
@@ -71,7 +70,7 @@
public void annotate( ExprNode node ) throws NamingException
{
// Start off with the worst case unless scan count says otherwise.
- BigInteger count = MAX;
+ Long count = MAX;
/* --------------------------------------------------------------------
* H A N D L E L E A F N O D E S
@@ -165,7 +164,7 @@
}
// Protect against overflow when counting.
- if ( count.compareTo( BigInteger.ZERO ) < 0 )
+ if ( count.compareTo( 0L ) < 0 )
{
count = MAX;
}
@@ -185,16 +184,16 @@
* @return the calculated scan count
* @throws NamingException if there is an error
*/
- private BigInteger getConjunctionScan( BranchNode node ) throws NamingException
+ private Long getConjunctionScan( BranchNode node ) throws NamingException
{
- BigInteger count = MAX;
+ Long count = MAX;
List<ExprNode> children = node.getChildren();
for ( int ii = 0; ii < children.size(); ii++ )
{
ExprNode child = ( ExprNode ) children.get( ii );
annotate( child );
- count = ( ( BigInteger ) child.get( "count" ) ).min( count );
+ count = Math.min( ( ( Long ) child.get( "count" ) ), count );
}
return count;
@@ -215,7 +214,7 @@
* @return the scan count
* @throws NamingException if there is an error
*/
- private BigInteger getNegationScan( BranchNode node ) throws NamingException
+ private Long getNegationScan( BranchNode node ) throws NamingException
{
ExprNode onlyChild = ( ExprNode ) node.getChildren().get( 0 );
@@ -229,13 +228,13 @@
if ( db.hasUserIndexOn( leaf.getAttribute() ) )
{
Index idx = db.getUserIndex( leaf.getAttribute() );
- return BigInteger.valueOf( idx.count() );
+ return Long.valueOf( idx.count() );
}
- return BigInteger.valueOf( db.count() );
+ return Long.valueOf( db.count() );
}
- return BigInteger.valueOf( db.count() );
+ return Long.valueOf( db.count() );
}
@@ -248,16 +247,16 @@
* @return the scan count on the OR node
* @throws NamingException if there is an error
*/
- private BigInteger getDisjunctionScan( BranchNode node ) throws NamingException
+ private Long getDisjunctionScan( BranchNode node ) throws NamingException
{
List<ExprNode> children = node.getChildren();
- BigInteger total = BigInteger.ZERO;
+ Long total = 0L;
for ( int ii = 0; ii < children.size(); ii++ )
{
ExprNode child = ( ExprNode ) children.get( ii );
annotate( child );
- total = total.add( ( BigInteger ) child.get( "count" ) );
+ total += ( Long ) child.get( "count" );
}
// we don't want values bigger than Integer.MAX_VALUE
@@ -278,12 +277,12 @@
* @return the worst case
* @throws NamingException if there is an error accessing an index
*/
- private BigInteger getEqualityScan( SimpleNode node ) throws NamingException
+ private Long getEqualityScan( SimpleNode node ) throws NamingException
{
if ( db.hasUserIndexOn( node.getAttribute() ) )
{
Index idx = db.getUserIndex( node.getAttribute() );
- return BigInteger.valueOf( idx.count( node.getValue() ) );
+ return Long.valueOf( idx.count( node.getValue() ) );
}
// count for non-indexed attribute is unknown so we presume da worst
@@ -300,13 +299,13 @@
* @return the scan count of all nodes satisfying the AVA
* @throws NamingException if there is an error accessing an index
*/
- private BigInteger getGreaterLessScan( SimpleNode node, boolean isGreaterThan ) throws NamingException
+ private Long getGreaterLessScan( SimpleNode node, boolean isGreaterThan ) throws NamingException
{
if ( db.hasUserIndexOn( node.getAttribute() ) )
{
Index idx = db.getUserIndex( node.getAttribute() );
int count = idx.count( node.getValue(), isGreaterThan );
- return BigInteger.valueOf( count );
+ return Long.valueOf( count );
}
// count for non-indexed attribute is unknown so we presume da worst
@@ -323,13 +322,13 @@
* @return the worst case full scan count
* @throws NamingException if there is an error access database indices
*/
- private BigInteger getFullScan( LeafNode node ) throws NamingException
+ private Long getFullScan( LeafNode node ) throws NamingException
{
if ( db.hasUserIndexOn( node.getAttribute() ) )
{
Index idx = db.getUserIndex( node.getAttribute() );
int count = idx.count();
- return BigInteger.valueOf( count );
+ return Long.valueOf( count );
}
return MAX;
@@ -344,13 +343,13 @@
* @return the number of entries matched for the presence of an attribute
* @throws NamingException if errors result
*/
- private BigInteger getPresenceScan( PresenceNode node ) throws NamingException
+ private Long getPresenceScan( PresenceNode node ) throws NamingException
{
if ( db.hasUserIndexOn( node.getAttribute() ) )
{
Index idx = db.getExistanceIndex();
int count = idx.count( node.getAttribute() );
- return BigInteger.valueOf( count );
+ return Long.valueOf( count );
}
return MAX;
@@ -364,17 +363,20 @@
* @return the scan count for scope
* @throws NamingException if any errors result
*/
- private BigInteger getScopeScan( ScopeNode node ) throws NamingException
+ private Long getScopeScan( ScopeNode node ) throws NamingException
{
switch ( node.getScope() )
{
case ( SearchControls.OBJECT_SCOPE ):
- return BigInteger.ONE;
+ return 1L;
+
case ( SearchControls.ONELEVEL_SCOPE ):
- BigInteger id = db.getEntryId( node.getBaseDn() );
- return BigInteger.valueOf( db.getChildCount( id ) );
+ Long id = db.getEntryId( node.getBaseDn() );
+ return Long.valueOf( db.getChildCount( id ) );
+
case ( SearchControls.SUBTREE_SCOPE ):
- return BigInteger.valueOf( db.count() );
+ return Long.valueOf( db.count() );
+
default:
throw new IllegalArgumentException( "Unrecognized search scope " + "value for filter scope node" );
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/DefaultSearchEngine.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/DefaultSearchEngine.java
index 2c7b700..d3c4f21 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/DefaultSearchEngine.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/DefaultSearchEngine.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
import java.util.Map;
import javax.naming.Name;
@@ -91,7 +90,7 @@
throws NamingException
{
Name effectiveBase = null;
- BigInteger baseId = db.getEntryId( base.toString() );
+ Long baseId = db.getEntryId( base.toString() );
String aliasedBase = ( String ) db.getAliasIndex().reverseLookup( baseId );
DerefAliasesEnum mode = DerefAliasesEnum.getEnum( env );
@@ -140,7 +139,7 @@
/**
* @see SearchEngine#evaluate(ExprNode, BigInteger)
*/
- public boolean evaluate( ExprNode ilter, BigInteger id ) throws NamingException
+ public boolean evaluate( ExprNode ilter, Long id ) throws NamingException
{
IndexRecord rec = new IndexRecord();
rec.setEntryId( id );
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ExpressionEnumerator.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ExpressionEnumerator.java
index a2e8a1e..2957c0c 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ExpressionEnumerator.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ExpressionEnumerator.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
import java.util.List;
import javax.naming.NamingEnumeration;
@@ -171,7 +170,7 @@
// Recursively create NamingEnumerations for each child expression node
for ( int ii = 0; ii < childEnumerations.length; ii++ )
{
- childEnumerations[ii] = enumerate( ( ExprNode ) children.get( ii ) );
+ childEnumerations[ii] = enumerate( children.get( ii ) );
}
return new DisjunctionEnumeration( childEnumerations );
@@ -235,8 +234,8 @@
private NamingEnumeration enumConj( final BranchNode node ) throws NamingException
{
int minIndex = 0;
- int minValue = Integer.MAX_VALUE;
- int value = Integer.MAX_VALUE;
+ long minValue = Long.MAX_VALUE;
+ long value = Long.MAX_VALUE;
/*
* We scan the child nodes of a branch node searching for the child
@@ -247,8 +246,8 @@
final List<ExprNode> children = node.getChildren();
for ( int ii = 0; ii < children.size(); ii++ )
{
- ExprNode child = ( ExprNode ) children.get( ii );
- value = ( ( BigInteger ) child.get( "count" ) ).intValue();
+ ExprNode child = children.get( ii );
+ value = ( Long ) child.get( "count" );
minValue = Math.min( minValue, value );
if ( minValue == value )
@@ -258,14 +257,14 @@
}
// Once found we build the child enumeration & the wrapping enum
- final ExprNode minChild = ( ExprNode ) children.get( minIndex );
+ final ExprNode minChild = children.get( minIndex );
IndexAssertion assertion = new IndexAssertion()
{
public boolean assertCandidate( IndexRecord rec ) throws NamingException
{
for ( int ii = 0; ii < children.size(); ii++ )
{
- ExprNode child = ( ExprNode ) children.get( ii );
+ ExprNode child = children.get( ii );
// Skip the child (with min scan count) chosen for enum
if ( child == minChild )
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/LeafEvaluator.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/LeafEvaluator.java
index a5e686b..b4f150a 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/LeafEvaluator.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/LeafEvaluator.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
import java.util.Comparator;
import javax.naming.NamingEnumeration;
@@ -156,7 +155,7 @@
private boolean evalGreater( SimpleNode node, IndexRecord record, boolean isGreater ) throws NamingException
{
String attrId = node.getAttribute();
- BigInteger id = record.getEntryId();
+ Long id = (Long)record.getEntryId();
if ( db.hasUserIndexOn( attrId ) )
{
@@ -251,7 +250,7 @@
// resusitate entry if need be
if ( null == rec.getAttributes() )
{
- rec.setAttributes( db.lookup( rec.getEntryId() ) );
+ rec.setAttributes( db.lookup( (Long)rec.getEntryId() ) );
}
// get the attribute associated with the node
@@ -298,7 +297,7 @@
// resusitate entry if need be
if ( null == rec.getAttributes() )
{
- rec.setAttributes( db.lookup( rec.getEntryId() ) );
+ rec.setAttributes( db.lookup( (Long)rec.getEntryId() ) );
}
// get the attribute associated with the node
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/NoOpOptimizer.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/NoOpOptimizer.java
index 28ebb1d..165d342 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/NoOpOptimizer.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/NoOpOptimizer.java
@@ -19,8 +19,6 @@
*/
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
-
import javax.naming.NamingException;
import org.apache.directory.shared.ldap.filter.BranchNode;
@@ -37,7 +35,7 @@
public class NoOpOptimizer implements Optimizer
{
/** the maximum size for a count Integer.MAX_VALUE as a BigInteger */
- private static final BigInteger MAX = BigInteger.valueOf( Integer.MAX_VALUE );
+ private static final Long MAX = Long.MAX_VALUE;
public void annotate( ExprNode node ) throws NamingException
{
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ScopeEnumerator.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ScopeEnumerator.java
index 125107d..50e5375 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ScopeEnumerator.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ScopeEnumerator.java
@@ -20,8 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
-
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
@@ -64,7 +62,7 @@
public NamingEnumeration enumerate( ExprNode node ) throws NamingException
{
final ScopeNode snode = ( ScopeNode ) node;
- final BigInteger id = db.getEntryId( snode.getBaseDn() );
+ final Long id = db.getEntryId( snode.getBaseDn() );
switch ( snode.getScope() )
{
@@ -97,7 +95,7 @@
private NamingEnumeration enumerateChildren( String dn, boolean deref ) throws NamingException
{
Index idx = db.getHierarchyIndex();
- final BigInteger id = db.getEntryId( dn );
+ final Long id = db.getEntryId( dn );
final NamingEnumeration children = idx.listIndices( id );
/*
@@ -203,7 +201,7 @@
*/
public boolean assertCandidate( IndexRecord record ) throws NamingException
{
- String dn = db.getEntryDn( record.getEntryId() );
+ String dn = db.getEntryDn( (Long)record.getEntryId() );
return dn.endsWith( scope.getBaseDn() );
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ScopeEvaluator.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ScopeEvaluator.java
index cb1a48e..41d85c7 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ScopeEvaluator.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/ScopeEvaluator.java
@@ -20,8 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
-
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
@@ -63,12 +61,12 @@
switch ( snode.getScope() )
{
case ( SearchControls.OBJECT_SCOPE ):
- String dn = db.getEntryDn( record.getEntryId() );
+ String dn = db.getEntryDn( (Long)record.getEntryId() );
return dn.equals( snode.getBaseDn() );
case ( SearchControls.ONELEVEL_SCOPE ):
- return assertOneLevelScope( snode, record.getEntryId() );
+ return assertOneLevelScope( snode, (Long)record.getEntryId() );
case ( SearchControls.SUBTREE_SCOPE ):
- return assertSubtreeScope( snode, record.getEntryId() );
+ return assertSubtreeScope( snode, (Long)record.getEntryId() );
default:
throw new NamingException( "Unrecognized search scope!" );
}
@@ -85,7 +83,7 @@
* alias dereferencing is enabled.
* @throws NamingException if the index lookups fail.
*/
- public boolean assertSubtreeScope( final ScopeNode node, final BigInteger id ) throws NamingException
+ public boolean assertSubtreeScope( final ScopeNode node, final Long id ) throws NamingException
{
String dn = db.getEntryDn( id );
DerefAliasesEnum mode = node.getDerefAliases();
@@ -150,7 +148,7 @@
* alias dereferencing is enabled.
* @throws NamingException if the index lookups fail.
*/
- public boolean assertOneLevelScope( final ScopeNode node, final BigInteger id ) throws NamingException
+ public boolean assertOneLevelScope( final ScopeNode node, final Long id ) throws NamingException
{
DerefAliasesEnum mode = node.getDerefAliases();
Object baseId = db.getEntryId( node.getBaseDn() );
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/SearchEngine.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/SearchEngine.java
index 959ba48..c31e0ca 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/SearchEngine.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/SearchEngine.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree;
-import java.math.BigInteger;
import java.util.Map;
import javax.naming.Name;
@@ -28,6 +27,7 @@
import javax.naming.NamingException;
import javax.naming.directory.SearchControls;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.filter.ExprNode;
@@ -44,7 +44,7 @@
* @todo put this in the right place
* The alias dereferencing mode key for JNDI providers
*/
- String ALIASMODE_KEY = "java.naming.ldap.derefAliases";
+ String ALIASMODE_KEY = JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES;
/**
* @todo put this in the right place
* The alias dereferencing mode value for JNDI providers
@@ -96,5 +96,5 @@
* @return true if the filter passes the entry, false otherwise
* @throws NamingException if something goes wrong while accessing the db
*/
- boolean evaluate( ExprNode filter, BigInteger id ) throws NamingException;
+ boolean evaluate( ExprNode filter, Long id ) throws NamingException;
}
\ No newline at end of file
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/SubstringEvaluator.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/SubstringEvaluator.java
index e3d229a..327d073 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/SubstringEvaluator.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/SubstringEvaluator.java
@@ -137,7 +137,7 @@
// resusitate the entry if it has not been and set entry in IndexRecord
if ( null == record.getAttributes() )
{
- Attributes attrs = db.lookup( record.getEntryId() );
+ Attributes attrs = db.lookup( (Long)record.getEntryId() );
record.setAttributes( attrs );
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/AddEntryDialog.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/AddEntryDialog.java
index 5246f5b..d3d9426 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/AddEntryDialog.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/AddEntryDialog.java
@@ -40,6 +40,7 @@
import javax.swing.JTable;
import javax.swing.JTextField;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -83,7 +84,7 @@
public AddEntryDialog(Frame parent, boolean modal)
{
super( parent, modal );
- m_childEntry.put( "objectClass", "top" );
+ m_childEntry.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC );
initGUI();
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/AttributesTableModel.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/AttributesTableModel.java
index b298501..947b329 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/AttributesTableModel.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/AttributesTableModel.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree.gui;
-import java.math.BigInteger;
import java.util.ArrayList;
import javax.naming.NamingEnumeration;
@@ -52,7 +51,7 @@
/** the attributes for the entry */
private final Attributes entry;
/** the unique id of the entry */
- private final BigInteger id;
+ private final Long id;
/** the distinguished name of the entry */
private final String dn;
/** whether or not the model is mutable */
@@ -67,7 +66,7 @@
* @param dn the distinguished name of the entry
* @param isMutable whether or not the model can be changed
*/
- public AttributesTableModel(Attributes entry, BigInteger id, String dn, boolean isMutable)
+ public AttributesTableModel(Attributes entry, Long id, String dn, boolean isMutable)
{
this.dn = dn;
this.id = id;
@@ -235,7 +234,7 @@
*
* @return the unique id for the entry
*/
- public BigInteger getEntryId()
+ public Long getEntryId()
{
return id;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/EntryNode.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/EntryNode.java
index e606293..316f8df 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/EntryNode.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/EntryNode.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.core.partition.impl.btree.gui;
-import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
@@ -51,16 +50,16 @@
private final EntryNode parent;
private final Attributes entry;
private final ArrayList children;
- private final BigInteger id;
+ private final Long id;
- public EntryNode(BigInteger id, EntryNode parent, BTreePartition partition, Attributes entry, HashMap map)
+ public EntryNode(Long id, EntryNode parent, BTreePartition partition, Attributes entry, HashMap map)
{
this( id, parent, partition, entry, map, null, null );
}
- public EntryNode(BigInteger id, EntryNode parent, BTreePartition db, Attributes entry, HashMap map,
+ public EntryNode(Long id, EntryNode parent, BTreePartition db, Attributes entry, HashMap map,
ExprNode exprNode, SearchEngine engine)
{
this.partition = db;
@@ -98,12 +97,12 @@
if ( engine != null && exprNode != null )
{
- if ( db.getChildCount( rec.getEntryId() ) == 0 )
+ if ( db.getChildCount( (Long)rec.getEntryId() ) == 0 )
{
- if ( engine.evaluate( exprNode, rec.getEntryId() ) )
+ if ( engine.evaluate( exprNode, (Long)rec.getEntryId() ) )
{
- Attributes newEntry = db.lookup( rec.getEntryId() );
- EntryNode child = new EntryNode( rec.getEntryId(), this, db, newEntry, map, exprNode,
+ Attributes newEntry = db.lookup( (Long)rec.getEntryId() );
+ EntryNode child = new EntryNode( (Long)rec.getEntryId(), this, db, newEntry, map, exprNode,
engine );
children.add( child );
}
@@ -114,15 +113,15 @@
}
else
{
- Attributes newEntry = db.lookup( rec.getEntryId() );
- EntryNode child = new EntryNode( rec.getEntryId(), this, db, newEntry, map, exprNode, engine );
+ Attributes newEntry = db.lookup( (Long)rec.getEntryId() );
+ EntryNode child = new EntryNode( (Long)rec.getEntryId(), this, db, newEntry, map, exprNode, engine );
children.add( child );
}
}
else
{
- Attributes newEntry = db.lookup( rec.getEntryId() );
- EntryNode child = new EntryNode( rec.getEntryId(), this, db, newEntry, map );
+ Attributes newEntry = db.lookup( (Long)rec.getEntryId() );
+ EntryNode child = new EntryNode( (Long)rec.getEntryId(), this, db, newEntry, map );
children.add( child );
}
}
@@ -215,7 +214,7 @@
}
- public BigInteger getEntryId()
+ public Long getEntryId()
{
return id;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/PartitionFrame.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/PartitionFrame.java
index 899fd6d..b7a27ca 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/PartitionFrame.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/PartitionFrame.java
@@ -29,7 +29,6 @@
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
-import java.math.BigInteger;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
@@ -62,11 +61,13 @@
import javax.swing.tree.TreeNode;
import javax.swing.tree.TreePath;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
import org.apache.directory.server.core.partition.impl.btree.BTreePartition;
import org.apache.directory.server.core.partition.impl.btree.Index;
import org.apache.directory.server.core.partition.impl.btree.IndexRecord;
import org.apache.directory.server.core.partition.impl.btree.SearchEngine;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.filter.FilterParser;
import org.apache.directory.shared.ldap.filter.FilterParserImpl;
@@ -453,7 +454,7 @@
if ( null == partition.getEntryId( ndn.toString() ) )
{
- partition.add(ndn, attrs );
+ partition.add( new AddOperationContext( ndn, attrs ) );
load();
}
}
@@ -647,7 +648,7 @@
Hashtable env = new Hashtable();
- env.put( DerefAliasesEnum.JNDI_DEREF_ALIAS_PROP, DerefAliasesEnum.DEREF_ALWAYS );
+ env.put( JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES, DerefAliasesEnum.DEREF_ALWAYS );
NamingEnumeration cursor = eng.search( new LdapDN( base ), env, root, ctls );
String[] cols = new String[2];
@@ -660,7 +661,7 @@
{
IndexRecord rec = ( IndexRecord ) cursor.next();
row[0] = rec.getEntryId();
- row[1] = partition.getEntryDn( ( BigInteger ) row[0] );
+ row[1] = partition.getEntryDn( ( Long ) row[0] );
tableModel.addRow( row );
count++;
}
@@ -704,7 +705,7 @@
}
- public void selectTreeNode( BigInteger id )
+ public void selectTreeNode( Long id )
{
Stack stack = new Stack();
Object[] comps = null;
@@ -851,7 +852,7 @@
}
- void displayEntry( BigInteger id, Attributes entry ) throws Exception
+ void displayEntry( Long id, Attributes entry ) throws Exception
{
String dn = partition.getEntryUpdn( id );
AttributesTableModel model = new AttributesTableModel( entry, id, dn, false );
@@ -870,7 +871,7 @@
nodes = new HashMap();
Attributes suffix = partition.getSuffixEntry();
- BigInteger id = partition.getEntryId( partition.getSuffix().toString() );
+ Long id = partition.getEntryId( partition.getSuffix().toString() );
root = new EntryNode( id, null, partition, suffix, nodes );
/*
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/SearchResultDialog.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/SearchResultDialog.java
index 0d31ffe..399ce47 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/SearchResultDialog.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/gui/SearchResultDialog.java
@@ -24,7 +24,6 @@
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.awt.event.WindowEvent;
-import java.math.BigInteger;
import javax.swing.JButton;
import javax.swing.JDialog;
@@ -158,7 +157,7 @@
{
if ( selectionModel.isSelectedIndex( ii ) && !an_event.getValueIsAdjusting() )
{
- BigInteger id = ( BigInteger ) m_resultsTbl.getModel().getValueAt( ii, 0 );
+ Long id = ( Long ) m_resultsTbl.getModel().getValueAt( ii, 0 );
( ( PartitionFrame ) getParent() ).selectTreeNode( id );
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributeSerializer.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributeSerializer.java
deleted file mode 100644
index 371ef92..0000000
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributeSerializer.java
+++ /dev/null
@@ -1,488 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.core.partition.impl.btree.jdbm;
-
-
-import java.io.IOException;
-
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-
-import org.apache.directory.shared.ldap.message.AttributeImpl;
-
-import jdbm.helper.Serializer;
-
-
-/**
- * Serializes a attributes object using a custom serialization mechanism
- * so we do not have to rely on Java Serialization which is much more
- * costly.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public class AttributeSerializer implements Serializer
-{
- private static final long serialVersionUID = -3756830073760754086L;
-
- static final byte[] EMPTY_BYTE_ARRAY = new byte[0];
-
- /** value for type parameter for string (non-binary) attributes */
- static final byte STRING_TYPE = 0x00;
- /** value for type parameter for byte array (binary) attributes */
- static final byte BYTE_ARRAY_TYPE = 0x01;
-
-
- // -----------------------------------------------------------------------
- // Methods for deserialization
- // -----------------------------------------------------------------------
-
-
- /**
- * Deserializes an attribute from the custom serialization structure.
- *
- * @see jdbm.helper.Serializer#deserialize(byte[])
- */
- public final Object deserialize( byte[] buf ) throws IOException
- {
- String id = readString( buf );
- AttributeImpl attr = new AttributeImpl( id );
- int pos = ( id.length() << 1 ) + 4;
-
- // read the type of the objects stored in this attribute
- if ( buf[pos] == STRING_TYPE )
- {
- pos++;
- while ( pos < buf.length )
- {
- String value = readString( buf, pos );
- pos += ( value.length() << 1 ) + 4;
- attr.add( value );
- }
- }
- else
- {
- pos++;
- while ( pos < buf.length )
- {
- byte[] value = readBytes( buf, pos );
- pos += value.length + 4;
- attr.add( value );
- }
- }
-
- return attr;
- }
-
-
- /**
- * Deserializes an attribute from the custom serialization structure.
- *
- * @see jdbm.helper.Serializer#deserialize(byte[])
- */
- public static final DeserializedAttribute deserialize( byte[] buf, int offset ) throws IOException
- {
- final String id = readString( buf, offset );
- final AttributeImpl attr = new AttributeImpl( id );
- int pos = ( id.length() << 1 ) + 4 + offset;
-
- // read the type of the objects stored in this attribute
- if ( buf[pos] == STRING_TYPE )
- {
- pos++;
- while ( pos < buf.length )
- {
- String value = readString( buf, pos );
- pos += ( value.length() << 1 ) + 4;
- attr.add( value );
- }
- }
- else
- {
- pos++;
- while ( pos < buf.length )
- {
- byte[] value = readBytes( buf, pos );
- pos += value.length + 4;
- attr.add( value );
- }
- }
-
- return new DeserializedAttribute( attr, pos );
- }
-
-
- final static class DeserializedAttribute
- {
- private final int pos;
- private final Attribute attr;
-
- private DeserializedAttribute( Attribute attr, int pos )
- {
- this.pos = pos;
- this.attr = attr;
- }
-
- public int getPos()
- {
- return pos;
- }
-
- public Attribute getAttr()
- {
- return attr;
- }
- }
-
-
- /**
- * Reads a String and it's length bytes from a buffer starting at
- * position 0.
- *
- * @param buf the buffer to read the length and character bytes from
- * @return the String contained at the start of the buffer
- */
- static final String readString( byte[] buf )
- {
- int length = getLength( buf );
-
- if ( length == 0 )
- {
- return "";
- }
-
- // create the new char buffer
- char[] strchars = new char[length>>1];
-
- int ch = 0;
- for ( int ii = 0, jj = 0; ii < strchars.length; ii++ )
- {
- jj = ( ii << 1 ) + 4;
- ch = buf[jj] << 8 & 0x0000FF00;
- ch |= buf[jj+1] & 0x000000FF;
- strchars[ii] = ( char ) ch;
- }
-
- return new String( strchars );
- }
-
-
- /**
- * Reads a String and it's length bytes from a buffer starting at
- * a specific offset.
- *
- * @param buf the buffer to read the length and character bytes from
- * @param offset the offset into the buffer to start reading from
- * @return the String contained at the offset in the buffer
- */
- static final String readString( byte[] buf, int offset )
- {
- int length = getLength( buf, offset );
-
- if ( length == 0 )
- {
- return "";
- }
-
- // create the new char buffer
- char[] strchars = new char[length>>1];
-
- int ch = 0;
- for ( int ii = 0, jj = 0; ii < strchars.length; ii++ )
- {
- jj = ( ii << 1 ) + 4 + offset;
- ch = buf[jj] << 8 & 0x0000FF00;
- ch |= buf[jj+1] & 0x000000FF;
- strchars[ii] = ( char ) ch;
- }
-
- return new String( strchars );
- }
-
-
- /**
- * Reads a byte array from a buffer including its length starting
- * from an offset in the buffer.
- *
- * @param buf the buffer to read the byte array from
- * @param offset the offset to start reading from starting with 4-byte length
- * @return the byte array contained in the buffer
- */
- static final byte[] readBytes( byte[] buf, int offset )
- {
- int length = getLength( buf, offset );
-
- if ( length == 0 )
- {
- return EMPTY_BYTE_ARRAY;
- }
-
- byte[] bites = new byte[length];
- System.arraycopy( buf, offset+4, bites, 0, length );
- return bites;
- }
-
-
- // -----------------------------------------------------------------------
- // Methods for serialization
- // -----------------------------------------------------------------------
-
-
- /**
- * Serializes an attribute using the following structure:
- * <code>
- * [id-length][id-bytes][is-binary][length0][value0]...[lengthN][valueN]
- * </code>
- *
- * Here the id-length is the 4 byte int value of the length of bytes
- * for the id string bytes. The id-bytes are the bytes for the id string.
- * The is-binary byte is a true or false for whether or not the values
- * are byte[] or String types. Following this is an array of length-value
- * tuples for the values of the Attributes.
- *
- */
- public byte[] serialize( Object obj ) throws IOException
- {
- Attribute attr = ( Attribute ) obj;
-
- // calculate the size of the entire byte[] and allocate
- byte[] buf = new byte[calculateSize( attr )];
-
- // write the length of the id and it's value
- int pos = write( buf, attr.getID() );
-
- try
- {
- // write the type or is-binary field
- Object first = attr.get();
- if ( first instanceof String )
- {
- buf[pos] = STRING_TYPE;
- pos++;
-
- // write out each value to the buffer whatever type it may be
- for ( NamingEnumeration ii = attr.getAll(); ii.hasMore(); /**/ )
- {
- String value = ( String ) ii.next();
- pos = write( buf, value, pos );
- }
- }
- else
- {
- buf[pos] = BYTE_ARRAY_TYPE;
- pos++;
-
- // write out each value to the buffer whatever type it may be
- for ( NamingEnumeration ii = attr.getAll(); ii.hasMore(); /**/ )
- {
- byte[] value = ( byte[] ) ii.next();
- pos = write( buf, value, pos );
- }
- }
-
- }
- catch ( NamingException e )
- {
- IOException ioe = new IOException( "Failed while accesssing attribute values." );
- ioe.initCause( e );
- throw ioe;
- }
-
- return buf;
- }
-
-
- static final int calculateSize( Attribute attr ) throws IOException
- {
- int size = 4; // start with first length for attribute id
- size += attr.getID().length() << 1; // the length of id * 2 added
- size++; // add one for the type
-
- try
- {
- for ( NamingEnumeration ii = attr.getAll(); ii.hasMore(); /**/ )
- {
- Object value = ii.next();
- if ( value instanceof String )
- {
- size += ( ( String ) value ).length() << 1; // length of sting * 2
- }
- else
- {
- size += ( ( byte [] ) value ).length; // no need to multiply byte[]s
- }
-
- size += 4; // add 4 bytes for a length
- }
- }
- catch ( NamingException e )
- {
- IOException ioe = new IOException( "Failed while accesssing attribute values." );
- ioe.initCause( e );
- throw ioe;
- }
-
- return size;
- }
-
-
- static final byte[] getLengthBytes( String str )
- {
- return getLengthBytes( str.length() << 1 );
- }
-
-
- static final byte[] getLengthBytes( byte[] bites )
- {
- return getLengthBytes( bites.length );
- }
-
-
- static final byte[] getLengthBytes( int length )
- {
- byte[] lengthBytes = new byte[4];
-
- lengthBytes[0] = ( byte ) ( length >> 24 & 0x000000FF );
- lengthBytes[1] = ( byte ) ( length >> 16 & 0x000000FF );
- lengthBytes[2] = ( byte ) ( length >> 8 & 0x000000FF );
- lengthBytes[3] = ( byte ) ( length & 0x000000FF );
-
- return lengthBytes;
- }
-
-
- static final int getLength( byte[] bites )
- {
- int length = bites[0] << 24 & 0xFF000000;
- length |= bites[1] << 16 & 0x00FF0000;
- length |= bites[2] << 8 & 0x0000FF00;
- length |= bites[3] & 0x000000FF;
-
- return length;
- }
-
-
- static final int getLength( byte[] bites, int offset )
- {
- int length = bites[offset] << 24 & 0xFF000000;
- length |= bites[offset+1] << 16 & 0x00FF0000;
- length |= bites[offset+2] << 8 & 0x0000FF00;
- length |= bites[offset+3] & 0x000000FF;
-
- return length;
- }
-
-
- static final int write( byte[] buf, String value )
- {
- int pos = writeLengthBytes( buf, value.length() << 1 );
- return writeValueBytes( buf, value, pos );
- }
-
-
- static final int write( byte[] buf, byte[] value )
- {
- int pos = writeLengthBytes( buf, value.length );
- return writeValueBytes( buf, value, pos );
- }
-
-
- static final int write( byte[] buf, String value, int offset )
- {
- offset = writeLengthBytes( buf, value.length() << 1, offset );
- return writeValueBytes( buf, value, offset );
- }
-
-
- static final int write( byte[] buf, byte[] value, int offset )
- {
- offset = writeLengthBytes( buf, value.length, offset );
- return writeValueBytes( buf, value, offset );
- }
-
-
- static final int writeValueBytes( byte[] buf, String value )
- {
- if ( ( ( String ) value ).length() == 0 )
- {
- return 0;
- }
-
- char[] strchars = ( ( String ) value ).toCharArray();
- int jj = 0;
- for ( int ii = 0; ii < strchars.length; ii++, jj = ii << 1 )
- {
- buf[jj] = ( byte ) ( strchars[ii] >> 8 & 0x00FF );
- buf[jj+1] = ( byte ) ( strchars[ii] & 0x00FF );
- }
- return jj+2;
- }
-
-
- static final int writeValueBytes( byte[] buf, String value, int offset )
- {
- if ( ( ( String ) value ).length() == 0 )
- {
- return offset;
- }
-
- char[] strchars = ( ( String ) value ).toCharArray();
- int jj = 0;
- for ( int ii = 0; ii < strchars.length; ii++, jj = ii << 1 )
- {
- buf[jj+offset] = ( byte ) ( strchars[ii] >> 8 & 0x00FF );
- buf[jj+offset+1] = ( byte ) ( strchars[ii] & 0x00FF );
- }
- return jj+offset;
- }
-
-
- static final int writeValueBytes( byte[] buf, byte[] value, int offset )
- {
- if ( value.length == 0 )
- {
- return offset;
- }
-
- System.arraycopy( value, 0, buf, offset, value.length );
- return offset + value.length;
- }
-
-
- static final int writeLengthBytes( byte[] buf, int length )
- {
- buf[0] = ( byte ) ( length >> 24 & 0x000000FF );
- buf[1] = ( byte ) ( length >> 16 & 0x000000FF );
- buf[2] = ( byte ) ( length >> 8 & 0x000000FF );
- buf[3] = ( byte ) ( length & 0x000000FF );
- return 4;
- }
-
-
- static final int writeLengthBytes( byte[] buf, int length, int offset )
- {
- buf[0+offset] = ( byte ) ( length >> 24 & 0x000000FF );
- buf[1+offset] = ( byte ) ( length >> 16 & 0x000000FF );
- buf[2+offset] = ( byte ) ( length >> 8 & 0x000000FF );
- buf[3+offset] = ( byte ) ( length & 0x000000FF );
- return offset+4;
- }
-}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializer.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializer.java
deleted file mode 100644
index 3dfb359..0000000
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializer.java
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.core.partition.impl.btree.jdbm;
-
-
-import java.io.IOException;
-
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-
-import org.apache.directory.shared.ldap.message.AttributeImpl;
-import org.apache.directory.shared.ldap.message.AttributesImpl;
-
-import jdbm.helper.Serializer;
-
-
-/**
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public class AttributesSerializer implements Serializer
-{
- private static final long serialVersionUID = -3756830073760754086L;
- private static final byte SEPARATOR = -1;
-
-
- /**
- * @see jdbm.helper.Serializer#deserialize(byte[])
- */
- public Object deserialize( byte[] buf ) throws IOException
- {
- if ( buf.length == 0 )
- {
- return new AttributesImpl();
- }
-
- int pos = 0;
- AttributesImpl attrs = new AttributesImpl();
- while ( pos < buf.length )
- {
- String id = AttributeSerializer.readString( buf, pos );
- AttributeImpl attr = new AttributeImpl( id );
- pos += ( id.length() << 1 ) + 4;
-
- // read the type of the objects stored in this attribute
- if ( buf[pos] == AttributeSerializer.STRING_TYPE )
- {
- pos++;
- while ( pos < buf.length && buf[pos] != SEPARATOR )
- {
- String value = AttributeSerializer.readString( buf, pos );
- pos += ( value.length() << 1 ) + 4;
- attr.add( value );
- }
- }
- else
- {
- pos++;
- while ( pos < buf.length && buf[pos] != SEPARATOR )
- {
- byte[] value = AttributeSerializer.readBytes( buf, pos );
- pos += value.length + 4;
- attr.add( value );
- }
- }
-
- pos++; // skip the separator
- attrs.put( attr );
- }
-
- return attrs;
- }
-
-
- /**
- * @see jdbm.helper.Serializer#serialize(java.lang.Object)
- */
- public byte[] serialize( Object attrsObj ) throws IOException
- {
- Attributes attrs = ( Attributes ) attrsObj;
-
- // calculate the size of the entire byte[] and allocate
- byte[] buf = new byte[calculateSize( attrs )];
- int pos = 0;
- try
- {
- for ( NamingEnumeration ii = attrs.getAll(); ii.hasMore(); /**/)
- {
- // get an attribute at a time
- Attribute attr = ( Attribute ) ii.next();
-
- // write the length of the id and it's value
- pos = AttributeSerializer.write( buf, attr.getID(), pos );
-
- // write the type or is-binary field
- Object first = attr.get();
- if ( first instanceof String )
- {
- buf[pos] = AttributeSerializer.STRING_TYPE;
- pos++;
-
- // write out each value to the buffer whatever type it may be
- for ( NamingEnumeration jj = attr.getAll(); jj.hasMore(); /**/)
- {
- String value = ( String ) jj.next();
- pos = AttributeSerializer.write( buf, value, pos );
- }
- }
- else
- {
- buf[pos] = AttributeSerializer.BYTE_ARRAY_TYPE;
- pos++;
-
- // write out each value to the buffer whatever type it may be
- for ( NamingEnumeration jj = attr.getAll(); jj.hasMore(); /**/)
- {
- byte[] value = ( byte[] ) jj.next();
- pos = AttributeSerializer.write( buf, value, pos );
- }
- }
-
- if ( ii.hasMore() )
- {
- buf[pos] = SEPARATOR;
- pos++;
- }
- }
- }
- catch ( NamingException e )
- {
- IOException ioe = new IOException( "Failed while accesssing attributes and/or their values." );
- ioe.initCause( e );
- throw ioe;
- }
-
- return buf;
- }
-
-
- public int calculateSize( Attributes attrs ) throws IOException
- {
- int size = 0;
-
- try
- {
- for ( NamingEnumeration ii = attrs.getAll(); ii.hasMore(); /**/)
- {
- Attribute attr = ( Attribute ) ii.next();
-
- if ( ii.hasMore() )
- {
- // augment by attribute size and 1 for the separator
- size += AttributeSerializer.calculateSize( attr ) + 1;
- }
- else
- {
- // augment by attribute size only since there are no more attributes left
- size += AttributeSerializer.calculateSize( attr );
- }
- }
- }
- catch ( NamingException e )
- {
- IOException ioe = new IOException( "Failed while accesssing attributes." );
- ioe.initCause( e );
- throw ioe;
- }
-
- return size;
- }
-}
diff --git a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmPartition.java b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmPartition.java
index f3b7d6d..ce4e9ec 100644
--- a/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmPartition.java
+++ b/core/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmPartition.java
@@ -21,7 +21,6 @@
import java.io.File;
-import java.math.BigInteger;
import java.util.Iterator;
import java.util.List;
@@ -31,15 +30,19 @@
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.PartitionConfiguration;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.core.partition.impl.btree.BTreePartition;
import org.apache.directory.server.core.partition.impl.btree.BTreePartitionConfiguration;
import org.apache.directory.server.core.partition.impl.btree.Index;
import org.apache.directory.server.core.partition.impl.btree.IndexNotFoundException;
import org.apache.directory.server.schema.registries.Registries;
-
import org.apache.directory.shared.ldap.exception.LdapAuthenticationNotSupportedException;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.AttributeType;
@@ -265,31 +268,31 @@
}
- public final BigInteger getEntryId( String dn ) throws NamingException
+ public final Long getEntryId( String dn ) throws NamingException
{
return store.getEntryId( dn );
}
- public final String getEntryDn( BigInteger id ) throws NamingException
+ public final String getEntryDn( Long id ) throws NamingException
{
return store.getEntryDn( id );
}
- public final BigInteger getParentId( String dn ) throws NamingException
+ public final Long getParentId( String dn ) throws NamingException
{
return store.getParentId( dn );
}
- public final BigInteger getParentId( BigInteger childId ) throws NamingException
+ public final Long getParentId( Long childId ) throws NamingException
{
return store.getParentId( childId );
}
- public final String getEntryUpdn( BigInteger id ) throws NamingException
+ public final String getEntryUpdn( Long id ) throws NamingException
{
return store.getEntryUpdn( id );
}
@@ -307,31 +310,31 @@
}
- public final void add( LdapDN normName, Attributes entry ) throws NamingException
+ public final void add( OperationContext addContext ) throws NamingException
{
- store.add( normName, entry );
+ store.add( addContext.getDn(), ((AddOperationContext)addContext).getEntry() );
}
- public final Attributes lookup( BigInteger id ) throws NamingException
+ public final Attributes lookup( Long id ) throws NamingException
{
return store.lookup( id );
}
- public final void delete( BigInteger id ) throws NamingException
+ public final void delete( Long id ) throws NamingException
{
store.delete( id );
}
- public final NamingEnumeration list( BigInteger id ) throws NamingException
+ public final NamingEnumeration list( Long id ) throws NamingException
{
return store.list( id );
}
- public final int getChildCount( BigInteger id ) throws NamingException
+ public final int getChildCount( Long id ) throws NamingException
{
return store.getChildCount( id );
}
@@ -366,39 +369,36 @@
}
- public final Attributes getIndices( BigInteger id ) throws NamingException
+ public final Attributes getIndices( Long id ) throws NamingException
{
return store.getIndices( id );
}
- public final void modify( LdapDN dn, int modOp, Attributes mods ) throws NamingException
+ public final void modify( OperationContext modifyContext ) throws NamingException
{
- store.modify( dn, modOp, mods );
+ ModifyOperationContext ctx = (ModifyOperationContext)modifyContext;
+ store.modify( ctx.getDn(), ctx.getModItems() );
+ }
+
+ public final void rename( OperationContext renameContext ) throws NamingException
+ {
+ RenameOperationContext ctx = (RenameOperationContext)renameContext;
+ store.rename( ctx.getDn(), ctx.getNewRdn(), ctx.getDelOldDn() );
}
- public final void modify( LdapDN dn, ModificationItemImpl[] mods ) throws NamingException
+ public final void moveAndRename( OperationContext moveAndRenameContext ) throws NamingException
{
- store.modify( dn, mods );
+ MoveAndRenameOperationContext ctx = (MoveAndRenameOperationContext)moveAndRenameContext;
+ store.move( ctx.getDn(), ctx.getParent(), ctx.getNewRdn(), ctx.getDelOldDn() );
}
- public final void modifyRn( LdapDN dn, String newRdn, boolean deleteOldRdn ) throws NamingException
+ public final void move( OperationContext moveContext ) throws NamingException
{
- store.modifyRn( dn, newRdn, deleteOldRdn );
- }
-
-
- public final void move( LdapDN oldChildDn, LdapDN newParentDn, String newRdn, boolean deleteOldRdn ) throws NamingException
- {
- store.move( oldChildDn, newParentDn, newRdn, deleteOldRdn );
- }
-
-
- public final void move( LdapDN oldChildDn, LdapDN newParentDn ) throws NamingException
- {
- store.move( oldChildDn, newParentDn );
+ MoveOperationContext ctx = (MoveOperationContext)moveContext;
+ store.move( ctx.getDn(), ctx.getParent() );
}
@@ -411,8 +411,17 @@
ResultCodeEnum.AUTH_METHOD_NOT_SUPPORTED );
}
+ public final void bind( OperationContext bindContext ) throws NamingException
+ {
+ // does nothing
+ throw new LdapAuthenticationNotSupportedException(
+ "Bind requests only tunnel down into partitions if there are no authenticators to handle the mechanism.\n"
+ + "Check to see if you have correctly configured authenticators for the server.",
+ ResultCodeEnum.AUTH_METHOD_NOT_SUPPORTED );
+ }
- public final void unbind( LdapDN bindDn ) throws NamingException
+
+ public final void unbind( OperationContext unbindContext ) throws NamingException
{
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/prefs/ServerSystemPreferences.java b/core/src/main/java/org/apache/directory/server/core/prefs/ServerSystemPreferences.java
index 7be51f2..f737e69 100644
--- a/core/src/main/java/org/apache/directory/server/core/prefs/ServerSystemPreferences.java
+++ b/core/src/main/java/org/apache/directory/server/core/prefs/ServerSystemPreferences.java
@@ -43,6 +43,7 @@
import org.apache.directory.server.core.configuration.ShutdownConfiguration;
import org.apache.directory.server.core.jndi.CoreContextFactory;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -191,10 +192,10 @@
private void setUpNode( String name ) throws NamingException
{
Attributes attrs = new AttributesImpl();
- Attribute attr = new AttributeImpl( "objectClass" );
- attr.add( "top" );
+ Attribute attr = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ attr.add( SchemaConstants.TOP_OC );
attr.add( "prefNode" );
- attr.add( "extensibleObject" );
+ attr.add( SchemaConstants.EXTENSIBLE_OBJECT_OC );
attrs.put( attr );
attr = new AttributeImpl( "prefNodeName" );
attr.add( name );
@@ -316,7 +317,7 @@
while ( ids.hasMore() )
{
String id = ( String ) ids.next();
- if ( id.equals( "objectClass" ) || id.equals( "prefNodeName" ) )
+ if ( id.equals( SchemaConstants.OBJECT_CLASS_AT ) || id.equals( "prefNodeName" ) )
{
continue;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/referral/ReferralLut.java b/core/src/main/java/org/apache/directory/server/core/referral/ReferralLut.java
index 8bc6cc1..e1ab28d 100644
--- a/core/src/main/java/org/apache/directory/server/core/referral/ReferralLut.java
+++ b/core/src/main/java/org/apache/directory/server/core/referral/ReferralLut.java
@@ -40,8 +40,9 @@
{
/** the logger for this class */
private static final Logger log = LoggerFactory.getLogger( ReferralLut.class );
+
/** the set of names in the LUT */
- private Set names = new HashSet();
+ private Set<String> names = new HashSet<String>();
// -----------------------------------------------------------------------
@@ -56,8 +57,11 @@
public boolean isReferral( LdapDN dn )
{
if ( dn == null )
+ {
throw new IllegalArgumentException( "dn cannot be null" );
- return names.contains( dn.toString() );
+ }
+
+ return names.contains( dn.getNormName() );
}
@@ -69,7 +73,10 @@
public boolean isReferral( String dn )
{
if ( dn == null )
+ {
throw new IllegalArgumentException( "dn cannot be null" );
+ }
+
return names.contains( dn );
}
@@ -84,24 +91,23 @@
public LdapDN getFarthestReferralAncestor( LdapDN dn )
{
if ( dn == null )
+ {
throw new IllegalArgumentException( "dn cannot be null" );
+ }
+
LdapDN farthest = new LdapDN();
+
for ( int ii = 0; ii < dn.size(); ii++ )
{
- try
- {
- farthest.add( dn.get( ii ) );
- }
- catch ( InvalidNameException e )
- {
- log.error( "Should never get this when moving names from a proper normalized name!", e );
- }
+ farthest.addNormalized( dn.getRdn( ii ) );
+
// do not return dn if it is the farthest referral
- if ( isReferral( farthest ) && farthest.size() != dn.size() )
+ if ( isReferral( farthest ) && ( farthest.size() != dn.size() ) )
{
return farthest;
}
}
+
return null;
}
@@ -116,7 +122,10 @@
public LdapDN getNearestReferralAncestor( LdapDN dn )
{
if ( dn == null )
+ {
throw new IllegalArgumentException( "dn cannot be null" );
+ }
+
LdapDN cloned = ( LdapDN ) dn.clone();
// do not return the argument dn if it is a referral (skip it)
@@ -136,7 +145,7 @@
return null;
}
- while ( !isReferral( cloned ) && cloned.size() > 0 )
+ while ( !isReferral( cloned ) && ( cloned.size() > 0 ) )
{
try
{
@@ -147,6 +156,7 @@
log.error( "Should never get this when removing from a cloned normalized name!", e );
}
}
+
return cloned.isEmpty() ? null : cloned;
}
@@ -163,10 +173,13 @@
public void referralAdded( LdapDN dn )
{
if ( dn == null )
- throw new IllegalArgumentException( "dn cannot be null" );
- if ( !names.add( dn.toString() ) && log.isWarnEnabled() )
{
- log.warn( "found " + dn + " in refname lut while adding it" );
+ throw new IllegalArgumentException( "dn cannot be null" );
+ }
+
+ if ( !names.add( dn.getNormName() ) && log.isWarnEnabled() )
+ {
+ log.warn( "found " + dn.getUpName() + " in refname lut while adding it" );
}
}
@@ -179,7 +192,10 @@
public void referralAdded( String dn )
{
if ( dn == null )
+ {
throw new IllegalArgumentException( "dn cannot be null" );
+ }
+
if ( !names.add( dn ) && log.isWarnEnabled() )
{
log.warn( "found " + dn + " in refname lut while adding it" );
@@ -195,10 +211,13 @@
public void referralDeleted( LdapDN dn )
{
if ( dn == null )
- throw new IllegalArgumentException( "dn cannot be null" );
- if ( !names.remove( dn.toString() ) && log.isWarnEnabled() )
{
- log.warn( "cound not find " + dn + " in refname lut while deleting it" );
+ throw new IllegalArgumentException( "dn cannot be null" );
+ }
+
+ if ( !names.remove( dn.getNormName() ) && log.isWarnEnabled() )
+ {
+ log.warn( "cound not find " + dn.getUpName() + " in refname lut while deleting it" );
}
}
@@ -211,7 +230,10 @@
public void referralDeleted( String dn )
{
if ( dn == null )
+ {
throw new IllegalArgumentException( "dn cannot be null" );
+ }
+
if ( !names.remove( dn ) && log.isWarnEnabled() )
{
log.warn( "cound not find " + dn + " in refname lut while deleting it" );
@@ -228,15 +250,19 @@
*/
public void referralChanged( LdapDN oldDn, LdapDN newDn )
{
- if ( oldDn == null || newDn == null )
+ if ( ( oldDn == null ) || ( newDn == null ) )
+ {
throw new IllegalArgumentException( "old or new dn cannot be null" );
- if ( !names.remove( oldDn.toString() ) && log.isWarnEnabled() )
- {
- log.warn( "cound not find old name (" + oldDn + ") in refname lut while moving or renaming it" );
}
- if ( !names.add( newDn.toString() ) && log.isWarnEnabled() )
+
+ if ( !names.remove( oldDn.getNormName() ) && log.isWarnEnabled() )
{
- log.warn( "found new name (" + newDn + ") in refname lut while moving or renaming " + oldDn );
+ log.warn( "cound not find old name (" + oldDn.getUpName() + ") in refname lut while moving or renaming it" );
+ }
+
+ if ( !names.add( newDn.getNormName() ) && log.isWarnEnabled() )
+ {
+ log.warn( "found new name (" + newDn.getUpName() + ") in refname lut while moving or renaming " + oldDn );
}
}
@@ -250,12 +276,16 @@
*/
public void referralChanged( String oldDn, String newDn )
{
- if ( oldDn == null || newDn == null )
+ if ( ( oldDn == null ) || ( newDn == null ) )
+ {
throw new IllegalArgumentException( "old or new dn cannot be null" );
+ }
+
if ( !names.remove( oldDn ) && log.isWarnEnabled() )
{
log.warn( "cound not find old name (" + oldDn + ") in refname lut while moving or renaming it" );
}
+
if ( !names.add( newDn ) && log.isWarnEnabled() )
{
log.warn( "found new name (" + newDn + ") in refname lut while moving or renaming " + oldDn );
@@ -272,12 +302,16 @@
*/
public void referralChanged( LdapDN oldDn, String newDn )
{
- if ( oldDn == null || newDn == null )
- throw new IllegalArgumentException( "old or new dn cannot be null" );
- if ( !names.remove( oldDn.toString() ) && log.isWarnEnabled() )
+ if ( ( oldDn == null ) || ( newDn == null ) )
{
- log.warn( "cound not find old name (" + oldDn + ") in refname lut while moving or renaming it" );
+ throw new IllegalArgumentException( "old or new dn cannot be null" );
}
+
+ if ( !names.remove( oldDn.getNormName() ) && log.isWarnEnabled() )
+ {
+ log.warn( "cound not find old name (" + oldDn.getUpName() + ") in refname lut while moving or renaming it" );
+ }
+
if ( !names.add( newDn ) && log.isWarnEnabled() )
{
log.warn( "found new name (" + newDn + ") in refname lut while moving or renaming " + oldDn );
@@ -294,15 +328,19 @@
*/
public void referralChanged( String oldDn, LdapDN newDn )
{
- if ( oldDn == null || newDn == null )
+ if ( ( oldDn == null ) || ( newDn == null ) )
+ {
throw new IllegalArgumentException( "old or new dn cannot be null" );
+ }
+
if ( !names.remove( oldDn ) && log.isWarnEnabled() )
{
log.warn( "cound not find old name (" + oldDn + ") in refname lut while moving or renaming it" );
}
- if ( !names.add( newDn ) && log.isWarnEnabled() )
+
+ if ( !names.add( newDn.getNormName() ) && log.isWarnEnabled() )
{
- log.warn( "found new name (" + newDn + ") in refname lut while moving or renaming " + oldDn );
+ log.warn( "found new name (" + newDn.getUpName() + ") in refname lut while moving or renaming " + oldDn );
}
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java b/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java
index a02686f..1101067 100644
--- a/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java
+++ b/core/src/main/java/org/apache/directory/server/core/referral/ReferralService.java
@@ -27,7 +27,6 @@
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
-import java.util.Map;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
@@ -39,25 +38,42 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
-import org.apache.directory.server.core.configuration.PartitionConfiguration;
+import org.apache.directory.server.core.authn.AuthenticationService;
+import org.apache.directory.server.core.authz.AuthorizationService;
+import org.apache.directory.server.core.authz.DefaultAuthorizationService;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
import org.apache.directory.server.core.enumeration.ReferralHandlingEnumeration;
import org.apache.directory.server.core.enumeration.SearchResultFilter;
import org.apache.directory.server.core.enumeration.SearchResultFilteringEnumeration;
+import org.apache.directory.server.core.event.EventService;
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddContextPartitionOperationContext;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.ServerLdapContext;
+import org.apache.directory.server.core.normalization.NormalizationService;
+import org.apache.directory.server.core.operational.OperationalAttributeService;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.server.core.schema.SchemaService;
+import org.apache.directory.server.core.subtree.SubentryService;
+import org.apache.directory.server.core.trigger.TriggerService;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
-
-import org.apache.directory.shared.ldap.codec.util.LdapURL;
import org.apache.directory.shared.ldap.NotImplementedException;
+import org.apache.directory.shared.ldap.codec.util.LdapURL;
import org.apache.directory.shared.ldap.codec.util.LdapURLEncodingException;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNamingException;
import org.apache.directory.shared.ldap.exception.LdapReferralException;
import org.apache.directory.shared.ldap.filter.AssertionEnum;
@@ -68,7 +84,6 @@
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.util.AttributeUtils;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -83,14 +98,15 @@
*/
public class ReferralService extends BaseInterceptor
{
+ /** The service name */
public static final String NAME = "referralService";
+
private static final Logger log = LoggerFactory.getLogger( ReferralService.class );
private static final String IGNORE = "ignore";
private static final String THROW_FINDING_BASE = "throw-finding-base";
private static final String THROW = "throw";
private static final String FOLLOW = "follow";
private static final String REFERRAL_OC = "referral";
- private static final String OBJCLASS_ATTR = "objectClass";
private static final Collection<String> SEARCH_BYPASS;
private static final String REF_ATTR = "ref";
@@ -108,16 +124,16 @@
* partitions of the system during startup and during add/remove partition ops
*/
Collection<String> c = new HashSet<String>();
- c.add( "normalizationService" );
- c.add( "authenticationService" );
- c.add( "authorizationService" );
- c.add( "defaultAuthorizationService" );
- c.add( "schemaService" );
- c.add( "subentryService" );
- c.add( "operationalAttributeService" );
- c.add( "referralService" );
- c.add( "eventService" );
- c.add( "triggerService" );
+ c.add( NormalizationService.NAME );
+ c.add( AuthenticationService.NAME );
+ c.add( AuthorizationService.NAME );
+ c.add( DefaultAuthorizationService.NAME );
+ c.add( SchemaService.NAME );
+ c.add( SubentryService.NAME );
+ c.add( OperationalAttributeService.NAME );
+ c.add( ReferralService.NAME );
+ c.add( EventService.NAME );
+ c.add( TriggerService.NAME );
SEARCH_BYPASS = Collections.unmodifiableCollection( c );
}
@@ -145,7 +161,7 @@
static boolean isReferral( Attributes entry ) throws NamingException
{
- Attribute oc = entry.get( OBJCLASS_ATTR );
+ Attribute oc = entry.get( SchemaConstants.OBJECT_CLASS_AT );
if ( oc == null )
{
log.warn( "could not find objectClass attribute in entry: " + entry );
@@ -169,11 +185,14 @@
oidRegistry = dsConfig.getRegistries().getOidRegistry();
env = dsConfig.getEnvironment();
- Iterator suffixes = nexus.listSuffixes();
+ Iterator suffixes = nexus.listSuffixes( null );
+
while ( suffixes.hasNext() )
{
LdapDN suffix = new LdapDN( ( String ) suffixes.next() );
- addReferrals( nexus.search( suffix, env, getReferralFilter(), getControls() ), suffix );
+ addReferrals(
+ nexus.search(
+ new SearchOperationContext( suffix, env, getReferralFilter(), getControls() ) ), suffix );
}
}
@@ -207,12 +226,14 @@
LdapDN urlDn = new LdapDN( ldapUrl.getDn().toNormName() );
urlDn.normalize( attrRegistry.getNormalizerMapping() );
+
if ( urlDn.equals( farthest ) )
{
// according to the protocol there is no need for the dn since it is the same as this request
StringBuffer buf = new StringBuffer();
buf.append( ldapUrl.getScheme() );
buf.append( ldapUrl.getHost() );
+
if ( ldapUrl.getPort() > 0 )
{
buf.append( ":" );
@@ -230,6 +251,7 @@
*/
int diff = targetUpdn.size() - farthest.size();
LdapDN extra = new LdapDN();
+
for ( int jj = 0; jj < diff; jj++ )
{
extra.add( targetUpdn.get( farthest.size() + jj ) );
@@ -239,11 +261,13 @@
StringBuffer buf = new StringBuffer();
buf.append( ldapUrl.getScheme() );
buf.append( ldapUrl.getHost() );
+
if ( ldapUrl.getPort() > 0 )
{
buf.append( ":" );
buf.append( ldapUrl.getPort() );
}
+
buf.append( "/" );
buf.append( LdapURL.urlEncode( urlDn.getUpName(), false ) );
list.add( buf.toString() );
@@ -254,40 +278,45 @@
}
- public void add(NextInterceptor next, LdapDN normName, Attributes entry) throws NamingException
+ public void add(NextInterceptor next, OperationContext opContext ) throws NamingException
{
Invocation invocation = InvocationStack.getInstance().peek();
ServerLdapContext caller = ( ServerLdapContext ) invocation.getCaller();
String refval = ( String ) caller.getEnvironment().get( Context.REFERRAL );
+ LdapDN name = opContext.getDn();
+ Attributes entry = ((AddOperationContext)opContext).getEntry();
// handle a normal add without following referrals
- if ( refval == null || refval.equals( IGNORE ) )
+ if ( ( refval == null ) || refval.equals( IGNORE ) )
{
- next.add(normName, entry );
+ next.add( opContext );
+
if ( isReferral( entry ) )
{
- lut.referralAdded( normName );
+ lut.referralAdded( name );
}
+
return;
}
-
- if ( refval.equals( THROW ) )
+ else if ( refval.equals( THROW ) )
{
- LdapDN farthest = lut.getFarthestReferralAncestor( normName );
+ LdapDN farthest = lut.getFarthestReferralAncestor( name );
+
if ( farthest == null )
{
- next.add(normName, entry );
+ next.add( opContext );
+
if ( isReferral( entry ) )
{
- lut.referralAdded( normName );
+ lut.referralAdded( name );
}
return;
}
- Attributes referral = invocation.getProxy().lookup( farthest, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( farthest ), PartitionNexusProxy.LOOKUP_BYPASS );
AttributeType refsType = attrRegistry.lookup( oidRegistry.getOid( REF_ATTR ) );
Attribute refs = AttributeUtils.getAttribute( referral, refsType );
- doReferralException( farthest, new LdapDN( normName.getUpName() ), refs );
+ doReferralException( farthest, new LdapDN( name.getUpName() ), refs );
}
else if ( refval.equals( FOLLOW ) )
{
@@ -301,8 +330,10 @@
}
- public boolean compare( NextInterceptor next, LdapDN normName, String oid, Object value ) throws NamingException
+ public boolean compare( NextInterceptor next, OperationContext opContext ) throws NamingException
{
+ LdapDN name = opContext.getDn();
+
Invocation invocation = InvocationStack.getInstance().peek();
ServerLdapContext caller = ( ServerLdapContext ) invocation.getCaller();
String refval = ( String ) caller.getEnvironment().get( Context.REFERRAL );
@@ -310,20 +341,20 @@
// handle a normal add without following referrals
if ( refval == null || refval.equals( IGNORE ) )
{
- return next.compare( normName, oid, value );
+ return next.compare( opContext );
}
if ( refval.equals( THROW ) )
{
- LdapDN farthest = lut.getFarthestReferralAncestor( normName );
+ LdapDN farthest = lut.getFarthestReferralAncestor( name );
if ( farthest == null )
{
- return next.compare( normName, oid, value );
+ return next.compare( opContext );
}
- Attributes referral = invocation.getProxy().lookup( farthest, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( farthest ), PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
- doReferralException( farthest, new LdapDN( normName.getUpName() ), refs );
+ doReferralException( farthest, new LdapDN( name.getUpName() ), refs );
// we really can't get here since doReferralException will throw an exception
return false;
@@ -340,8 +371,9 @@
}
- public void delete( NextInterceptor next, LdapDN normName ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext opContext ) throws NamingException
{
+ LdapDN name = opContext.getDn();
Invocation invocation = InvocationStack.getInstance().peek();
ServerLdapContext caller = ( ServerLdapContext ) invocation.getCaller();
String refval = ( String ) caller.getEnvironment().get( Context.REFERRAL );
@@ -349,30 +381,35 @@
// handle a normal delete without following referrals
if ( refval == null || refval.equals( IGNORE ) )
{
- next.delete( normName );
- if ( lut.isReferral( normName ) )
+ next.delete( opContext );
+
+ if ( lut.isReferral( name ) )
{
- lut.referralDeleted( normName );
+ lut.referralDeleted( name );
}
+
return;
}
if ( refval.equals( THROW ) )
{
- LdapDN farthest = lut.getFarthestReferralAncestor( normName );
+ LdapDN farthest = lut.getFarthestReferralAncestor( name );
+
if ( farthest == null )
{
- next.delete( normName );
- if ( lut.isReferral( normName ) )
+ next.delete( opContext );
+
+ if ( lut.isReferral( name ) )
{
- lut.referralDeleted( normName );
+ lut.referralDeleted( name );
}
+
return;
}
- Attributes referral = invocation.getProxy().lookup( farthest, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( farthest ), PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
- doReferralException( farthest, new LdapDN( normName.getUpName() ), refs );
+ doReferralException( farthest, new LdapDN( name.getUpName() ), refs );
}
else if ( refval.equals( FOLLOW ) )
{
@@ -401,22 +438,26 @@
* -----------------------------------------------------------------------
*/
- public void move( NextInterceptor next, LdapDN oldName, LdapDN newParent ) throws NamingException
+ public void move( NextInterceptor next, OperationContext opContext ) throws NamingException
{
+ LdapDN oldName = opContext.getDn();
+
Invocation invocation = InvocationStack.getInstance().peek();
ServerLdapContext caller = ( ServerLdapContext ) invocation.getCaller();
String refval = ( String ) caller.getEnvironment().get( Context.REFERRAL );
- LdapDN newName = ( LdapDN ) newParent.clone();
+ LdapDN newName = ( LdapDN ) ((MoveOperationContext)opContext).getParent().clone();
newName.add( oldName.get( oldName.size() - 1 ) );
// handle a normal modify without following referrals
if ( refval == null || refval.equals( IGNORE ) )
{
- next.move( oldName, newParent );
+ next.move( opContext );
+
if ( lut.isReferral( oldName ) )
{
lut.referralChanged( oldName, newName );
}
+
return;
}
@@ -426,16 +467,18 @@
LdapDN farthestDst = lut.getFarthestReferralAncestor( newName ); // note will not return newName so safe
if ( farthestSrc == null && farthestDst == null && !lut.isReferral( newName ) )
{
- next.move( oldName, newParent );
+ next.move( opContext );
+
if ( lut.isReferral( oldName ) )
{
lut.referralChanged( oldName, newName );
}
+
return;
}
else if ( farthestSrc != null )
{
- Attributes referral = invocation.getProxy().lookup( farthestSrc,
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( farthestSrc ),
PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
doReferralException( farthestSrc, new LdapDN( oldName.getUpName() ), refs );
@@ -467,19 +510,21 @@
}
- public void move( NextInterceptor next, LdapDN oldName, LdapDN newParent, String newRdn, boolean deleteOldRdn )
+ public void moveAndRename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
+ LdapDN oldName = opContext.getDn();
+
Invocation invocation = InvocationStack.getInstance().peek();
ServerLdapContext caller = ( ServerLdapContext ) invocation.getCaller();
String refval = ( String ) caller.getEnvironment().get( Context.REFERRAL );
- LdapDN newName = ( LdapDN ) newParent.clone();
- newName.add( newRdn );
+ LdapDN newName = ( LdapDN ) ((MoveAndRenameOperationContext)opContext).getParent().clone();
+ newName.add( ((MoveAndRenameOperationContext)opContext).getNewRdn() );
// handle a normal modify without following referrals
if ( refval == null || refval.equals( IGNORE ) )
{
- next.move( oldName, newParent, newRdn, deleteOldRdn );
+ next.moveAndRename( opContext );
if ( lut.isReferral( oldName ) )
{
lut.referralChanged( oldName, newName );
@@ -493,7 +538,7 @@
LdapDN farthestDst = lut.getFarthestReferralAncestor( newName ); // safe to use - does not return newName
if ( farthestSrc == null && farthestDst == null && !lut.isReferral( newName ) )
{
- next.move( oldName, newParent, newRdn, deleteOldRdn );
+ next.moveAndRename( opContext );
if ( lut.isReferral( oldName ) )
{
lut.referralChanged( oldName, newName );
@@ -502,7 +547,7 @@
}
else if ( farthestSrc != null )
{
- Attributes referral = invocation.getProxy().lookup( farthestSrc,
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( farthestSrc ),
PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
doReferralException( farthestSrc, new LdapDN( oldName.getUpName() ), refs );
@@ -534,27 +579,31 @@
}
- public void modifyRn( NextInterceptor next, LdapDN oldName, String newRdn, boolean deleteOldRdn )
+ public void rename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
+ LdapDN oldName = opContext.getDn();
+
Invocation invocation = InvocationStack.getInstance().peek();
ServerLdapContext caller = ( ServerLdapContext ) invocation.getCaller();
String refval = ( String ) caller.getEnvironment().get( Context.REFERRAL );
LdapDN newName = ( LdapDN ) oldName.clone();
newName.remove( oldName.size() - 1 );
- LdapDN newRdnName = new LdapDN( newRdn );
+ LdapDN newRdnName = new LdapDN( ((RenameOperationContext)opContext).getNewRdn() );
newRdnName.normalize( attrRegistry.getNormalizerMapping() );
newName.add( newRdnName.toNormName() );
// handle a normal modify without following referrals
if ( refval == null || refval.equals( IGNORE ) )
{
- next.modifyRn( oldName, newRdn, deleteOldRdn );
+ next.rename( opContext );
+
if ( lut.isReferral( oldName ) )
{
lut.referralChanged( oldName, newName );
}
+
return;
}
@@ -562,18 +611,22 @@
{
LdapDN farthestSrc = lut.getFarthestReferralAncestor( oldName );
LdapDN farthestDst = lut.getFarthestReferralAncestor( newName );
+
if ( farthestSrc == null && farthestDst == null && !lut.isReferral( newName ) )
{
- next.modifyRn( oldName, newRdn, deleteOldRdn );
+ next.rename( opContext );
+
if ( lut.isReferral( oldName ) )
{
lut.referralChanged( oldName, newName );
}
+
return;
}
+
if ( farthestSrc != null )
{
- Attributes referral = invocation.getProxy().lookup( farthestSrc,
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( farthestSrc ),
PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
doReferralException( farthestSrc, new LdapDN( oldName.getUpName() ), refs );
@@ -605,104 +658,6 @@
}
- private void checkModify( LdapDN name, int modOp, Attributes mods ) throws NamingException
- {
- // -------------------------------------------------------------------
- // Check and update lut if we change the objectClass
- // -------------------------------------------------------------------
-
- boolean isTargetReferral = lut.isReferral( name );
- boolean isOcChange = mods.get( OBJCLASS_ATTR ) != null;
- boolean modsOcHasReferral = hasValue( mods.get( OBJCLASS_ATTR ), REFERRAL_OC );
- if ( isOcChange )
- {
- switch ( modOp )
- {
- /*
- * if ADD op where refferal is added to objectClass of a
- * non-referral entry then we add a new referral to lut
- */
- case ( DirContext.ADD_ATTRIBUTE ):
- if ( modsOcHasReferral && !isTargetReferral )
- {
- lut.referralAdded( name );
- }
- break;
- /*
- * if REMOVE op where refferal is removed from objectClass of a
- * referral entry then we remove the referral from lut
- */
- case ( DirContext.REMOVE_ATTRIBUTE ):
- if ( modsOcHasReferral && isTargetReferral )
- {
- lut.referralDeleted( name );
- }
- break;
- /*
- * if REPLACE op on referral has new set of OC values which does
- * not contain a referral value then we remove the referral from
- * the lut
- *
- * if REPLACE op on non-referral has new set of OC values with
- * referral value then we add the new referral to the lut
- */
- case ( DirContext.REPLACE_ATTRIBUTE ):
- if ( isTargetReferral && !modsOcHasReferral )
- {
- lut.referralDeleted( name );
- }
- else if ( !isTargetReferral && modsOcHasReferral )
- {
- lut.referralAdded( name );
- }
- break;
- default:
- throw new IllegalStateException( "undefined modification operation" );
- }
- }
- }
-
-
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException
- {
- Invocation invocation = InvocationStack.getInstance().peek();
- ServerLdapContext caller = ( ServerLdapContext ) invocation.getCaller();
- String refval = ( String ) caller.getEnvironment().get( Context.REFERRAL );
-
- // handle a normal modify without following referrals
- if ( refval == null || refval.equals( IGNORE ) )
- {
- next.modify( name, modOp, mods );
- checkModify( name, modOp, mods );
- return;
- }
-
- if ( refval.equals( THROW ) )
- {
- LdapDN farthest = lut.getFarthestReferralAncestor( name );
- if ( farthest == null )
- {
- next.modify( name, modOp, mods );
- checkModify( name, modOp, mods );
- return;
- }
-
- Attributes referral = invocation.getProxy().lookup( farthest, PartitionNexusProxy.LOOKUP_BYPASS );
- Attribute refs = referral.get( REF_ATTR );
- doReferralException( farthest, new LdapDN( name.getUpName() ), refs );
- }
- else if ( refval.equals( FOLLOW ) )
- {
- throw new NotImplementedException( FOLLOW + " referral handling mode not implemented" );
- }
- else
- {
- throw new LdapNamingException( "Undefined value for " + Context.REFERRAL + " key: " + refval,
- ResultCodeEnum.OTHER );
- }
- }
-
-
private void checkModify( LdapDN name, ModificationItemImpl[] mods ) throws NamingException
{
boolean isTargetReferral = lut.isReferral( name );
@@ -713,7 +668,7 @@
for ( int ii = 0; ii < mods.length; ii++ )
{
- if ( mods[ii].getAttribute().getID().equalsIgnoreCase( OBJCLASS_ATTR ) )
+ if ( mods[ii].getAttribute().getID().equalsIgnoreCase( SchemaConstants.OBJECT_CLASS_AT ) )
{
boolean modsOcHasReferral = hasValue( mods[ii].getAttribute(), REFERRAL_OC );
@@ -767,16 +722,18 @@
}
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] mods ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
Invocation invocation = InvocationStack.getInstance().peek();
ServerLdapContext caller = ( ServerLdapContext ) invocation.getCaller();
String refval = ( String ) caller.getEnvironment().get( Context.REFERRAL );
+ LdapDN name = opContext.getDn();
+ ModificationItemImpl[] mods = ((ModifyOperationContext)opContext).getModItems();
// handle a normal modify without following referrals
if ( refval == null || refval.equals( IGNORE ) )
{
- next.modify( name, mods );
+ next.modify( opContext );
checkModify( name, mods );
return;
}
@@ -786,12 +743,12 @@
LdapDN farthest = lut.getFarthestReferralAncestor( name );
if ( farthest == null )
{
- next.modify( name, mods );
+ next.modify( opContext );
checkModify( name, mods );
return;
}
- Attributes referral = invocation.getProxy().lookup( farthest, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( farthest ), PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
doReferralException( farthest, new LdapDN( name.getUpName() ), refs );
}
@@ -809,7 +766,7 @@
static ExprNode getReferralFilter()
{
- return new SimpleNode( OBJCLASS_ATTR, REFERRAL_OC, AssertionEnum.EQUALITY );
+ return new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, REFERRAL_OC, AssertionEnum.EQUALITY );
}
@@ -822,29 +779,36 @@
}
- public void addContextPartition( NextInterceptor next, PartitionConfiguration cfg ) throws NamingException
+ public void addContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- next.addContextPartition( cfg );
+ next.addContextPartition( opContext );
// add referrals immediately after adding the new partition
- Partition partition = cfg.getContextPartition();
+ Partition partition = ((AddContextPartitionOperationContext)opContext).getCfg().getContextPartition();
LdapDN suffix = partition.getSuffix();
Invocation invocation = InvocationStack.getInstance().peek();
- NamingEnumeration list = invocation.getProxy().search( suffix, env, getReferralFilter(), getControls(),
+ NamingEnumeration list = invocation.getProxy().search(
+ new SearchOperationContext( suffix, env, getReferralFilter(), getControls() ),
SEARCH_BYPASS );
addReferrals( list, suffix );
}
- public void removeContextPartition( NextInterceptor next, LdapDN suffix ) throws NamingException
+ public void removeContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException
{
// remove referrals immediately before removing the partition
Invocation invocation = InvocationStack.getInstance().peek();
- NamingEnumeration list = invocation.getProxy().search( suffix, env, getReferralFilter(), getControls(),
+ NamingEnumeration list = invocation.getProxy().search(
+ new SearchOperationContext(
+ opContext.getDn(),
+ env,
+ getReferralFilter(),
+ getControls() ),
SEARCH_BYPASS );
- deleteReferrals( list, suffix );
+
+ deleteReferrals( list, opContext.getDn() );
- next.removeContextPartition( suffix );
+ next.removeContextPartition( opContext );
}
@@ -898,7 +862,7 @@
}
- public NamingEnumeration search( NextInterceptor next, LdapDN base, Map env, ExprNode filter, SearchControls controls )
+ public NamingEnumeration<SearchResult> search( NextInterceptor next, OperationContext opContext )
throws NamingException
{
Invocation invocation = InvocationStack.getInstance().peek();
@@ -908,8 +872,12 @@
// handle a normal modify without following referrals
if ( refval == null || refval.equals( IGNORE ) )
{
- return next.search( base, env, filter, controls );
+ return next.search( opContext );
}
+
+ LdapDN base = opContext.getDn();
+ SearchControls controls = ((SearchOperationContext)opContext).getSearchControls();
+
/**
* THROW_FINDING_BASE is a special setting which allows for finding base to
@@ -920,40 +888,43 @@
{
if ( lut.isReferral( base ) )
{
- Attributes referral = invocation.getProxy().lookup( base, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( base ), PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
doReferralExceptionOnSearchBase( base, refs, controls.getSearchScope() );
}
LdapDN farthest = lut.getFarthestReferralAncestor( base );
+
if ( farthest == null )
{
- return next.search( base, env, filter, controls );
+ return next.search( opContext );
}
- Attributes referral = invocation.getProxy().lookup( farthest, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( farthest ), PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
doReferralExceptionOnSearchBase( farthest, new LdapDN( base.getUpName() ), refs, controls.getSearchScope() );
throw new IllegalStateException( "Should never get here: shutting up compiler" );
}
+
if ( refval.equals( THROW ) )
{
if ( lut.isReferral( base ) )
{
- Attributes referral = invocation.getProxy().lookup( base, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( base ), PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
doReferralExceptionOnSearchBase( base, refs, controls.getSearchScope() );
}
LdapDN farthest = lut.getFarthestReferralAncestor( base );
+
if ( farthest == null )
{
- SearchResultFilteringEnumeration srfe = ( SearchResultFilteringEnumeration ) next.search( base, env,
- filter, controls );
+ SearchResultFilteringEnumeration srfe =
+ ( SearchResultFilteringEnumeration ) next.search( opContext );
return new ReferralHandlingEnumeration( srfe, lut, attrRegistry, nexus, controls.getSearchScope(), true );
}
- Attributes referral = invocation.getProxy().lookup( farthest, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes referral = invocation.getProxy().lookup( new LookupOperationContext( farthest ), PartitionNexusProxy.LOOKUP_BYPASS );
Attribute refs = referral.get( REF_ATTR );
doReferralExceptionOnSearchBase( farthest, new LdapDN( base.getUpName() ), refs, controls.getSearchScope() );
throw new IllegalStateException( "Should never get here: shutting up compiler" );
@@ -1108,7 +1079,13 @@
throw lre;
}
-
+ /**
+ * Check if the given name is a referral or not.
+ *
+ * @param name The DN to check
+ * @return <code>true</code> if the DN is a referral
+ * @throws NamingException I fthe DN is incorrect
+ */
public boolean isReferral( String name ) throws NamingException
{
if ( lut.isReferral( name ) )
@@ -1119,11 +1096,18 @@
LdapDN dn = new LdapDN( name );
dn.normalize( attrRegistry.getNormalizerMapping() );
- if ( lut.isReferral( dn ) )
- {
- return true;
- }
+ return lut.isReferral( dn );
+ }
- return false;
+ /**
+ * Check if the given name is a referral or not.
+ *
+ * @param name The DN to check
+ * @return <code>true</code> if the DN is a referral
+ * @throws NamingException I fthe DN is incorrect
+ */
+ public boolean isReferral( LdapDN name ) throws NamingException
+ {
+ return lut.isReferral( name.isNormalized() ? name : LdapDN.normalize( name, attrRegistry.getNormalizerMapping() ) );
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/AbstractSchemaChangeHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/AbstractSchemaChangeHandler.java
index a7adce3..baed0ec 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/AbstractSchemaChangeHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/AbstractSchemaChangeHandler.java
@@ -46,8 +46,6 @@
*/
public abstract class AbstractSchemaChangeHandler implements SchemaChangeHandler
{
- protected static final String OU_OID = "2.5.4.11";
-
protected final Registries targetRegistries;
protected final PartitionSchemaLoader loader;
protected final AttributeType m_oidAT;
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/DescriptionParsers.java b/core/src/main/java/org/apache/directory/server/core/schema/DescriptionParsers.java
index f1c09bd..b1463dd 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/DescriptionParsers.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/DescriptionParsers.java
@@ -28,6 +28,7 @@
import org.apache.directory.server.constants.MetaSchemaConstants;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidAttributeValueException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
@@ -391,7 +392,8 @@
{
for ( String superior : desc.getSuperiorObjectClasses() )
{
- if ( superior.equals( "2.5.6.0" ) || superior.equalsIgnoreCase( "top" ) )
+ if ( superior.equals( SchemaConstants.TOP_OC_OID ) ||
+ superior.equalsIgnoreCase( SchemaConstants.TOP_OC ) )
{
continue;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaAttributeTypeHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaAttributeTypeHandler.java
index 594039c..97ccdd9 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaAttributeTypeHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaAttributeTypeHandler.java
@@ -30,6 +30,8 @@
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.codec.LdapConstants;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -205,7 +207,7 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
throws NamingException
{
checkNewParent( newParentName );
@@ -246,13 +248,13 @@
}
Rdn rdn = newParent.getRdn();
- if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( OU_OID ) )
+ if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( SchemaConstants.OU_AT_OID ) )
{
throw new LdapInvalidNameException( "The parent entry of a attributeType should be an organizationalUnit.",
ResultCodeEnum.NAMING_VIOLATION );
}
- if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( "attributeTypes" ) )
+ if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( SchemaConstants.ATTRIBUTE_TYPES_AT ) )
{
throw new LdapInvalidNameException(
"The parent entry of a attributeType should have a relative name of ou=attributeTypes.",
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaComparatorHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaComparatorHandler.java
index c23fc8e..ed642dc 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaComparatorHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaComparatorHandler.java
@@ -33,6 +33,8 @@
import org.apache.directory.server.schema.registries.ComparatorRegistry;
import org.apache.directory.server.schema.registries.MatchingRuleRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.codec.LdapConstants;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -55,8 +57,6 @@
*/
public class MetaComparatorHandler implements SchemaChangeHandler
{
- private static final String OU_OID = "2.5.4.11";
-
private final PartitionSchemaLoader loader;
private final SchemaEntityFactory factory;
private final Registries targetRegistries;
@@ -276,7 +276,7 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
throws NamingException
{
checkNewParent( newParentName );
@@ -318,13 +318,13 @@
}
Rdn rdn = newParent.getRdn();
- if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( OU_OID ) )
+ if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( SchemaConstants.OU_AT_OID ) )
{
throw new LdapInvalidNameException( "The parent entry of a comparator should be an organizationalUnit.",
ResultCodeEnum.NAMING_VIOLATION );
}
- if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( "comparators" ) )
+ if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( SchemaConstants.COMPARATORS_AT ) )
{
throw new LdapInvalidNameException(
"The parent entry of a comparator should have a relative name of ou=comparators.",
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaDitContentRuleHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaDitContentRuleHandler.java
index eee3953..582de65 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaDitContentRuleHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaDitContentRuleHandler.java
@@ -89,7 +89,7 @@
/* (non-Javadoc)
* @see org.apache.directory.server.core.schema.SchemaChangeHandler#move(org.apache.directory.shared.ldap.name.LdapDN, org.apache.directory.shared.ldap.name.LdapDN, javax.naming.directory.Attributes)
*/
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
{
// TODO Auto-generated method stub
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaDitStructureRuleHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaDitStructureRuleHandler.java
index 095085e..fe63f89 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaDitStructureRuleHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaDitStructureRuleHandler.java
@@ -89,7 +89,7 @@
/* (non-Javadoc)
* @see org.apache.directory.server.core.schema.SchemaChangeHandler#move(org.apache.directory.shared.ldap.name.LdapDN, org.apache.directory.shared.ldap.name.LdapDN, javax.naming.directory.Attributes)
*/
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
{
// TODO Auto-generated method stub
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaMatchingRuleHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaMatchingRuleHandler.java
index 7127ee3..60ef5b4 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaMatchingRuleHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaMatchingRuleHandler.java
@@ -30,6 +30,7 @@
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.registries.MatchingRuleRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -190,7 +191,7 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
throws NamingException
{
checkNewParent( newParentName );
@@ -231,13 +232,13 @@
}
Rdn rdn = newParent.getRdn();
- if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( OU_OID ) )
+ if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( SchemaConstants.OU_AT_OID ) )
{
throw new LdapInvalidNameException( "The parent entry of a matchingRule should be an organizationalUnit.",
ResultCodeEnum.NAMING_VIOLATION );
}
- if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( "matchingRules" ) )
+ if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( SchemaConstants.MATCHING_RULES_AT ) )
{
throw new LdapInvalidNameException(
"The parent entry of a syntax should have a relative name of ou=matchingRules.",
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaMatchingRuleUseHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaMatchingRuleUseHandler.java
index c5896ab..5269c0a 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaMatchingRuleUseHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaMatchingRuleUseHandler.java
@@ -85,7 +85,7 @@
/* (non-Javadoc)
* @see org.apache.directory.server.core.schema.SchemaChangeHandler#move(org.apache.directory.shared.ldap.name.LdapDN, org.apache.directory.shared.ldap.name.LdapDN, javax.naming.directory.Attributes)
*/
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
{
// TODO Auto-generated method stub
}
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaNameFormHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaNameFormHandler.java
index 47baa33..f9fb92f 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaNameFormHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaNameFormHandler.java
@@ -89,7 +89,7 @@
/* (non-Javadoc)
* @see org.apache.directory.server.core.schema.SchemaChangeHandler#move(org.apache.directory.shared.ldap.name.LdapDN, org.apache.directory.shared.ldap.name.LdapDN, javax.naming.directory.Attributes)
*/
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
{
// TODO Auto-generated method stub
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaNormalizerHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaNormalizerHandler.java
index cba2082..a1a70c3 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaNormalizerHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaNormalizerHandler.java
@@ -32,6 +32,7 @@
import org.apache.directory.server.schema.registries.MatchingRuleRegistry;
import org.apache.directory.server.schema.registries.NormalizerRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -55,8 +56,6 @@
*/
public class MetaNormalizerHandler implements SchemaChangeHandler
{
- private static final String OU_OID = "2.5.4.11";
-
private final PartitionSchemaLoader loader;
private final SchemaEntityFactory factory;
private final Registries targetRegistries;
@@ -276,7 +275,7 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
throws NamingException
{
checkNewParent( newParentName );
@@ -318,13 +317,13 @@
}
Rdn rdn = newParent.getRdn();
- if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( OU_OID ) )
+ if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( SchemaConstants.OU_AT_OID ) )
{
throw new LdapInvalidNameException( "The parent entry of a normalizer should be an organizationalUnit.",
ResultCodeEnum.NAMING_VIOLATION );
}
- if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( "normalizers" ) )
+ if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( SchemaConstants.NORMALIZERS_AT ) )
{
throw new LdapInvalidNameException(
"The parent entry of a normalizer should have a relative name of ou=normalizers.",
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaObjectClassHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaObjectClassHandler.java
index a5f89af..6815f68 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaObjectClassHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaObjectClassHandler.java
@@ -30,6 +30,7 @@
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.registries.ObjectClassRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -192,7 +193,7 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
throws NamingException
{
checkNewParent( newParentName );
@@ -233,13 +234,13 @@
}
Rdn rdn = newParent.getRdn();
- if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( OU_OID ) )
+ if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( SchemaConstants.OU_AT_OID ) )
{
throw new LdapInvalidNameException( "The parent entry of a objectClass should be an organizationalUnit.",
ResultCodeEnum.NAMING_VIOLATION );
}
- if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( "objectClasses" ) )
+ if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( SchemaConstants.OBJECT_CLASSES_AT ) )
{
throw new LdapInvalidNameException(
"The parent entry of a attributeType should have a relative name of ou=objectClasses.",
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaSchemaHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaSchemaHandler.java
index e980fb9..506b0df 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaSchemaHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaSchemaHandler.java
@@ -29,12 +29,11 @@
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
-import org.apache.directory.server.constants.CoreSchemaConstants;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.server.schema.registries.SchemaObjectRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -68,9 +67,9 @@
this.globalRegistries = globalRegistries;
this.disabledAT = globalRegistries.getAttributeTypeRegistry().lookup( MetaSchemaConstants.M_DISABLED_AT );
this.loader = loader;
- this.OU_OID = globalRegistries.getOidRegistry().getOid( CoreSchemaConstants.OU_AT );
+ this.OU_OID = globalRegistries.getOidRegistry().getOid( SchemaConstants.OU_AT );
this.factory = new SchemaEntityFactory( globalRegistries );
- this.cnAT = globalRegistries.getAttributeTypeRegistry().lookup( SystemSchemaConstants.CN_AT );
+ this.cnAT = globalRegistries.getAttributeTypeRegistry().lookup( SchemaConstants.CN_AT );
this.dependenciesAT = globalRegistries.getAttributeTypeRegistry()
.lookup( MetaSchemaConstants.M_DEPENDENCIES_AT );
}
@@ -349,7 +348,7 @@
* Moves are not allowed for metaSchema objects so this always throws an
* UNWILLING_TO_PERFORM LdapException.
*/
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
{
throw new LdapOperationNotSupportedException( "Moving around schemas is not allowed.",
ResultCodeEnum.UNWILLING_TO_PERFORM );
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaSyntaxCheckerHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaSyntaxCheckerHandler.java
index c5520e4..9fe5473 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaSyntaxCheckerHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaSyntaxCheckerHandler.java
@@ -32,6 +32,7 @@
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.server.schema.registries.SyntaxCheckerRegistry;
import org.apache.directory.server.schema.registries.SyntaxRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -56,8 +57,6 @@
*/
public class MetaSyntaxCheckerHandler implements SchemaChangeHandler
{
- private static final String OU_OID = "2.5.4.11";
-
private final PartitionSchemaLoader loader;
private final SchemaEntityFactory factory;
private final Registries targetRegistries;
@@ -282,7 +281,7 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
throws NamingException
{
checkNewParent( newParentName );
@@ -325,13 +324,13 @@
}
Rdn rdn = newParent.getRdn();
- if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( OU_OID ) )
+ if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( SchemaConstants.OU_AT_OID ) )
{
throw new LdapInvalidNameException( "The parent entry of a syntaxChecker should be an organizationalUnit.",
ResultCodeEnum.NAMING_VIOLATION );
}
- if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( "syntaxCheckers" ) )
+ if ( ! ( ( String ) rdn.getValue() ).equalsIgnoreCase( SchemaConstants.SYNTAX_CHECKERS_AT ) )
{
throw new LdapInvalidNameException(
"The parent entry of a normalizer should have a relative name of ou=syntaxCheckers.",
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/MetaSyntaxHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/MetaSyntaxHandler.java
index b6e9d83..ed7105d 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/MetaSyntaxHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/MetaSyntaxHandler.java
@@ -30,6 +30,7 @@
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.server.schema.registries.SyntaxRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -201,7 +202,7 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry )
throws NamingException
{
checkNewParent( newParentName );
@@ -244,7 +245,7 @@
}
Rdn rdn = newParent.getRdn();
- if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( OU_OID ) )
+ if ( ! targetRegistries.getOidRegistry().getOid( rdn.getNormType() ).equals( SchemaConstants.OU_AT_OID ) )
{
throw new LdapInvalidNameException( "The parent entry of a syntax should be an organizationalUnit.",
ResultCodeEnum.NAMING_VIOLATION );
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/PartitionSchemaLoader.java b/core/src/main/java/org/apache/directory/server/core/schema/PartitionSchemaLoader.java
index ecf00af..063ccc6 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/PartitionSchemaLoader.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/PartitionSchemaLoader.java
@@ -40,13 +40,16 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
+import org.apache.directory.server.core.interceptor.context.EntryOperationContext;
+import org.apache.directory.server.core.interceptor.context.ListOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.registries.AbstractSchemaLoader;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.server.schema.registries.SchemaLoader;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.schema.Normalizer;
@@ -86,6 +89,13 @@
private final AttributeType descAT;
private final AttributeType fqcnAT;
+ private static Map<String, LdapDN> staticAttributeTypeDNs = new HashMap<String, LdapDN>();
+ private static Map<String, LdapDN> staticMatchingRulesDNs = new HashMap<String, LdapDN>();
+ private static Map<String, LdapDN> staticObjectClassesDNs = new HashMap<String, LdapDN>();
+ private static Map<String, LdapDN> staticComparatorsDNs = new HashMap<String, LdapDN>();
+ private static Map<String, LdapDN> staticNormalizersDNs = new HashMap<String, LdapDN>();
+ private static Map<String, LdapDN> staticSyntaxCheckersDNs = new HashMap<String, LdapDN>();
+ private static Map<String, LdapDN> staticSyntaxesDNs = new HashMap<String, LdapDN>();
public PartitionSchemaLoader( Partition partition, Registries bootstrapRegistries ) throws NamingException
{
@@ -96,12 +106,61 @@
this.dao = new SchemaPartitionDao( this.partition, bootstrapRegistries );
this.mOidAT = bootstrapRegistries.getAttributeTypeRegistry().lookup( MetaSchemaConstants.M_OID_AT );
this.mNameAT = bootstrapRegistries.getAttributeTypeRegistry().lookup( MetaSchemaConstants.M_NAME_AT );
- this.cnAT = bootstrapRegistries.getAttributeTypeRegistry().lookup( SystemSchemaConstants.CN_AT );
+ this.cnAT = bootstrapRegistries.getAttributeTypeRegistry().lookup( SchemaConstants.CN_AT );
this.byteCodeAT = bootstrapRegistries.getAttributeTypeRegistry().lookup( MetaSchemaConstants.M_BYTECODE_AT );
this.descAT = bootstrapRegistries.getAttributeTypeRegistry().lookup( MetaSchemaConstants.M_DESCRIPTION_AT );
this.fqcnAT = bootstrapRegistries.getAttributeTypeRegistry().lookup( MetaSchemaConstants.M_FQCN_AT );
+
+ initStaticDNs( "system" );
+ initStaticDNs( "core" );
+ initStaticDNs( "apache" );
+ initStaticDNs( "apachemeta" );
+ initStaticDNs( "other" );
+ initStaticDNs( "collective" );
+ initStaticDNs( "java" );
+ initStaticDNs( "cosine" );
+ initStaticDNs( "inetorgperson" );
}
+ private void initStaticDNs( String schemaName ) throws NamingException
+ {
+
+ // Initialize AttributeType Dns
+ LdapDN dn = new LdapDN( "ou=attributeTypes,cn=" + schemaName + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticAttributeTypeDNs.put( schemaName, dn );
+
+ // Initialize ObjectClasses Dns
+ dn = new LdapDN( "ou=objectClasses,cn=" + schemaName + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticObjectClassesDNs.put( schemaName, dn );
+
+ // Initialize MatchingRules Dns
+ dn = new LdapDN( "ou=matchingRules,cn=" + schemaName + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticMatchingRulesDNs.put( schemaName, dn );
+
+ // Initialize Comparators Dns
+ dn = new LdapDN( "ou=comparators,cn=" + schemaName + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticComparatorsDNs.put( schemaName, dn );
+
+ // Initialize Normalizers Dns
+ dn = new LdapDN( "ou=normalizers,cn=" + schemaName + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticNormalizersDNs.put( schemaName, dn );
+
+ // Initialize SyntaxCheckers Dns
+ dn = new LdapDN( "ou=syntaxCheckers,cn=" + schemaName + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticSyntaxCheckersDNs.put( schemaName, dn );
+
+ // Initialize Syntaxes Dns
+ dn = new LdapDN( "ou=syntaxes,cn=" + schemaName + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticSyntaxesDNs.put( schemaName, dn );
+
+ }
/**
* Utility method to load all enabled schemas into this registry.
@@ -153,12 +212,13 @@
{
if ( ! schema.isDisabled() )
{
- log.info( "will attempt to load enabled schema: {}", schema.getSchemaName() );
+ log.debug( "will attempt to load enabled schema: {}", schema.getSchemaName() );
+
enabledSchemaSet.add( schema );
}
else
{
- log.info( "will NOT attempt to load disabled schema: {}", schema.getSchemaName() );
+ log.debug( "will NOT attempt to load disabled schema: {}", schema.getSchemaName() );
}
}
@@ -283,7 +343,7 @@
return;
}
- log.info( "loading {} schema ...", schema.getSchemaName() );
+ log.debug( "loading {} schema ...", schema.getSchemaName() );
loadComparators( schema, targetRegistries );
loadNormalizers( schema, targetRegistries );
@@ -340,23 +400,30 @@
* the loader we will defer the registration of elements until later.
*/
LinkedList<ObjectClass> deferred = new LinkedList<ObjectClass>();
- LdapDN dn = new LdapDN( "ou=objectClasses,cn=" + schema.getSchemaName() + ",ou=schema" );
- dn.normalize( this.attrRegistry.getNormalizerMapping() );
+
+ LdapDN dn = staticObjectClassesDNs.get( schema.getSchemaName() );
- if ( ! partition.hasEntry( dn ) )
+ if ( dn == null )
+ {
+ dn = new LdapDN( "ou=objectClasses,cn=" + schema.getSchemaName() + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticObjectClassesDNs.put( schema.getSchemaName(), dn );
+ }
+
+ if ( ! partition.hasEntry( new EntryOperationContext( dn ) ) )
{
return;
}
- log.info( "{} schema: loading objectClasses", schema.getSchemaName() );
+ log.debug( "{} schema: loading objectClasses", schema.getSchemaName() );
- NamingEnumeration list = partition.list( dn );
+ NamingEnumeration list = partition.list( new ListOperationContext( dn ) );
while ( list.hasMore() )
{
SearchResult result = ( SearchResult ) list.next();
LdapDN resultDN = new LdapDN( result.getName() );
resultDN.normalize( attrRegistry.getNormalizerMapping() );
- Attributes attrs = partition.lookup( resultDN );
+ Attributes attrs = partition.lookup( new LookupOperationContext( resultDN ) );
ObjectClass oc = factory.getObjectClass( attrs, targetRegistries, schema.getSchemaName() );
try
@@ -433,23 +500,30 @@
private void loadAttributeTypes( Schema schema, Registries targetRegistries ) throws NamingException
{
LinkedList<AttributeType> deferred = new LinkedList<AttributeType>();
- LdapDN dn = new LdapDN( "ou=attributeTypes,cn=" + schema.getSchemaName() + ",ou=schema" );
- dn.normalize( this.attrRegistry.getNormalizerMapping() );
- if ( ! partition.hasEntry( dn ) )
+ LdapDN dn = staticAttributeTypeDNs.get( schema.getSchemaName() );
+
+ if ( dn == null )
+ {
+ dn = new LdapDN( "ou=attributeTypes,cn=" + schema.getSchemaName() + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticAttributeTypeDNs.put( schema.getSchemaName(), dn );
+ }
+
+ if ( ! partition.hasEntry( new EntryOperationContext( dn ) ) )
{
return;
}
- log.info( "{} schema: loading attributeTypes", schema.getSchemaName() );
+ log.debug( "{} schema: loading attributeTypes", schema.getSchemaName() );
- NamingEnumeration list = partition.list( dn );
+ NamingEnumeration list = partition.list( new ListOperationContext( dn ) );
while ( list.hasMore() )
{
SearchResult result = ( SearchResult ) list.next();
LdapDN resultDN = new LdapDN( result.getName() );
resultDN.normalize( attrRegistry.getNormalizerMapping() );
- Attributes attrs = partition.lookup( resultDN );
+ Attributes attrs = partition.lookup( new LookupOperationContext( resultDN ) );
AttributeType at = factory.getAttributeType( attrs, targetRegistries, schema.getSchemaName() );
try
{
@@ -524,23 +598,29 @@
private void loadMatchingRules( Schema schema, Registries targetRegistries ) throws NamingException
{
- LdapDN dn = new LdapDN( "ou=matchingRules,cn=" + schema.getSchemaName() + ",ou=schema" );
- dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ LdapDN dn = staticMatchingRulesDNs.get( schema.getSchemaName() );
- if ( ! partition.hasEntry( dn ) )
+ if ( dn == null )
+ {
+ dn = new LdapDN( "ou=matchingRules,cn=" + schema.getSchemaName() + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticMatchingRulesDNs.put( schema.getSchemaName(), dn );
+ }
+
+ if ( ! partition.hasEntry( new EntryOperationContext( dn ) ) )
{
return;
}
- log.info( "{} schema: loading matchingRules", schema.getSchemaName() );
+ log.debug( "{} schema: loading matchingRules", schema.getSchemaName() );
- NamingEnumeration list = partition.list( dn );
+ NamingEnumeration list = partition.list( new ListOperationContext( dn ) );
while ( list.hasMore() )
{
SearchResult result = ( SearchResult ) list.next();
LdapDN resultDN = new LdapDN( result.getName() );
resultDN.normalize( attrRegistry.getNormalizerMapping() );
- Attributes attrs = partition.lookup( resultDN );
+ Attributes attrs = partition.lookup( new LookupOperationContext( resultDN ) );
MatchingRule mrule = factory.getMatchingRule( attrs, targetRegistries, schema.getSchemaName() );
targetRegistries.getMatchingRuleRegistry().register( mrule );
@@ -550,23 +630,29 @@
private void loadSyntaxes( Schema schema, Registries targetRegistries ) throws NamingException
{
- LdapDN dn = new LdapDN( "ou=syntaxes,cn=" + schema.getSchemaName() + ",ou=schema" );
- dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ LdapDN dn = staticSyntaxesDNs.get( schema.getSchemaName() );
- if ( ! partition.hasEntry( dn ) )
+ if ( dn == null )
+ {
+ dn = new LdapDN( "ou=syntaxes,cn=" + schema.getSchemaName() + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticSyntaxesDNs.put( schema.getSchemaName(), dn );
+ }
+
+ if ( ! partition.hasEntry( new EntryOperationContext( dn ) ) )
{
return;
}
- log.info( "{} schema: loading syntaxes", schema.getSchemaName() );
+ log.debug( "{} schema: loading syntaxes", schema.getSchemaName() );
- NamingEnumeration list = partition.list( dn );
+ NamingEnumeration list = partition.list( new ListOperationContext( dn ) );
while ( list.hasMore() )
{
SearchResult result = ( SearchResult ) list.next();
LdapDN resultDN = new LdapDN( result.getName() );
resultDN.normalize( attrRegistry.getNormalizerMapping() );
- Attributes attrs = partition.lookup( resultDN );
+ Attributes attrs = partition.lookup( new LookupOperationContext( resultDN ) );
Syntax syntax = factory.getSyntax( attrs, targetRegistries, schema.getSchemaName() );
targetRegistries.getSyntaxRegistry().register( syntax );
}
@@ -575,23 +661,29 @@
private void loadSyntaxCheckers( Schema schema, Registries targetRegistries ) throws NamingException
{
- LdapDN dn = new LdapDN( "ou=syntaxCheckers,cn=" + schema.getSchemaName() + ",ou=schema" );
- dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ LdapDN dn = staticSyntaxCheckersDNs.get( schema.getSchemaName() );
- if ( ! partition.hasEntry( dn ) )
+ if ( dn == null )
+ {
+ dn = new LdapDN( "ou=syntaxCheckers,cn=" + schema.getSchemaName() + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticSyntaxCheckersDNs.put( schema.getSchemaName(), dn );
+ }
+
+ if ( ! partition.hasEntry( new EntryOperationContext( dn ) ) )
{
return;
}
- log.info( "{} schema: loading syntaxCheckers", schema.getSchemaName() );
+ log.debug( "{} schema: loading syntaxCheckers", schema.getSchemaName() );
- NamingEnumeration list = partition.list( dn );
+ NamingEnumeration list = partition.list( new ListOperationContext( dn ) );
while ( list.hasMore() )
{
SearchResult result = ( SearchResult ) list.next();
LdapDN resultDN = new LdapDN( result.getName() );
resultDN.normalize( attrRegistry.getNormalizerMapping() );
- Attributes attrs = partition.lookup( resultDN );
+ Attributes attrs = partition.lookup( new LookupOperationContext( resultDN ) );
SyntaxChecker sc = factory.getSyntaxChecker( attrs, targetRegistries );
SyntaxCheckerDescription syntaxCheckerDescription =
getSyntaxCheckerDescription( schema.getSchemaName(), attrs );
@@ -602,23 +694,29 @@
private void loadNormalizers( Schema schema, Registries targetRegistries ) throws NamingException
{
- LdapDN dn = new LdapDN( "ou=normalizers,cn=" + schema.getSchemaName() + ",ou=schema" );
- dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ LdapDN dn = staticNormalizersDNs.get( schema.getSchemaName() );
- if ( ! partition.hasEntry( dn ) )
+ if ( dn == null )
+ {
+ dn = new LdapDN( "ou=normalizers,cn=" + schema.getSchemaName() + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticNormalizersDNs.put( schema.getSchemaName(), dn );
+ }
+
+ if ( ! partition.hasEntry( new EntryOperationContext( dn ) ) )
{
return;
}
- log.info( "{} schema: loading normalizers", schema.getSchemaName() );
+ log.debug( "{} schema: loading normalizers", schema.getSchemaName() );
- NamingEnumeration list = partition.list( dn );
+ NamingEnumeration list = partition.list( new ListOperationContext( dn ) );
while ( list.hasMore() )
{
SearchResult result = ( SearchResult ) list.next();
LdapDN resultDN = new LdapDN( result.getName() );
resultDN.normalize( attrRegistry.getNormalizerMapping() );
- Attributes attrs = partition.lookup( resultDN );
+ Attributes attrs = partition.lookup( new LookupOperationContext( resultDN ) );
Normalizer normalizer = factory.getNormalizer( attrs, targetRegistries );
NormalizerDescription normalizerDescription = getNormalizerDescription( schema.getSchemaName(), attrs );
targetRegistries.getNormalizerRegistry().register( normalizerDescription, normalizer );
@@ -665,23 +763,29 @@
private void loadComparators( Schema schema, Registries targetRegistries ) throws NamingException
{
- LdapDN dn = new LdapDN( "ou=comparators,cn=" + schema.getSchemaName() + ",ou=schema" );
- dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ LdapDN dn = staticComparatorsDNs.get( schema.getSchemaName() );
+
+ if ( dn == null )
+ {
+ dn = new LdapDN( "ou=comparators,cn=" + schema.getSchemaName() + ",ou=schema" );
+ dn.normalize( this.attrRegistry.getNormalizerMapping() );
+ staticComparatorsDNs.put( schema.getSchemaName(), dn );
+ }
- if ( ! partition.hasEntry( dn ) )
+ if ( ! partition.hasEntry( new EntryOperationContext( dn ) ) )
{
return;
}
- log.info( "{} schema: loading comparators", schema.getSchemaName() );
+ log.debug( "{} schema: loading comparators", schema.getSchemaName() );
- NamingEnumeration list = partition.list( dn );
+ NamingEnumeration list = partition.list( new ListOperationContext( dn ) );
while ( list.hasMore() )
{
SearchResult result = ( SearchResult ) list.next();
LdapDN resultDN = new LdapDN( result.getName() );
resultDN.normalize( attrRegistry.getNormalizerMapping() );
- Attributes attrs = partition.lookup( resultDN );
+ Attributes attrs = partition.lookup( new LookupOperationContext( resultDN ) );
Comparator comparator = factory.getComparator( attrs, targetRegistries );
ComparatorDescription comparatorDescription = getComparatorDescription( schema.getSchemaName(), attrs );
targetRegistries.getComparatorRegistry().register( comparatorDescription, comparator );
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/SchemaChangeHandler.java b/core/src/main/java/org/apache/directory/server/core/schema/SchemaChangeHandler.java
index 4377c6f..f8db9cb 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/SchemaChangeHandler.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/SchemaChangeHandler.java
@@ -42,5 +42,5 @@
void modify( LdapDN name, int modOp, Attributes mods, Attributes entry, Attributes targetEntry ) throws NamingException;
void modify( LdapDN name, ModificationItemImpl[] mods, Attributes entry, Attributes targetEntry ) throws NamingException;
void move( LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn, Attributes entry ) throws NamingException;
- void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException;
+ void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/SchemaChecker.java b/core/src/main/java/org/apache/directory/server/core/schema/SchemaChecker.java
index c9c2bf6..78da251 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/SchemaChecker.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/SchemaChecker.java
@@ -22,6 +22,7 @@
import org.apache.directory.server.schema.registries.ObjectClassRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.schema.ObjectClass;
@@ -75,7 +76,7 @@
return;
}
- if ( !"objectclass".equalsIgnoreCase( attribute.getID() ) )
+ if ( !SchemaConstants.OBJECT_CLASS_AT.equalsIgnoreCase( attribute.getID() ) )
{
return;
}
@@ -134,7 +135,7 @@
return;
}
- Attribute objectClass = attributes.get( "objectClass" );
+ Attribute objectClass = attributes.get( SchemaConstants.OBJECT_CLASS_AT );
if ( objectClass == null )
{
return;
@@ -195,7 +196,7 @@
return;
}
- if ( !"objectclass".equalsIgnoreCase( attribute.getID() ) )
+ if ( !SchemaConstants.OBJECT_CLASS_AT.equalsIgnoreCase( attribute.getID() ) )
{
return;
}
@@ -276,7 +277,7 @@
return;
}
- Attribute objectClass = attributes.get( "objectClass" );
+ Attribute objectClass = attributes.get( SchemaConstants.OBJECT_CLASS_AT );
if ( objectClass == null )
{
return;
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/SchemaEntityFactory.java b/core/src/main/java/org/apache/directory/server/core/schema/SchemaEntityFactory.java
index ac5532f..716b43f 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/SchemaEntityFactory.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/SchemaEntityFactory.java
@@ -33,9 +33,9 @@
import javax.naming.directory.BasicAttribute;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNamingException;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.schema.AttributeType;
@@ -97,18 +97,18 @@
throw new NullPointerException( "entry cannot be null" );
}
- if ( entry.get( SystemSchemaConstants.CN_AT ) == null )
+ if ( entry.get( SchemaConstants.CN_AT ) == null )
{
throw new NullPointerException( "entry must have a valid cn attribute" );
}
- name = ( String ) entry.get( SystemSchemaConstants.CN_AT ).get();
+ name = ( String ) entry.get( SchemaConstants.CN_AT ).get();
- if ( entry.get( SystemSchemaConstants.CREATORS_NAME_AT ) == null )
+ if ( entry.get( SchemaConstants.CREATORS_NAME_AT ) == null )
{
throw new NullPointerException( "entry must have a valid "
- + SystemSchemaConstants.CREATORS_NAME_AT + " attribute" );
+ + SchemaConstants.CREATORS_NAME_AT + " attribute" );
}
- owner = ( String ) entry.get( SystemSchemaConstants.CREATORS_NAME_AT ).get();
+ owner = ( String ) entry.get( SchemaConstants.CREATORS_NAME_AT ).get();
if ( entry.get( MetaSchemaConstants.M_DISABLED_AT ) != null )
{
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/SchemaManager.java b/core/src/main/java/org/apache/directory/server/core/schema/SchemaManager.java
index c4abe56..49f63c6 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/SchemaManager.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/SchemaManager.java
@@ -34,17 +34,24 @@
import javax.naming.directory.DirContext;
import org.apache.directory.server.constants.ApacheSchemaConstants;
-import org.apache.directory.server.constants.CoreSchemaConstants;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
+import org.apache.directory.server.core.authn.AuthenticationService;
+import org.apache.directory.server.core.authz.AuthorizationService;
+import org.apache.directory.server.core.authz.DefaultAuthorizationService;
+import org.apache.directory.server.core.collective.CollectiveAttributeService;
+import org.apache.directory.server.core.exception.ExceptionService;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.ServerLdapContext;
+import org.apache.directory.server.core.normalization.NormalizationService;
+import org.apache.directory.server.core.referral.ReferralService;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.ObjectClassRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.shared.ldap.NotImplementedException;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidNameException;
import org.apache.directory.shared.ldap.exception.LdapNamingException;
import org.apache.directory.shared.ldap.exception.LdapOperationNotSupportedException;
@@ -98,17 +105,17 @@
private static final Set<String> VALID_OU_VALUES = new HashSet<String>();
private static final String[] opAttrs = new String[] {
- "comparators",
- "normalizers",
- "syntaxCheckers",
- "ldapSyntaxes",
- "matchingRules",
- "attributeTypes",
- "objectClasses",
- "matchingRuleUse",
- "dITStructureRules",
- "dITContentRules",
- "nameForms"
+ SchemaConstants.COMPARATORS_AT,
+ SchemaConstants.NORMALIZERS_AT,
+ SchemaConstants.SYNTAX_CHECKERS_AT,
+ SchemaConstants.LDAP_SYNTAXES_AT,
+ SchemaConstants.MATCHING_RULES_AT,
+ SchemaConstants.ATTRIBUTE_TYPES_AT,
+ SchemaConstants.OBJECT_CLASSES_AT,
+ SchemaConstants.MATCHING_RULE_USE_AT,
+ SchemaConstants.DIT_STRUCTURE_RULES_AT,
+ SchemaConstants.DIT_CONTENT_RULES_AT,
+ SchemaConstants.NAME_FORMS_AT
};
private static final String[] metaObjectClasses = new String[] {
"metaComparator",
@@ -158,27 +165,27 @@
static
{
- VALID_OU_VALUES.add( "normalizers" );
- VALID_OU_VALUES.add( "comparators" );
- VALID_OU_VALUES.add( "syntaxcheckers" );
- VALID_OU_VALUES.add( "syntaxes" );
- VALID_OU_VALUES.add( "matchingrules" );
- VALID_OU_VALUES.add( "matchingruleuse" );
- VALID_OU_VALUES.add( "attributetypes" );
- VALID_OU_VALUES.add( "objectclasses" );
- VALID_OU_VALUES.add( "nameforms" );
- VALID_OU_VALUES.add( "ditcontentrules" );
- VALID_OU_VALUES.add( "ditstructurerules" );
+ VALID_OU_VALUES.add( SchemaConstants.NORMALIZERS_AT.toLowerCase() );
+ VALID_OU_VALUES.add( SchemaConstants.COMPARATORS_AT.toLowerCase() );
+ VALID_OU_VALUES.add( SchemaConstants.SYNTAX_CHECKERS_AT.toLowerCase() );
+ VALID_OU_VALUES.add( "syntaxes".toLowerCase() );
+ VALID_OU_VALUES.add( SchemaConstants.MATCHING_RULES_AT.toLowerCase() );
+ VALID_OU_VALUES.add( SchemaConstants.MATCHING_RULE_USE_AT.toLowerCase() );
+ VALID_OU_VALUES.add( SchemaConstants.ATTRIBUTE_TYPES_AT.toLowerCase() );
+ VALID_OU_VALUES.add( SchemaConstants.OBJECT_CLASSES_AT.toLowerCase() );
+ VALID_OU_VALUES.add( SchemaConstants.NAME_FORMS_AT.toLowerCase() );
+ VALID_OU_VALUES.add( SchemaConstants.DIT_CONTENT_RULES_AT.toLowerCase() );
+ VALID_OU_VALUES.add( SchemaConstants.DIT_STRUCTURE_RULES_AT.toLowerCase() );
HashSet<String> set = new HashSet<String>();
- set.add( "normalizationService" );
- set.add( "authenticationService" );
- set.add( "referralService" );
- set.add( "authorizationService" );
- set.add( "defaultAuthorizationService" );
- set.add( "exceptionService" );
- set.add( "schemaService" );
- set.add( "collectiveAttributeService" );
+ set.add( NormalizationService.NAME );
+ set.add( AuthenticationService.NAME );
+ set.add( ReferralService.NAME );
+ set.add( AuthorizationService.NAME );
+ set.add( DefaultAuthorizationService.NAME );
+ set.add( ExceptionService.NAME );
+ set.add( SchemaService.NAME );
+ set.add( CollectiveAttributeService.NAME );
SCHEMA_MODIFICATION_ATTRIBUTES_UPDATE_BYPASS = Collections.unmodifiableCollection( set );
}
@@ -189,7 +196,7 @@
this.loader = loader;
this.globalRegistries = globalRegistries;
this.objectClassAT = this.globalRegistries.getAttributeTypeRegistry()
- .lookup( SystemSchemaConstants.OBJECT_CLASS_AT );
+ .lookup( SchemaConstants.OBJECT_CLASS_AT );
this.metaSchemaHandler = new MetaSchemaHandler( this.globalRegistries, this.loader );
@@ -210,37 +217,37 @@
OidRegistry oidRegistry = globalRegistries.getOidRegistry();
- comparatorsOid = oidRegistry.getOid( ApacheSchemaConstants.COMPARATORS_AT );
+ comparatorsOid = oidRegistry.getOid( SchemaConstants.COMPARATORS_AT );
opAttr2handlerIndex.put( comparatorsOid, new Integer( COMPARATOR_INDEX ) );
- normalizersOid = oidRegistry.getOid( ApacheSchemaConstants.NORMALIZERS_AT );
+ normalizersOid = oidRegistry.getOid( SchemaConstants.NORMALIZERS_AT );
opAttr2handlerIndex.put( normalizersOid, new Integer( NORMALIZER_INDEX ) );
- syntaxCheckersOid = oidRegistry.getOid( ApacheSchemaConstants.SYNTAX_CHECKERS_AT );
+ syntaxCheckersOid = oidRegistry.getOid( SchemaConstants.SYNTAX_CHECKERS_AT );
opAttr2handlerIndex.put( syntaxCheckersOid, new Integer( SYNTAX_CHECKER_INDEX ) );
- ldapSyntaxesOid = oidRegistry.getOid( SystemSchemaConstants.LDAP_SYNTAXES_AT );
+ ldapSyntaxesOid = oidRegistry.getOid( SchemaConstants.LDAP_SYNTAXES_AT );
opAttr2handlerIndex.put( ldapSyntaxesOid, new Integer( SYNTAX_INDEX ) );
- matchingRulesOid = oidRegistry.getOid( SystemSchemaConstants.MATCHING_RULES_AT );
+ matchingRulesOid = oidRegistry.getOid( SchemaConstants.MATCHING_RULES_AT );
opAttr2handlerIndex.put( matchingRulesOid, new Integer( MATCHING_RULE_INDEX ) );
- attributeTypesOid = oidRegistry.getOid( SystemSchemaConstants.ATTRIBUTE_TYPES_AT );
+ attributeTypesOid = oidRegistry.getOid( SchemaConstants.ATTRIBUTE_TYPES_AT );
opAttr2handlerIndex.put( attributeTypesOid, new Integer( ATTRIBUTE_TYPE_INDEX ) );
- objectClassesOid = oidRegistry.getOid( SystemSchemaConstants.OBJECT_CLASSES_AT );
+ objectClassesOid = oidRegistry.getOid( SchemaConstants.OBJECT_CLASSES_AT );
opAttr2handlerIndex.put( objectClassesOid, new Integer( OBJECT_CLASS_INDEX ) );
- matchingRuleUseOid = oidRegistry.getOid( SystemSchemaConstants.MATCHING_RULE_USE_AT );
+ matchingRuleUseOid = oidRegistry.getOid( SchemaConstants.MATCHING_RULE_USE_AT );
opAttr2handlerIndex.put( matchingRuleUseOid, new Integer( MATCHING_RULE_USE_INDEX ) );
- ditStructureRulesOid = oidRegistry.getOid( SystemSchemaConstants.DIT_STRUCTURE_RULES_AT );
+ ditStructureRulesOid = oidRegistry.getOid( SchemaConstants.DIT_STRUCTURE_RULES_AT );
opAttr2handlerIndex.put( ditStructureRulesOid, new Integer( DIT_STRUCTURE_RULE_INDEX ) );
- ditContentRulesOid = oidRegistry.getOid( SystemSchemaConstants.DIT_CONTENT_RULES_AT );
+ ditContentRulesOid = oidRegistry.getOid( SchemaConstants.DIT_CONTENT_RULES_AT );
opAttr2handlerIndex.put( ditContentRulesOid, new Integer( DIT_CONTENT_RULE_INDEX ) );
- nameFormsOid = oidRegistry.getOid( SystemSchemaConstants.NAME_FORMS_AT );
+ nameFormsOid = oidRegistry.getOid( SchemaConstants.NAME_FORMS_AT );
opAttr2handlerIndex.put( nameFormsOid, new Integer( NAME_FORM_INDEX ) );
initHandlerMaps();
@@ -300,7 +307,7 @@
return;
}
- if ( AttributeUtils.containsValue( oc, CoreSchemaConstants.ORGANIZATIONAL_UNIT_OC, objectClassAT ) )
+ if ( AttributeUtils.containsValue( oc, SchemaConstants.ORGANIZATIONAL_UNIT_OC, objectClassAT ) )
{
if ( name.size() != 3 )
{
@@ -347,7 +354,7 @@
return;
}
- if ( AttributeUtils.containsValue( oc, CoreSchemaConstants.ORGANIZATIONAL_UNIT_OC, objectClassAT ) )
+ if ( AttributeUtils.containsValue( oc, SchemaConstants.ORGANIZATIONAL_UNIT_OC, objectClassAT ) )
{
if ( name.size() != 3 )
{
@@ -454,17 +461,18 @@
}
- public void move( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
+ public void replace( LdapDN oriChildName, LdapDN newParentName, Attributes entry ) throws NamingException
{
Attribute oc = AttributeUtils.getAttribute( entry, objectClassAT );
for ( int ii = 0; ii < oc.size(); ii++ )
{
String oid = globalRegistries.getOidRegistry().getOid( ( String ) oc.get( ii ) );
+
if ( objectClass2handlerMap.containsKey( oid ) )
{
SchemaChangeHandler handler = objectClass2handlerMap.get( oid );
- handler.move( oriChildName, newParentName, entry );
+ handler.replace( oriChildName, newParentName, entry );
updateSchemaModificationAttributes();
return;
}
@@ -472,7 +480,7 @@
if ( AttributeUtils.containsValue( oc, MetaSchemaConstants.META_SCHEMA_OC, objectClassAT ) )
{
- metaSchemaHandler.move( oriChildName, newParentName, entry );
+ metaSchemaHandler.replace( oriChildName, newParentName, entry );
updateSchemaModificationAttributes();
return;
}
@@ -895,6 +903,7 @@
new AttributeImpl( ApacheSchemaConstants.SCHEMA_MODIFIERS_NAME_AT, modifiersName ) );
LdapDN name = new LdapDN( "cn=schemaModifications,ou=schema" );
name.normalize( globalRegistries.getAttributeTypeRegistry().getNormalizerMapping() );
- invocation.getProxy().modify( name, mods, SCHEMA_MODIFICATION_ATTRIBUTES_UPDATE_BYPASS );
+
+ invocation.getProxy().modify( new ModifyOperationContext( name, mods ), SCHEMA_MODIFICATION_ATTRIBUTES_UPDATE_BYPASS );
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/SchemaPartitionDao.java b/core/src/main/java/org/apache/directory/server/core/schema/SchemaPartitionDao.java
index 31a9444..30af87c 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/SchemaPartitionDao.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/SchemaPartitionDao.java
@@ -35,13 +35,16 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.filter.BranchNode;
import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.filter.PresenceNode;
@@ -86,7 +89,11 @@
private final static Logger log = LoggerFactory.getLogger( SchemaPartitionDao.class );
private final static NumericOidSyntaxChecker NUMERIC_OID_CHECKER = new NumericOidSyntaxChecker();
private static final String[] SCHEMA_ATTRIBUTES = new String[] {
- "creatorsName", "m-dependencies", "objectClass", "cn", "m-disabled" };
+ SchemaConstants.CREATORS_NAME_AT,
+ "m-dependencies",
+ SchemaConstants.OBJECT_CLASS_AT,
+ SchemaConstants.CN_AT,
+ "m-disabled" };
private final Partition partition;
@@ -129,10 +136,10 @@
this.attrRegistry = this.bootstrapRegistries.getAttributeTypeRegistry();
this.M_NAME_OID = oidRegistry.getOid( MetaSchemaConstants.M_NAME_AT );
- this.CN_OID = oidRegistry.getOid( SystemSchemaConstants.CN_AT );
+ this.CN_OID = oidRegistry.getOid( SchemaConstants.CN_AT );
this.disabledAttributeType = attrRegistry.lookup( MetaSchemaConstants.M_DISABLED_AT );
this.M_OID_OID = oidRegistry.getOid( MetaSchemaConstants.M_OID_AT );
- this.OBJECTCLASS_OID = oidRegistry.getOid( SystemSchemaConstants.OBJECT_CLASS_AT );
+ this.OBJECTCLASS_OID = oidRegistry.getOid( SchemaConstants.OBJECT_CLASS_AT );
this.M_SYNTAX_OID = oidRegistry.getOid( MetaSchemaConstants.M_SYNTAX_AT );
this.M_ORDERING_OID = oidRegistry.getOid( MetaSchemaConstants.M_ORDERING_AT );
this.M_EQUALITY_OID = oidRegistry.getOid( MetaSchemaConstants.M_EQUALITY_AT );
@@ -169,7 +176,7 @@
while( list.hasMore() )
{
SearchResult sr = ( SearchResult ) list.next();
- schemaNames.add( ( String ) sr.getAttributes().get( "cn" ).get() );
+ schemaNames.add( ( String ) sr.getAttributes().get( SchemaConstants.CN_AT ).get() );
}
return schemaNames;
@@ -180,11 +187,12 @@
{
LdapDN base = new LdapDN( "ou=schema" );
base.normalize( attrRegistry.getNormalizerMapping() );
- ExprNode filter = new SimpleNode( oidRegistry.getOid( "objectClass" ), "metaSchema", AssertionEnum.EQUALITY );
+ ExprNode filter = new SimpleNode( oidRegistry.getOid( SchemaConstants.OBJECT_CLASS_AT ), "metaSchema", AssertionEnum.EQUALITY );
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope( SearchControls.ONELEVEL_SCOPE );
searchControls.setReturningAttributes( SCHEMA_ATTRIBUTES );
- return partition.search( base, new HashMap(), filter, searchControls );
+ return partition.search(
+ new SearchOperationContext( base, new HashMap(), filter, searchControls ) );
}
@@ -192,7 +200,7 @@
{
LdapDN dn = new LdapDN( "cn=" + schemaName + ",ou=schema" );
dn.normalize( attrRegistry.getNormalizerMapping() );
- return factory.getSchema( partition.lookup( dn ) );
+ return factory.getSchema( partition.lookup( new LookupOperationContext( dn ) ) );
}
@@ -223,7 +231,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
if ( ! ne.hasMore() )
{
@@ -266,7 +275,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
if ( ! ne.hasMore() )
{
@@ -309,7 +319,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
if ( ! ne.hasMore() )
{
@@ -352,7 +363,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
if ( ! ne.hasMore() )
{
@@ -395,7 +407,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
if ( ! ne.hasMore() )
{
@@ -486,7 +499,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
if ( ! ne.hasMore() )
{
@@ -545,7 +559,7 @@
{
LdapDN dn = new LdapDN( "cn=" + schemaName + ",ou=schema" );
dn.normalize( attrRegistry.getNormalizerMapping() );
- Attributes entry = partition.lookup( dn );
+ Attributes entry = partition.lookup( new LookupOperationContext( dn ) );
Attribute disabledAttr = AttributeUtils.getAttribute( entry, disabledAttributeType );
ModificationItemImpl[] mods = new ModificationItemImpl[3];
@@ -565,11 +579,11 @@
mods[0] = new ModificationItemImpl( DirContext.REMOVE_ATTRIBUTE,
new AttributeImpl( MetaSchemaConstants.M_DISABLED_AT ) );
mods[1] = new ModificationItemImpl( DirContext.ADD_ATTRIBUTE,
- new AttributeImpl( SystemSchemaConstants.MODIFIERS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL ) );
+ new AttributeImpl( SchemaConstants.MODIFIERS_NAME_AT, PartitionNexus.ADMIN_PRINCIPAL ) );
mods[2] = new ModificationItemImpl( DirContext.ADD_ATTRIBUTE,
- new AttributeImpl( SystemSchemaConstants.MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ) );
+ new AttributeImpl( SchemaConstants.MODIFY_TIMESTAMP_AT, DateUtils.getGeneralizedTime() ) );
- partition.modify( dn, mods );
+ partition.modify( new ModifyOperationContext( dn, mods ) );
}
@@ -602,7 +616,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
while( ne.hasMore() )
{
set.add( ne.next() );
@@ -651,7 +666,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
while( ne.hasMore() )
{
set.add( ne.next() );
@@ -678,7 +694,8 @@
// (& (m-oid=*) (m-name=*) )
filter.addNode( new PresenceNode( M_OID_OID ) );
filter.addNode( new PresenceNode( M_NAME_OID ) );
- return partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ return partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
}
@@ -726,7 +743,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
while( ne.hasMore() )
{
set.add( ne.next() );
@@ -773,7 +791,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
while( ne.hasMore() )
{
set.add( ne.next() );
@@ -814,7 +833,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
while( ne.hasMore() )
{
SearchResult sr = ne.next();
@@ -893,7 +913,8 @@
try
{
- ne = partition.search( partition.getSuffix(), new HashMap(), filter, searchControls );
+ ne = partition.search(
+ new SearchOperationContext( partition.getSuffix(), new HashMap(), filter, searchControls ) );
while( ne.hasMore() )
{
set.add( ne.next() );
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/SchemaService.java b/core/src/main/java/org/apache/directory/server/core/schema/SchemaService.java
index f1fd458..c0cfeaa 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/SchemaService.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/SchemaService.java
@@ -23,11 +23,11 @@
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Enumeration;
+import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
-import java.util.HashMap;
import java.util.Set;
import javax.naming.NamingEnumeration;
@@ -41,13 +41,20 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.constants.ApacheSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
import org.apache.directory.server.core.enumeration.SearchResultFilter;
import org.apache.directory.server.core.enumeration.SearchResultFilteringEnumeration;
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.partition.PartitionNexus;
@@ -55,6 +62,8 @@
import org.apache.directory.server.schema.registries.ObjectClassRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapAttributeInUseException;
import org.apache.directory.shared.ldap.exception.LdapInvalidAttributeIdentifierException;
import org.apache.directory.shared.ldap.exception.LdapInvalidAttributeValueException;
@@ -69,6 +78,7 @@
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
+import org.apache.directory.shared.ldap.message.ServerSearchResult;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.schema.DITContentRule;
@@ -80,8 +90,10 @@
import org.apache.directory.shared.ldap.schema.SchemaUtils;
import org.apache.directory.shared.ldap.schema.Syntax;
import org.apache.directory.shared.ldap.schema.UsageEnum;
+import org.apache.directory.shared.ldap.schema.syntax.AcceptAllSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.ComparatorDescription;
import org.apache.directory.shared.ldap.schema.syntax.NormalizerDescription;
+import org.apache.directory.shared.ldap.schema.syntax.SyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.SyntaxCheckerDescription;
import org.apache.directory.shared.ldap.util.AttributeUtils;
import org.apache.directory.shared.ldap.util.EmptyEnumeration;
@@ -100,12 +112,16 @@
*/
public class SchemaService extends BaseInterceptor
{
- private static final String[] EMPTY_STRING_ARRAY = new String[0];
- private static final String BINARY_KEY = "java.naming.ldap.attributes.binary";
-
/** The LoggerFactory used by this Interceptor */
private static Logger log = LoggerFactory.getLogger( SchemaService.class );
+ /** The service name */
+ public static final String NAME = "schemaService";
+
+ private static final String[] EMPTY_STRING_ARRAY = new String[0];
+ private static final String BINARY_KEY = JndiPropertyConstants.JNDI_LDAP_ATTRIBUTES_BINARY;
+
+
/** Speedup for logs */
private static final boolean IS_DEBUG = log.isDebugEnabled();
@@ -128,7 +144,7 @@
*/
private Registries registries;
- private Set binaries;
+ private Set<String> binaries;
/**
* subschemaSubentry attribute's value from Root DSE
@@ -179,7 +195,14 @@
topFilter = new TopFilter();
filters.add( binaryAttributeFilter );
filters.add( topFilter );
- binaries = ( Set ) factoryCfg.getEnvironment().get( BINARY_KEY );
+ binaries = ( Set<String> ) factoryCfg.getEnvironment().get( BINARY_KEY );
+
+ if ( binaries == null )
+ {
+ binaries = new HashSet<String>();
+ }
+
+
schemaBaseDN = new LdapDN( "ou=schema" );
schemaBaseDN.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
@@ -187,7 +210,7 @@
schemaManager = factoryCfg.getSchemaManager();
// stuff for dealing with subentries (garbage for now)
- String subschemaSubentry = ( String ) nexus.getRootDSE().get( "subschemaSubentry" ).get();
+ String subschemaSubentry = ( String ) nexus.getRootDSE( null ).get( "subschemaSubentry" ).get();
subschemaSubentryDn = new LdapDN( subschemaSubentry );
subschemaSubentryDn.normalize( registries.getAttributeTypeRegistry().getNormalizerMapping() );
@@ -300,7 +323,7 @@
for ( ObjectClass parent:parents )
{
// Top is not added
- if ( "top".equals( parent.getName() ) )
+ if ( SchemaConstants.TOP_OC.equals( parent.getName() ) )
{
continue;
}
@@ -353,11 +376,11 @@
/**
*
*/
- public NamingEnumeration list( NextInterceptor nextInterceptor, LdapDN base ) throws NamingException
+ public NamingEnumeration list( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- NamingEnumeration e = nextInterceptor.list( base );
+ NamingEnumeration e = nextInterceptor.list( opContext );
Invocation invocation = InvocationStack.getInstance().peek();
- return new SearchResultFilteringEnumeration( e, new SearchControls(), invocation, binaryAttributeFilter );
+ return new SearchResultFilteringEnumeration( e, new SearchControls(), invocation, binaryAttributeFilter, "List Schema Filter" );
}
/**
@@ -395,14 +418,27 @@
continue;
}
- if ( registries.getAttributeTypeRegistry().hasAttributeType( attribute ) )
+ try
{
- String oid = registries.getOidRegistry().getOid( attribute );
-
- if ( !filteredAttrs.containsKey( oid ) )
- {
- filteredAttrs.put( oid, attribute );
- }
+ // Check that the attribute is declared
+ if ( registries.getOidRegistry().hasOid( attribute ) )
+ {
+ String oid = registries.getOidRegistry().getOid( attribute );
+
+ // The attribute must be an AttributeType
+ if ( registries.getAttributeTypeRegistry().hasAttributeType( oid ) )
+ {
+ if ( !filteredAttrs.containsKey( oid ) )
+ {
+ // Ok, we can add the attribute to the list of filtered attributes
+ filteredAttrs.put( oid, attribute );
+ }
+ }
+ }
+ }
+ catch ( NamingException ne )
+ {
+ /* Do nothing, the attribute does not exist */
}
}
@@ -412,6 +448,15 @@
return;
}
+ // Deal with the special case where the attribute list is now empty
+ if ( filteredAttrs.size() == 0 )
+ {
+ // We just have to pass the special 1.1 ayttribute,
+ // as we don't want to return any attribute
+ searchCtls.setReturningAttributes( new String[]{ "1.1" } );
+ return;
+ }
+
// Some attributes have been removed. let's modify the searchControl
String[] newAttributesList = new String[filteredAttrs.size()];
@@ -429,9 +474,12 @@
/**
*
*/
- public NamingEnumeration search( NextInterceptor nextInterceptor, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
+ LdapDN base = opContext.getDn();
+ SearchControls searchCtls = ((SearchOperationContext)opContext).getSearchControls();
+ ExprNode filter = ((SearchOperationContext)opContext).getFilter();
+
// We have to eliminate bad attributes from the request, accordingly
// to RFC 2251, chap. 4.5.1. Basically, all unknown attributes are removed
// from the list
@@ -440,16 +488,16 @@
// Deal with the normal case : searching for a normal value (not subSchemaSubEntry
if ( !subschemaSubentryDn.toNormName().equals( base.toNormName() ) )
{
- NamingEnumeration e = nextInterceptor.search( base, env, filter, searchCtls );
+ NamingEnumeration e = nextInterceptor.search( opContext );
Invocation invocation = InvocationStack.getInstance().peek();
if ( searchCtls.getReturningAttributes() != null )
{
- return new SearchResultFilteringEnumeration( e, new SearchControls(), invocation, topFilter );
+ return new SearchResultFilteringEnumeration( e, new SearchControls(), invocation, topFilter, "Search Schema Filter top" );
}
- return new SearchResultFilteringEnumeration( e, searchCtls, invocation, filters );
+ return new SearchResultFilteringEnumeration( e, searchCtls, invocation, filters, "Search Schema Filter" );
}
// The user was searching into the subSchemaSubEntry
@@ -478,17 +526,24 @@
if ( registries.getObjectClassRegistry().hasObjectClass( objectClass ) )
{
- objectClassOid = registries.getObjectClassRegistry().lookup( objectClass ).getName();
+ objectClassOid = registries.getObjectClassRegistry().lookup( objectClass ).getOid();
+ }
+ else
+ {
+ return new EmptyEnumeration();
}
+ String nodeOid = registries.getOidRegistry().getOid( node.getAttribute() );
+
// see if node attribute is objectClass
- if ( node.getAttribute().equalsIgnoreCase( "2.5.4.0" )
- && ( "top".equalsIgnoreCase( objectClassOid ) || "subschema".equalsIgnoreCase( objectClassOid ) )
+ if ( nodeOid.equals( SchemaConstants.OBJECT_CLASS_AT_OID )
+ && ( objectClassOid.equals( SchemaConstants.TOP_OC_OID ) ||
+ objectClassOid.equals( SchemaConstants.SUBSCHEMA_OC_OID ) )
&& ( node.getAssertionType() == AssertionEnum.EQUALITY ) )
{
// call.setBypass( true );
Attributes attrs = getSubschemaEntry( searchCtls.getReturningAttributes() );
- SearchResult result = new SearchResult( base.toString(), null, attrs );
+ SearchResult result = new ServerSearchResult( base.toString(), null, attrs );
return new SingletonEnumeration( result );
}
else
@@ -501,11 +556,11 @@
PresenceNode node = ( PresenceNode ) filter;
// see if node attribute is objectClass
- if ( node.getAttribute().equalsIgnoreCase( "2.5.4.0" ) )
+ if ( node.getAttribute().equals( SchemaConstants.OBJECT_CLASS_AT_OID ) )
{
// call.setBypass( true );
Attributes attrs = getSubschemaEntry( searchCtls.getReturningAttributes() );
- SearchResult result = new SearchResult( base.toString(), null, attrs, false );
+ SearchResult result = new ServerSearchResult( base.toString(), null, attrs, false );
return new SingletonEnumeration( result );
}
}
@@ -529,22 +584,34 @@
ids = EMPTY_STRING_ARRAY;
}
- Set<String> set = new HashSet<String>();
+ Set<String> setOids = new HashSet<String>();
AttributesImpl attrs = new AttributesImpl();
AttributeImpl attr;
+ boolean returnAllOperationalAttributes = false;
+ // Transform the attributes to their OID counterpart
for ( String id:ids )
{
- set.add( id.toLowerCase() );
+ // Check whether the set contains a plus, and use it below to include all
+ // operational attributes. Due to RFC 3673, and issue DIREVE-228 in JIRA
+ if ( "+".equals( id ) )
+ {
+ // set.add( "+" );
+ returnAllOperationalAttributes = true;
+ }
+ else if ( "*".equals( id ) )
+ {
+ setOids.add( id );
+ }
+ else
+ {
+ setOids.add( registries.getOidRegistry().getOid( id ) );
+ }
}
-
- // Check whether the set contains a plus, and use it below to include all
- // operational attributes. Due to RFC 3673, and issue DIREVE-228 in JIRA
- boolean returnAllOperationalAttributes = set.contains( "+" );
-
- if ( returnAllOperationalAttributes || set.contains( "comparators" ) )
+
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.COMPARATORS_AT_OID ) )
{
- attr = new AttributeImpl( "comparators" );
+ attr = new AttributeImpl( SchemaConstants.COMPARATORS_AT );
Iterator<ComparatorDescription> list = registries.getComparatorRegistry().comparatorDescriptionIterator();
while ( list.hasNext() )
@@ -556,9 +623,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "normalizers" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.NORMALIZERS_AT_OID ) )
{
- attr = new AttributeImpl( "normalizers" );
+ attr = new AttributeImpl( SchemaConstants.NORMALIZERS_AT );
Iterator<NormalizerDescription> list = registries.getNormalizerRegistry().normalizerDescriptionIterator();
while ( list.hasNext() )
@@ -570,9 +637,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "syntaxCheckers" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.SYNTAX_CHECKERS_AT_OID ) )
{
- attr = new AttributeImpl( "syntaxCheckers" );
+ attr = new AttributeImpl( SchemaConstants.SYNTAX_CHECKERS_AT );
Iterator<SyntaxCheckerDescription> list =
registries.getSyntaxCheckerRegistry().syntaxCheckerDescriptionIterator();
@@ -585,9 +652,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "objectclasses" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.OBJECT_CLASSES_AT_OID ) )
{
- attr = new AttributeImpl( "objectClasses" );
+ attr = new AttributeImpl( SchemaConstants.OBJECT_CLASSES_AT );
Iterator<ObjectClass> list = registries.getObjectClassRegistry().iterator();
while ( list.hasNext() )
@@ -599,9 +666,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "attributetypes" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.ATTRIBUTE_TYPES_AT_OID ) )
{
- attr = new AttributeImpl( "attributeTypes" );
+ attr = new AttributeImpl( SchemaConstants.ATTRIBUTE_TYPES_AT );
Iterator<AttributeType> list = registries.getAttributeTypeRegistry().iterator();
while ( list.hasNext() )
@@ -613,9 +680,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "matchingrules" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.MATCHING_RULES_AT_OID ) )
{
- attr = new AttributeImpl( "matchingRules" );
+ attr = new AttributeImpl( SchemaConstants.MATCHING_RULES_AT );
Iterator<MatchingRule> list = registries.getMatchingRuleRegistry().iterator();
while ( list.hasNext() )
@@ -627,9 +694,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "matchingruleuse" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.MATCHING_RULE_USE_AT_OID ) )
{
- attr = new AttributeImpl( "matchingRuleUse" );
+ attr = new AttributeImpl( SchemaConstants.MATCHING_RULE_USE_AT );
Iterator list = registries.getMatchingRuleUseRegistry().iterator();
while ( list.hasNext() )
@@ -641,9 +708,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "ldapsyntaxes" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.LDAP_SYNTAXES_AT_OID ) )
{
- attr = new AttributeImpl( "ldapSyntaxes" );
+ attr = new AttributeImpl( SchemaConstants.LDAP_SYNTAXES_AT );
Iterator<Syntax> list = registries.getSyntaxRegistry().iterator();
while ( list.hasNext() )
@@ -655,9 +722,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "ditcontentrules" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.DIT_CONTENT_RULES_AT_OID ) )
{
- attr = new AttributeImpl( "dITContentRules" );
+ attr = new AttributeImpl( SchemaConstants.DIT_CONTENT_RULES_AT );
Iterator<DITContentRule> list = registries.getDitContentRuleRegistry().iterator();
while ( list.hasNext() )
@@ -669,9 +736,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "ditstructurerules" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.DIT_STRUCTURE_RULES_AT_OID ) )
{
- attr = new AttributeImpl( "dITStructureRules" );
+ attr = new AttributeImpl( SchemaConstants.DIT_STRUCTURE_RULES_AT );
Iterator list = registries.getDitStructureRuleRegistry().iterator();
while ( list.hasNext() )
@@ -683,9 +750,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "nameforms" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.NAME_FORMS_AT_OID ) )
{
- attr = new AttributeImpl( "nameForms" );
+ attr = new AttributeImpl( SchemaConstants.NAME_FORMS_AT );
Iterator list = registries.getNameFormRegistry().iterator();
while ( list.hasNext() )
@@ -697,44 +764,48 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "subtreespecification" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.SUBTREE_SPECIFICATION_AT_OID ) )
{
- attr = new AttributeImpl( "subtreeSpecification", "{}" );
+ attr = new AttributeImpl( SchemaConstants.SUBTREE_SPECIFICATION_AT, "{}" );
attrs.put( attr );
}
int minSetSize = 0;
- if ( set.contains( "+" ) )
+ if ( setOids.contains( "+" ) )
{
minSetSize++;
}
- if ( set.contains( "*" ) )
+ if ( setOids.contains( "*" ) )
{
minSetSize++;
}
- if ( set.contains( "ref" ) )
+ if ( setOids.contains( "ref" ) )
{
minSetSize++;
}
// add the objectClass attribute
- if ( set.contains( "*" ) || set.contains( "objectclass" ) || set.size() == minSetSize )
+ if ( setOids.contains( "*" ) ||
+ setOids.contains( SchemaConstants.OBJECT_CLASS_AT_OID ) ||
+ setOids.size() == minSetSize )
{
- attr = new AttributeImpl( "objectClass" );
- attr.add( "top" );
+ attr = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ attr.add( SchemaConstants.TOP_OC );
attr.add( "subschema" );
- attr.add( "subentry" );
+ attr.add( SchemaConstants.SUBENTRY_OC );
attr.add( "apacheSubschema" );
attrs.put( attr );
}
// add the cn attribute as required for the RDN
- if ( set.contains( "*" ) || set.contains( "cn" ) || set.contains( "commonname" ) || set.size() == minSetSize )
+ if ( setOids.contains( "*" ) ||
+ setOids.contains( SchemaConstants.CN_AT_OID ) ||
+ setOids.size() == minSetSize )
{
- attrs.put( "cn", "schema" );
+ attrs.put( SchemaConstants.CN_AT, "schema" );
}
// -------------------------------------------------------------------
@@ -744,28 +815,28 @@
// look up cn=schemaModifications,ou=schema and get values for the
// modifiers and creators operational information
- Attributes modificationAttributes = nexus.lookup( schemaModificationAttributesDN );
+ Attributes modificationAttributes = nexus.lookup( new LookupOperationContext( schemaModificationAttributesDN ) );
- if ( returnAllOperationalAttributes || set.contains( "createtimestamp" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.CREATE_TIMESTAMP_AT ) )
{
- attr = new AttributeImpl( "createTimestamp" );
+ attr = new AttributeImpl( SchemaConstants.CREATE_TIMESTAMP_AT );
AttributeType createTimestampAT = registries.
- getAttributeTypeRegistry().lookup( SystemSchemaConstants.CREATE_TIMESTAMP_AT );
+ getAttributeTypeRegistry().lookup( SchemaConstants.CREATE_TIMESTAMP_AT );
Attribute createTimestamp = AttributeUtils.getAttribute( modificationAttributes, createTimestampAT );
attr.add( createTimestamp.get() );
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "creatorsname" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.CREATORS_NAME_AT ) )
{
- attr = new AttributeImpl( "creatorsName" );
+ attr = new AttributeImpl( SchemaConstants.CREATORS_NAME_AT );
attr.add( PartitionNexus.ADMIN_PRINCIPAL );
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "modifytimestamp" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.MODIFY_TIMESTAMP_AT ) )
{
- attr = new AttributeImpl( "modifyTimestamp" );
+ attr = new AttributeImpl( SchemaConstants.MODIFY_TIMESTAMP_AT );
AttributeType schemaModifyTimestampAT = registries.
getAttributeTypeRegistry().lookup( ApacheSchemaConstants.SCHEMA_MODIFY_TIMESTAMP_AT );
Attribute schemaModifyTimestamp =
@@ -774,9 +845,9 @@
attrs.put( attr );
}
- if ( returnAllOperationalAttributes || set.contains( "modifiersname" ) )
+ if ( returnAllOperationalAttributes || setOids.contains( SchemaConstants.MODIFIERS_NAME_AT ) )
{
- attr = new AttributeImpl( "modifiersName" );
+ attr = new AttributeImpl( SchemaConstants.MODIFIERS_NAME_AT );
AttributeType schemaModifiersNameAT = registries.
getAttributeTypeRegistry().lookup( ApacheSchemaConstants.SCHEMA_MODIFIERS_NAME_AT );
Attribute schemaModifiersName =
@@ -792,20 +863,9 @@
/**
* Search for an entry, using its DN. Binary attributes and ObjectClass attribute are removed.
*/
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public Attributes lookup( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- Attributes result = nextInterceptor.lookup( name );
- filterBinaryAttributes( result );
- filterObjectClass( result );
- return result;
- }
-
- /**
- *
- */
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name, String[] attrIds ) throws NamingException
- {
- Attributes result = nextInterceptor.lookup( name, attrIds );
+ Attributes result = nextInterceptor.lookup( opContext );
if ( result == null )
{
@@ -824,7 +884,7 @@
for ( ObjectClass parent:oc.getSuperClasses() )
{
// Skip 'top'
- if ( "top".equals( parent.getName() ) )
+ if ( SchemaConstants.TOP_OC.equals( parent.getName() ) )
{
continue;
}
@@ -922,7 +982,7 @@
{
if ( ( changes == null ) && ( existing == null ) )
{
- return new AttributeImpl( "objectClass" );
+ return new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
}
if ( changes == null )
@@ -936,7 +996,7 @@
}
else if ( existing == null )
{
- return new AttributeImpl( "objectClasses" );
+ return new AttributeImpl( SchemaConstants.OBJECT_CLASSES_AT );
}
switch ( modOp )
@@ -971,12 +1031,12 @@
{
String objectClassName = (String)ocs.nextElement();
- if ( "top".equals( objectClassName ) )
+ if ( SchemaConstants.TOP_OC.equals( objectClassName ) )
{
continue;
}
- if ( "extensibleObject".equalsIgnoreCase( objectClassName ) )
+ if ( SchemaConstants.EXTENSIBLE_OBJECT_OC.equalsIgnoreCase( objectClassName ) )
{
hasExtensibleObject = true;
}
@@ -1027,7 +1087,7 @@
Set<String> allowed = new HashSet<String>( must );
// Add the 'ObjectClass' attribute ID
- allowed.add( registries.getOidRegistry().getOid( "ObjectClass" ) );
+ allowed.add( registries.getOidRegistry().getOid( SchemaConstants.OBJECT_CLASS_AT ) );
// Loop on all objectclasses
while ( objectClasses.hasMoreElements() )
@@ -1064,9 +1124,11 @@
private void alterObjectClasses( Attribute objectClassAttr ) throws NamingException
{
Set<String> objectClasses = new HashSet<String>();
+ Set<String> objectClassesUP = new HashSet<String>();
// Init the objectClass list with 'top'
- objectClasses.add( "top" );
+ objectClasses.add( SchemaConstants.TOP_OC );
+ objectClassesUP.add( SchemaConstants.TOP_OC );
// Construct the new list of ObjectClasses
NamingEnumeration ocList = objectClassAttr.getAll();
@@ -1075,7 +1137,7 @@
{
String ocName = ( String ) ocList.nextElement();
- if ( !ocName.equalsIgnoreCase( "top" ) )
+ if ( !ocName.equalsIgnoreCase( SchemaConstants.TOP_OC ) )
{
String ocLowerName = ocName.toLowerCase();
@@ -1084,6 +1146,7 @@
if ( !objectClasses.contains( ocLowerName ) )
{
objectClasses.add( ocLowerName );
+ objectClassesUP.add( ocName );
}
List<ObjectClass> ocSuperiors = superiors.get( objectClass.getOid() );
@@ -1095,6 +1158,7 @@
if ( !objectClasses.contains( oc.getName().toLowerCase() ) )
{
objectClasses.add( oc.getName() );
+ objectClassesUP.add( oc.getName() );
}
}
}
@@ -1104,235 +1168,69 @@
// Now, reset the ObjectClass attribute and put the new list into it
objectClassAttr.clear();
- for ( String attribute:objectClasses )
+ for ( String attribute:objectClassesUP )
{
objectClassAttr.add( attribute );
}
}
- /**
- * Check that the modify operations are allowed, and the conform to
- * the schema.
- *
- * @param next The next interceptor to call when we are done with the local operation
- * @param name The DN on which the modification is being done
- * @param modOp The modification. One of :
- * DirContext.ADD_ATTRIBUTE
- * DirContext.REMOVE_ATTRIBUTE
- * DirContext.REPLACE_ATTRIBUTE
- * @param mods The modifications to check. Each operation is atomic, and should
- * be applied to a copy of the entry, in order to check that the schema is not
- * violated at the end. For instance, we can't delete an attribute that does
- * not exist and add it later. The opposite is legal.
- *
- * @throws NamingException The generic exception we get if an illegal operation occurs
- * @throws LdapNameNotFoundException If we don't find the entry, then this exception is thrown.
- * @throws LdapInvalidAttributeIdentifierException The modified attribute is not known
- * by the schema, or the Entry is not extensible.
- * @throws LdapNoSuchAttributeException The modified Attribute does not exist in the
- * current entry or is not added by a previous modification operation.
- * @throws LdapSchemaViolationException Another schema violation occured.
- */
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException
- {
- Attributes entry = null;
-
- // handle operations against the schema subentry in the schema service
- // and never try to look it up in the nexus below
- if ( name.getNormName().equalsIgnoreCase( subschemaSubentryDn.getNormName() ) )
- {
- entry = getSubschemaEntry( schemaSubentryReturnAttributes );
- }
- else
- {
- entry = nexus.lookup( name );
- }
-
- Attributes targetEntry = SchemaUtils.getTargetEntry( modOp, mods, entry );
-
- if ( entry == null )
- {
- log.error( "No entry with this name :{}", name );
- throw new LdapNameNotFoundException( "The entry which name is " + name + " is not found." );
- }
-
- Attribute objectClass = getResultantObjectClasses( modOp, mods.get( "objectClass" ), entry.get( "objectClass" ) );
- ObjectClassRegistry ocRegistry = this.registries.getObjectClassRegistry();
- AttributeTypeRegistry atRegistry = this.registries.getAttributeTypeRegistry();
-
- NamingEnumeration changes = mods.getIDs();
-
- Attributes tmpEntryForAdd = ( Attributes ) entry.clone();
-
- while ( changes.hasMore() )
- {
- String id = ( String ) changes.next();
- Attribute change = mods.get( id );
-
- if ( !atRegistry.hasAttributeType( change.getID() ) && !objectClass.contains( "extensibleObject" ) )
- {
- throw new LdapInvalidAttributeIdentifierException( "unrecognized attributeID " + change.getID() );
- }
-
- if ( modOp == DirContext.ADD_ATTRIBUTE )
- {
- tmpEntryForAdd.put( change );
-
- if ( change.size() == 0 )
- {
- // not ok for add but ok for replace and delete
- throw new LdapInvalidAttributeValueException( "No value is not a valid value for an attribute.",
- ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX );
- }
- }
-
- if ( ( modOp == DirContext.REMOVE_ATTRIBUTE ) && ( entry.get( change.getID() ) == null ) )
- {
- throw new LdapNoSuchAttributeException();
- }
-
- // for required attributes we need to check if all values are removed
- // if so then we have a schema violation that must be thrown
- if ( ( modOp == DirContext.REMOVE_ATTRIBUTE ) && isRequired( change.getID(), objectClass )
- && isCompleteRemoval( change, entry ) )
- {
- throw new LdapSchemaViolationException( ResultCodeEnum.OBJECT_CLASS_VIOLATION );
- }
- }
-
- if ( modOp == DirContext.ADD_ATTRIBUTE )
- {
- assertNumberOfAttributeValuesValid( tmpEntryForAdd );
- }
-
- if ( modOp == DirContext.REMOVE_ATTRIBUTE )
- {
- SchemaChecker.preventRdnChangeOnModifyRemove( name, modOp, mods, registries.getOidRegistry() );
- SchemaChecker.preventStructuralClassRemovalOnModifyRemove( ocRegistry, name, modOp, mods, objectClass );
- }
-
- if ( modOp == DirContext.REPLACE_ATTRIBUTE )
- {
- SchemaChecker.preventRdnChangeOnModifyReplace( name, modOp, mods, registries.getOidRegistry() );
- SchemaChecker.preventStructuralClassRemovalOnModifyReplace( ocRegistry, name, modOp, mods );
- assertNumberOfAttributeValuesValid( mods );
- }
-
- // let's figure out if we need to add or take away from mods to maintain
- // the objectClass attribute with it's hierarchy of ancestors
- if ( mods.get( "objectClass" ) != null )
- {
- Attribute alteredObjectClass = ( Attribute ) objectClass.clone();
- alterObjectClasses( alteredObjectClass );
-
- if ( !alteredObjectClass.equals( objectClass ) )
- {
- Attribute ocMods = mods.get( "objectClass" );
-
- switch ( modOp )
- {
- case ( DirContext.ADD_ATTRIBUTE ):
- if ( ocMods.contains( "top" ) )
- {
- ocMods.remove( "top" );
- }
-
- for ( int ii = 0; ii < alteredObjectClass.size(); ii++ )
- {
- if ( !objectClass.contains( alteredObjectClass.get( ii ) ) )
- {
- ocMods.add( alteredObjectClass.get( ii ) );
- }
- }
-
- break;
-
- case ( DirContext.REMOVE_ATTRIBUTE ):
- for ( int ii = 0; ii < alteredObjectClass.size(); ii++ )
- {
- if ( !objectClass.contains( alteredObjectClass.get( ii ) ) )
- {
- ocMods.remove( alteredObjectClass.get( ii ) );
- }
- }
-
- break;
-
- case ( DirContext.REPLACE_ATTRIBUTE ):
- for ( int ii = 0; ii < alteredObjectClass.size(); ii++ )
- {
- if ( !objectClass.contains( alteredObjectClass.get( ii ) ) )
- {
- ocMods.add( alteredObjectClass.get( ii ) );
- }
- }
-
- break;
-
- default:
- break;
- }
- }
- }
-
- if ( name.startsWith( schemaBaseDN ) )
- {
- schemaManager.modify( name, modOp, mods, entry, targetEntry );
- }
- else if ( subschemaSubentryDn.getNormName().equals( name.getNormName() ) )
- {
- schemaManager.modifySchemaSubentry( name, modOp, mods, entry, targetEntry );
- return;
- }
-
- next.modify( name, modOp, mods );
- }
-
-
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
- Attributes entry = nexus.lookup( oriChildName );
+ LdapDN oriChildName = opContext.getDn();
+
+ Attributes entry = nexus.lookup( new LookupOperationContext( oriChildName ) );
if ( oriChildName.startsWith( schemaBaseDN ) )
{
- schemaManager.move( oriChildName, newParentName, newRn, deleteOldRn, entry );
+ schemaManager.move( oriChildName,
+ ((MoveAndRenameOperationContext)opContext).getParent(),
+ ((MoveAndRenameOperationContext)opContext).getNewRdn(),
+ ((MoveAndRenameOperationContext)opContext).getDelOldDn(), entry );
}
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
+ next.moveAndRename( opContext );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- Attributes entry = nexus.lookup( oriChildName );
+ LdapDN oriChildName = opContext.getDn();
+
+ Attributes entry = nexus.lookup( new LookupOperationContext( oriChildName ) );
if ( oriChildName.startsWith( schemaBaseDN ) )
{
- schemaManager.move( oriChildName, newParentName, entry );
+ schemaManager.replace( oriChildName, ((MoveOperationContext)opContext).getParent(), entry );
}
- next.move( oriChildName, newParentName );
+ next.move( opContext );
}
- public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
+ public void rename( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- Attributes entry = nexus.lookup( name );
+ LdapDN name = opContext.getDn();
+ String newRdn = ((RenameOperationContext)opContext).getNewRdn();
+ boolean deleteOldRn = ((RenameOperationContext)opContext).getDelOldDn();
+
+ Attributes entry = nexus.lookup( new LookupOperationContext( name ) );
if ( name.startsWith( schemaBaseDN ) )
{
- schemaManager.modifyRn( name, newRn, deleteOldRn, entry );
+ schemaManager.modifyRn( name, newRdn, deleteOldRn, entry );
}
- next.modifyRn( name, newRn, deleteOldRn );
+ next.rename( opContext );
}
private final static String[] schemaSubentryReturnAttributes = new String[] { "+", "*" };
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] mods ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
Attributes entry = null;
+ LdapDN name = opContext.getDn();
+ ModificationItemImpl[] mods = ((ModifyOperationContext)opContext).getModItems();
// handle operations against the schema subentry in the schema service
// and never try to look it up in the nexus below
@@ -1342,7 +1240,7 @@
}
else
{
- entry = nexus.lookup( name );
+ entry = nexus.lookup( new LookupOperationContext( name ) );
}
// First, we get the entry from the backend. If it does not exist, then we throw an exception
@@ -1368,7 +1266,7 @@
// @TODO : check if we can remove this test.
for ( ModificationItemImpl mod:mods )
{
- if ( mod.getAttribute().getID().equalsIgnoreCase( "objectclass" ) )
+ if ( mod.getAttribute().getID().equalsIgnoreCase( SchemaConstants.OBJECT_CLASS_AT ) )
{
objectClassMod = mod;
}
@@ -1405,12 +1303,12 @@
if ( objectClassMod == null )
{
- objectClass = entry.get( "objectClass" );
+ objectClass = entry.get( SchemaConstants.OBJECT_CLASS_AT );
}
else
{
objectClass = getResultantObjectClasses( objectClassMod.getModificationOp(), objectClassMod.getAttribute(),
- entry.get( "objectClass" ) );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ) );
}
ObjectClassRegistry ocRegistry = this.registries.getObjectClassRegistry();
@@ -1436,7 +1334,8 @@
int modOp = mod.getModificationOp();
Attribute change = mod.getAttribute();
- if ( !atRegistry.hasAttributeType( change.getID() ) && !objectClass.contains( "extensibleObject" ) )
+ if ( !atRegistry.hasAttributeType( change.getID() ) &&
+ !objectClass.contains( SchemaConstants.EXTENSIBLE_OBJECT_OC ) )
{
throw new LdapInvalidAttributeIdentifierException();
}
@@ -1582,9 +1481,9 @@
switch ( objectClassMod.getModificationOp() )
{
case ( DirContext.ADD_ATTRIBUTE ):
- if ( ocMods.contains( "top" ) )
+ if ( ocMods.contains( SchemaConstants.TOP_OC ) )
{
- ocMods.remove( "top" );
+ ocMods.remove( SchemaConstants.TOP_OC );
}
for ( int ii = 0; ii < alteredObjectClass.size(); ii++ )
@@ -1634,22 +1533,22 @@
return;
}
- next.modify( name, mods );
+ next.modify( opContext );
}
private void filterObjectClass( Attributes entry ) throws NamingException
{
List<ObjectClass> objectClasses = new ArrayList<ObjectClass>();
- Attribute oc = entry.get( "objectClass" );
+ Attribute oc = entry.get( SchemaConstants.OBJECT_CLASS_AT );
if ( oc != null )
{
getObjectClasses( oc, objectClasses );
- entry.remove( "objectClass" );
+ entry.remove( SchemaConstants.OBJECT_CLASS_AT );
- Attribute newOc = new AttributeImpl( "ObjectClass" );
+ Attribute newOc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
for ( Object currentOC:objectClasses )
{
@@ -1663,7 +1562,7 @@
}
}
- newOc.add( "top" );
+ newOc.add( SchemaConstants.TOP_OC );
entry.put( newOc );
}
}
@@ -1693,6 +1592,7 @@
}
asBinary = !type.getSyntax().isHumanReadible();
+ asBinary = asBinary || ( ( binaries != null ) && ( binaries.contains( type ) ) );
asBinary = asBinary || binaries.contains( type );
if ( asBinary )
@@ -1754,6 +1654,8 @@
/**
* Check that all the attributes exist in the schema for this entry.
+ *
+ * We also check the syntaxes
*/
private void check( LdapDN dn, Attributes entry ) throws NamingException
{
@@ -1780,7 +1682,7 @@
// 3-1) Except if the extensibleObject ObjectClass is used
// 3-2) or if the AttributeType is COLLECTIVE
// 4) We also check that for H-R attributes, we have a valid String in the values
- Attribute objectClassAttr = entry.get( "objectClass" );
+ Attribute objectClassAttr = entry.get( SchemaConstants.OBJECT_CLASS_AT );
List<ObjectClass> ocs = new ArrayList<ObjectClass>();
alterObjectClasses( objectClassAttr );
@@ -1800,21 +1702,27 @@
// Check the attributes values and transform them to String if necessary
assertHumanReadible( entry );
+
+ // Now check the syntaxes
+ assertSyntaxes( entry );
}
/**
* Check that all the attributes exist in the schema for this entry.
*/
- public void add( NextInterceptor next, LdapDN normName, Attributes attrs ) throws NamingException
+ public void add( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- check( normName, attrs );
+ LdapDN name = opContext.getDn();
+ Attributes attrs = ((AddOperationContext)opContext).getEntry();
+
+ check( name, attrs );
- if ( normName.startsWith( schemaBaseDN ) )
+ if ( name.startsWith( schemaBaseDN ) )
{
- schemaManager.add( normName, attrs );
+ schemaManager.add( name, attrs );
}
- next.add( normName, attrs );
+ next.add( opContext );
}
@@ -1831,9 +1739,9 @@
{
// Never check the attributes if the extensibleObject objectClass is
// declared for this entry
- Attribute objectClass = attributes.get( "objectClass" );
+ Attribute objectClass = attributes.get( SchemaConstants.OBJECT_CLASS_AT );
- if ( AttributeUtils.containsValueCaseIgnore( objectClass, "extensibleObject" ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClass, SchemaConstants.EXTENSIBLE_OBJECT_OC ) )
{
return;
}
@@ -1861,16 +1769,17 @@
}
- public void delete( NextInterceptor next, LdapDN normName ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- Attributes entry = nexus.lookup( normName );
+ LdapDN name = opContext.getDn();
+ Attributes entry = nexus.lookup( new LookupOperationContext( name ) );
- if ( normName.startsWith( schemaBaseDN ) )
+ if ( name.startsWith( schemaBaseDN ) )
{
- schemaManager.delete( normName, entry );
+ schemaManager.delete( name, entry );
}
- next.delete( normName );
+ next.delete( opContext );
}
@@ -1929,6 +1838,53 @@
/**
+ * Check the entry attributes syntax, using the syntaxCheckers
+ */
+ private void assertSyntaxes( Attributes entry ) throws NamingException
+ {
+ NamingEnumeration attributes = entry.getAll();
+
+ // First, loop on all attributes
+ while ( attributes.hasMoreElements() )
+ {
+ Attribute attribute = ( Attribute ) attributes.nextElement();
+
+ AttributeType attributeType = registries.getAttributeTypeRegistry().lookup( attribute.getID() );
+ SyntaxChecker syntaxChecker = registries.getSyntaxCheckerRegistry().lookup( attributeType.getSyntax().getOid() );
+
+ if ( syntaxChecker instanceof AcceptAllSyntaxChecker )
+ {
+ // This is a speedup : no need to check the syntax of any value
+ // if all the sytanxes are accepted...
+ continue;
+ }
+
+ NamingEnumeration<?> values = attribute.getAll();
+
+ // Then loop on all values
+ while ( values.hasMoreElements() )
+ {
+ Object value = values.nextElement();
+
+ try
+ {
+ syntaxChecker.assertSyntax( value );
+ }
+ catch ( NamingException ne )
+ {
+ String message = "Attribute value '" +
+ (value instanceof String ? value : StringTools.dumpBytes( (byte[])value ) ) +
+ "' for attribute '" + attribute.getID() + "' is syntaxically incorrect";
+ log.info( message );
+
+ throw new LdapInvalidAttributeValueException( message, ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX );
+
+ }
+ }
+ }
+ }
+
+ /**
* Check that all the attribute's values which are Human Readible can be transformed
* to valid String if they are stored as byte[].
*/
@@ -1945,7 +1901,7 @@
AttributeType attributeType = registries.getAttributeTypeRegistry().lookup( attribute.getID() );
- // If the attributeType is H-R, check alll of its values
+ // If the attributeType is H-R, check all of its values
if ( attributeType.getSyntax().isHumanReadible() )
{
Enumeration values = attribute.getAll();
diff --git a/core/src/main/java/org/apache/directory/server/core/schema/SchemaSubentryModifier.java b/core/src/main/java/org/apache/directory/server/core/schema/SchemaSubentryModifier.java
index 08946f9..a047fbf 100644
--- a/core/src/main/java/org/apache/directory/server/core/schema/SchemaSubentryModifier.java
+++ b/core/src/main/java/org/apache/directory/server/core/schema/SchemaSubentryModifier.java
@@ -28,11 +28,18 @@
import javax.naming.directory.Attributes;
import org.apache.directory.server.constants.MetaSchemaConstants;
-import org.apache.directory.server.constants.SystemSchemaConstants;
+import org.apache.directory.server.core.authn.AuthenticationService;
+import org.apache.directory.server.core.authz.AuthorizationService;
+import org.apache.directory.server.core.authz.DefaultAuthorizationService;
+import org.apache.directory.server.core.exception.ExceptionService;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.DeleteOperationContext;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.server.core.referral.ReferralService;
import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.utils.AttributesFactory;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.AttributeType;
@@ -65,12 +72,12 @@
static
{
Set<String> bypass = new HashSet<String>();
- bypass.add( "authenticationService" );
- bypass.add( "referralService" );
- bypass.add( "authorizationService" );
- bypass.add( "defaultAuthorizationService" );
- bypass.add( "exceptionService" );
- bypass.add( "schemaService" );
+ bypass.add( AuthenticationService.NAME );
+ bypass.add( ReferralService.NAME );
+ bypass.add( AuthorizationService.NAME );
+ bypass.add( DefaultAuthorizationService.NAME );
+ bypass.add( ExceptionService.NAME );
+ bypass.add( SchemaService.NAME );
BYPASS = Collections.unmodifiableCollection( bypass );
}
@@ -95,31 +102,31 @@
}
else if ( obj instanceof MatchingRule )
{
- buf.append( "matchingRules" );
+ buf.append( SchemaConstants.MATCHING_RULES_AT );
}
else if ( obj instanceof AttributeType )
{
- buf.append( "attributeTypes" );
+ buf.append( SchemaConstants.ATTRIBUTE_TYPES_AT );
}
else if ( obj instanceof ObjectClass )
{
- buf.append( "objectClasses" );
+ buf.append( SchemaConstants.OBJECT_CLASSES_AT );
}
else if ( obj instanceof MatchingRuleUse )
{
- buf.append( "matchingRuleUses" );
+ buf.append( SchemaConstants.MATCHING_RULE_USE_AT );
}
else if ( obj instanceof DITStructureRule )
{
- buf.append( "ditStructureRules" );
+ buf.append( SchemaConstants.DIT_STRUCTURE_RULES_AT );
}
else if ( obj instanceof DITContentRule )
{
- buf.append( "ditContentRules" );
+ buf.append( SchemaConstants.DIT_CONTENT_RULES_AT );
}
else if ( obj instanceof NameForm )
{
- buf.append( "nameForms" );
+ buf.append( SchemaConstants.NAME_FORMS_AT );
}
buf.append( ",cn=" ).append( obj.getSchema() ).append( ",ou=schema" );
@@ -133,7 +140,7 @@
Schema schema = dao.getSchema( obj.getSchema() );
LdapDN dn = getDn( obj );
Attributes attrs = factory.getAttributes( obj, schema );
- proxy.add( dn, attrs, BYPASS );
+ proxy.add( new AddOperationContext( dn, attrs ), BYPASS );
}
@@ -141,7 +148,7 @@
{
PartitionNexusProxy proxy = InvocationStack.getInstance().peek().getProxy();
LdapDN dn = getDn( obj );
- proxy.delete( dn, BYPASS );
+ proxy.delete( new DeleteOperationContext( dn ), BYPASS );
}
@@ -151,7 +158,7 @@
PartitionNexusProxy proxy = InvocationStack.getInstance().peek().getProxy();
LdapDN dn = new LdapDN( "m-oid=" + normalizerDescription.getNumericOid() + ",ou=normalizers,cn="
+ schemaName + ",ou=schema" );
- proxy.delete( dn, BYPASS );
+ proxy.delete( new DeleteOperationContext( dn ), BYPASS );
}
@@ -161,7 +168,7 @@
PartitionNexusProxy proxy = InvocationStack.getInstance().peek().getProxy();
LdapDN dn = new LdapDN( "m-oid=" + syntaxCheckerDescription.getNumericOid() + ",ou=syntaxCheckers,cn="
+ schemaName + ",ou=schema" );
- proxy.delete( dn, BYPASS );
+ proxy.delete( new DeleteOperationContext( dn ), BYPASS );
}
@@ -171,7 +178,7 @@
PartitionNexusProxy proxy = InvocationStack.getInstance().peek().getProxy();
LdapDN dn = new LdapDN( "m-oid=" + comparatorDescription.getNumericOid() + ",ou=comparators,cn="
+ schemaName + ",ou=schema" );
- proxy.delete( dn, BYPASS );
+ proxy.delete( new DeleteOperationContext( dn ), BYPASS );
}
@@ -182,15 +189,15 @@
LdapDN dn = new LdapDN( "m-oid=" + comparatorDescription.getNumericOid() + ",ou=comparators,cn="
+ schemaName + ",ou=schema" );
Attributes attrs = getAttributes( comparatorDescription );
- proxy.add( dn, attrs, BYPASS );
+ proxy.add( new AddOperationContext( dn, attrs ), BYPASS );
}
private Attributes getAttributes( ComparatorDescription comparatorDescription )
{
- AttributesImpl attributes = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- attributes.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "metaTop" );
- attributes.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "metaComparator" );
+ AttributesImpl attributes = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ attributes.get( SchemaConstants.OBJECT_CLASS_AT ).add( "metaTop" );
+ attributes.get( SchemaConstants.OBJECT_CLASS_AT ).add( "metaComparator" );
attributes.put( MetaSchemaConstants.M_OID_AT, comparatorDescription.getNumericOid() );
attributes.put( MetaSchemaConstants.M_FQCN_AT, comparatorDescription.getFqcn() );
@@ -216,15 +223,15 @@
LdapDN dn = new LdapDN( "m-oid=" + normalizerDescription.getNumericOid() + ",ou=normalizers,cn="
+ schemaName + ",ou=schema" );
Attributes attrs = getAttributes( normalizerDescription );
- proxy.add( dn, attrs, BYPASS );
+ proxy.add( new AddOperationContext( dn, attrs ), BYPASS );
}
private Attributes getAttributes( NormalizerDescription normalizerDescription )
{
- AttributesImpl attributes = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- attributes.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "metaTop" );
- attributes.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "metaNormalizer" );
+ AttributesImpl attributes = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ attributes.get( SchemaConstants.OBJECT_CLASS_AT ).add( "metaTop" );
+ attributes.get( SchemaConstants.OBJECT_CLASS_AT ).add( "metaNormalizer" );
attributes.put( MetaSchemaConstants.M_OID_AT, normalizerDescription.getNumericOid() );
attributes.put( MetaSchemaConstants.M_FQCN_AT, normalizerDescription.getFqcn() );
@@ -250,7 +257,7 @@
LdapDN dn = new LdapDN( "m-oid=" + syntaxCheckerDescription.getNumericOid() + ",ou=syntaxCheckers,cn="
+ schemaName + ",ou=schema" );
Attributes attrs = getAttributes( syntaxCheckerDescription );
- proxy.add( dn, attrs, BYPASS );
+ proxy.add( new AddOperationContext( dn, attrs ), BYPASS );
}
@@ -267,9 +274,9 @@
private Attributes getAttributes( SyntaxCheckerDescription syntaxCheckerDescription )
{
- AttributesImpl attributes = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- attributes.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "metaTop" );
- attributes.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "metaSyntaxChecker" );
+ AttributesImpl attributes = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ attributes.get( SchemaConstants.OBJECT_CLASS_AT ).add( "metaTop" );
+ attributes.get( SchemaConstants.OBJECT_CLASS_AT ).add( "metaSyntaxChecker" );
attributes.put( MetaSchemaConstants.M_OID_AT, syntaxCheckerDescription.getNumericOid() );
attributes.put( MetaSchemaConstants.M_FQCN_AT, syntaxCheckerDescription.getFqcn() );
diff --git a/core/src/main/java/org/apache/directory/server/core/sp/LdapClassLoader.java b/core/src/main/java/org/apache/directory/server/core/sp/LdapClassLoader.java
index db491e2..906abff 100644
--- a/core/src/main/java/org/apache/directory/server/core/sp/LdapClassLoader.java
+++ b/core/src/main/java/org/apache/directory/server/core/sp/LdapClassLoader.java
@@ -29,6 +29,7 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.jndi.ServerLdapContext;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.filter.AssertionEnum;
import org.apache.directory.shared.ldap.filter.BranchNode;
import org.apache.directory.shared.ldap.filter.SimpleNode;
@@ -73,7 +74,7 @@
BranchNode filter = new BranchNode( AssertionEnum.AND );
filter.addNode( new SimpleNode( "fullyQualifiedJavaClassName", name, AssertionEnum.EQUALITY ) );
- filter.addNode( new SimpleNode( "objectClass", "javaClass", AssertionEnum.EQUALITY ) );
+ filter.addNode( new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, "javaClass", AssertionEnum.EQUALITY ) );
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
diff --git a/core/src/main/java/org/apache/directory/server/core/subtree/RefinementEvaluator.java b/core/src/main/java/org/apache/directory/server/core/subtree/RefinementEvaluator.java
index e393cf9..ecc9812 100644
--- a/core/src/main/java/org/apache/directory/server/core/subtree/RefinementEvaluator.java
+++ b/core/src/main/java/org/apache/directory/server/core/subtree/RefinementEvaluator.java
@@ -20,6 +20,7 @@
package org.apache.directory.server.core.subtree;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.filter.BranchNode;
import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.filter.SimpleNode;
@@ -61,7 +62,7 @@
{
throw new IllegalArgumentException( "objectClasses cannot be null" );
}
- if ( !objectClasses.getID().equalsIgnoreCase( "objectClass" ) )
+ if ( !objectClasses.getID().equalsIgnoreCase( SchemaConstants.OBJECT_CLASS_AT ) )
{
throw new IllegalArgumentException( "Attribute objectClasses should be of id 'objectClass'" );
}
diff --git a/core/src/main/java/org/apache/directory/server/core/subtree/RefinementLeafEvaluator.java b/core/src/main/java/org/apache/directory/server/core/subtree/RefinementLeafEvaluator.java
index b7c69b5..9a39d19 100644
--- a/core/src/main/java/org/apache/directory/server/core/subtree/RefinementLeafEvaluator.java
+++ b/core/src/main/java/org/apache/directory/server/core/subtree/RefinementLeafEvaluator.java
@@ -21,6 +21,7 @@
import org.apache.directory.server.schema.registries.OidRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.filter.AssertionEnum;
import org.apache.directory.shared.ldap.filter.SimpleNode;
import org.apache.directory.shared.ldap.util.StringTools;
@@ -75,7 +76,7 @@
{
throw new NamingException( "Unrecognized assertion type for refinement node: " + node.getAssertionType() );
}
- if ( !node.getAttribute().equalsIgnoreCase( "objectclass" ) )
+ if ( !node.getAttribute().equalsIgnoreCase( SchemaConstants.OBJECT_CLASS_AT ) )
{
throw new NamingException( "Refinement leaf node attribute was " + node.getAttribute() );
}
@@ -84,7 +85,7 @@
{
throw new IllegalArgumentException( "objectClasses argument cannot be null" );
}
- if ( !objectClasses.getID().equalsIgnoreCase( "objectclass" ) )
+ if ( !objectClasses.getID().equalsIgnoreCase( SchemaConstants.OBJECT_CLASS_AT ) )
{
throw new IllegalArgumentException( "objectClasses attribute must be for ID 'objectClass'" );
}
diff --git a/core/src/main/java/org/apache/directory/server/core/subtree/SubentryService.java b/core/src/main/java/org/apache/directory/server/core/subtree/SubentryService.java
index 4459c00..266515d 100644
--- a/core/src/main/java/org/apache/directory/server/core/subtree/SubentryService.java
+++ b/core/src/main/java/org/apache/directory/server/core/subtree/SubentryService.java
@@ -25,18 +25,37 @@
import java.util.List;
import java.util.Map;
+import javax.naming.Name;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
+import javax.naming.ldap.Control;
+import javax.naming.ldap.LdapContext;
+
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
import org.apache.directory.server.core.enumeration.SearchResultFilter;
import org.apache.directory.server.core.enumeration.SearchResultFilteringEnumeration;
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
-
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapInvalidAttributeValueException;
import org.apache.directory.shared.ldap.exception.LdapNoSuchAttributeException;
import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
@@ -55,21 +74,9 @@
import org.apache.directory.shared.ldap.subtree.SubtreeSpecification;
import org.apache.directory.shared.ldap.subtree.SubtreeSpecificationParser;
import org.apache.directory.shared.ldap.util.AttributeUtils;
-
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-import javax.naming.ldap.Control;
-import javax.naming.ldap.LdapContext;
-import javax.naming.NamingException;
-import javax.naming.NamingEnumeration;
-import javax.naming.Name;
-
/**
* The Subentry interceptor service which is responsible for filtering
@@ -80,12 +87,11 @@
*/
public class SubentryService extends BaseInterceptor
{
+ /** The service name */
+ public static final String NAME = "subentryService";
+
/** the subentry control OID */
private static final String SUBENTRY_CONTROL = SubentriesControl.CONTROL_OID;
- /** the objectClass value for a subentry */
- private static final String SUBENTRY_OBJECTCLASS = "subentry";
- /** the objectClass OID for a subentry */
- private static final String SUBENTRY_OBJECTCLASS_OID = "2.5.17.0";
public static final String AC_AREA = "accessControlSpecificArea";
public static final String AC_INNERAREA = "accessControlInnerArea";
@@ -129,7 +135,7 @@
this.oidRegistry = factoryCfg.getRegistries().getOidRegistry();
// setup various attribute type values
- objectClassType = attrRegistry.lookup( oidRegistry.getOid( "objectClass" ) );
+ objectClassType = attrRegistry.lookup( oidRegistry.getOid( SchemaConstants.OBJECT_CLASS_AT ) );
ssParser = new SubtreeSpecificationParser( new NormalizerMappingResolver()
{
@@ -141,11 +147,11 @@
evaluator = new SubtreeEvaluator( factoryCfg.getRegistries().getOidRegistry(), factoryCfg.getRegistries().getAttributeTypeRegistry() );
// prepare to find all subentries in all namingContexts
- Iterator suffixes = this.nexus.listSuffixes();
- ExprNode filter = new SimpleNode( "objectclass", "subentry", AssertionEnum.EQUALITY );
+ Iterator suffixes = this.nexus.listSuffixes( null );
+ ExprNode filter = new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.SUBENTRY_OC, AssertionEnum.EQUALITY );
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
- controls.setReturningAttributes( new String[] { "subtreeSpecification", "objectClass" } );
+ controls.setReturningAttributes( new String[] { SchemaConstants.SUBTREE_SPECIFICATION_AT, SchemaConstants.OBJECT_CLASS_AT } );
// search each namingContext for subentries
while ( suffixes.hasNext() )
@@ -153,13 +159,14 @@
LdapDN suffix = new LdapDN( ( String ) suffixes.next() );
//suffix = LdapDN.normalize( suffix, registry.getNormalizerMapping() );
suffix.normalize( attrRegistry.getNormalizerMapping() );
- NamingEnumeration subentries = nexus.search( suffix, factoryCfg.getEnvironment(), filter, controls );
+ NamingEnumeration subentries = nexus.search(
+ new SearchOperationContext( suffix, factoryCfg.getEnvironment(), filter, controls ) );
while ( subentries.hasMore() )
{
SearchResult result = ( SearchResult ) subentries.next();
Attributes subentry = result.getAttributes();
String dn = result.getName();
- String subtree = ( String ) subentry.get( "subtreeSpecification" ).get();
+ String subtree = ( String ) subentry.get( SchemaConstants.SUBTREE_SPECIFICATION_AT ).get();
SubtreeSpecification ss;
try
@@ -185,7 +192,7 @@
{
int types = 0;
- Attribute oc = subentry.get( "objectClass" );
+ Attribute oc = subentry.get( SchemaConstants.OBJECT_CLASS_AT );
if ( oc == null )
{
throw new LdapSchemaViolationException( "A subentry must have an objectClass attribute",
@@ -220,26 +227,26 @@
// Methods/Code dealing with Subentry Visibility
// -----------------------------------------------------------------------
- public NamingEnumeration list( NextInterceptor nextInterceptor, LdapDN base ) throws NamingException
+ public NamingEnumeration list( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- NamingEnumeration e = nextInterceptor.list( base );
+ NamingEnumeration e = nextInterceptor.list( opContext );
Invocation invocation = InvocationStack.getInstance().peek();
if ( !isSubentryVisible( invocation ) )
{
return new SearchResultFilteringEnumeration( e, new SearchControls(), invocation,
- new HideSubentriesFilter() );
+ new HideSubentriesFilter(), "List Subentry filter" );
}
return e;
}
- public NamingEnumeration search( NextInterceptor nextInterceptor, LdapDN base, Map env, ExprNode filter,
- SearchControls searchCtls ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor nextInterceptor, OperationContext opContext ) throws NamingException
{
- NamingEnumeration e = nextInterceptor.search( base, env, filter, searchCtls );
+ NamingEnumeration e = nextInterceptor.search( opContext );
Invocation invocation = InvocationStack.getInstance().peek();
+ SearchControls searchCtls = ((SearchOperationContext)opContext).getSearchControls();
// object scope searches by default return subentries
if ( searchCtls.getSearchScope() == SearchControls.OBJECT_SCOPE )
@@ -250,11 +257,11 @@
// for subtree and one level scope we filter
if ( !isSubentryVisible( invocation ) )
{
- return new SearchResultFilteringEnumeration( e, searchCtls, invocation, new HideSubentriesFilter() );
+ return new SearchResultFilteringEnumeration( e, searchCtls, invocation, new HideSubentriesFilter(), "Search Subentry filter hide subentries" );
}
else
{
- return new SearchResultFilteringEnumeration( e, searchCtls, invocation, new HideEntriesFilter() );
+ return new SearchResultFilteringEnumeration( e, searchCtls, invocation, new HideEntriesFilter(), "Search Subentry filter hide entries");
}
}
@@ -369,16 +376,19 @@
}
- public void add( NextInterceptor next, LdapDN normName, Attributes entry ) throws NamingException
+ public void add( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- Attribute objectClasses = entry.get( "objectClass" );
+ LdapDN name = opContext.getDn();
+ Attributes entry = ((AddOperationContext)opContext).getEntry();
+
+ Attribute objectClasses = entry.get( SchemaConstants.OBJECT_CLASS_AT );
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, "subentry" ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC ) )
{
// get the name of the administrative point and its administrativeRole attributes
- LdapDN apName = ( LdapDN ) normName.clone();
- apName.remove( normName.size() - 1 );
- Attributes ap = nexus.lookup( apName );
+ LdapDN apName = ( LdapDN ) name.clone();
+ apName.remove( name.size() - 1 );
+ Attributes ap = nexus.lookup( new LookupOperationContext( apName ) );
Attribute administrativeRole = ap.get( "administrativeRole" );
// check that administrativeRole has something valid in it for us
@@ -400,7 +410,7 @@
*/
Subentry subentry = new Subentry();
subentry.setTypes( getSubentryTypes( entry ) );
- Attributes operational = getSubentryOperatationalAttributes( normName, subentry );
+ Attributes operational = getSubentryOperatationalAttributes( name, subentry );
/* ----------------------------------------------------------------
* Parse the subtreeSpecification of the subentry and add it to the
@@ -409,20 +419,22 @@
* to modify the subentry operational attributes of.
* ----------------------------------------------------------------
*/
- String subtree = ( String ) entry.get( "subtreeSpecification" ).get();
+ String subtree = ( String ) entry.get( SchemaConstants.SUBTREE_SPECIFICATION_AT ).get();
SubtreeSpecification ss;
+
try
{
ss = ssParser.parse( subtree );
}
catch ( Exception e )
{
- String msg = "Failed while parsing subtreeSpecification for " + normName.getUpName();
+ String msg = "Failed while parsing subtreeSpecification for " + name.getUpName();
log.warn( msg );
throw new LdapInvalidAttributeValueException( msg, ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX );
}
- subentryCache.setSubentry( normName.toString(), ss, getSubentryTypes( entry ) );
- next.add(normName, entry );
+
+ subentryCache.setSubentry( name.getNormName(), ss, getSubentryTypes( entry ) );
+ next.add( opContext );
/* ----------------------------------------------------------------
* Find the baseDn for the subentry and use that to search the tree
@@ -435,13 +447,16 @@
LdapDN baseDn = ( LdapDN ) apName.clone();
baseDn.addAll( ss.getBase() );
- ExprNode filter = new PresenceNode( "2.5.4.0" ); // (objectClass=*)
+ ExprNode filter = new PresenceNode( SchemaConstants.OBJECT_CLASS_AT_OID ); // (objectClass=*)
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setReturningAttributes( new String[]
{ "+", "*" } );
- NamingEnumeration subentries = nexus.search( baseDn, factoryCfg.getEnvironment(), filter, controls );
+ NamingEnumeration subentries =
+ nexus.search(
+ new SearchOperationContext( baseDn, factoryCfg.getEnvironment(), filter, controls ) );
+
while ( subentries.hasMore() )
{
SearchResult result = ( SearchResult ) subentries.next();
@@ -451,13 +466,14 @@
if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
- nexus.modify( dn, getOperationalModsForAdd( candidate, operational ) );
+ nexus.modify( new ModifyOperationContext( dn, getOperationalModsForAdd( candidate, operational ) ));
}
}
}
else
{
Iterator list = subentryCache.nameIterator();
+
while ( list.hasNext() )
{
String subentryDnStr = ( String ) list.next();
@@ -467,54 +483,65 @@
Subentry subentry = subentryCache.getSubentry( subentryDnStr );
SubtreeSpecification ss = subentry.getSubtreeSpecification();
- if ( evaluator.evaluate( ss, apDn, normName, entry ) )
+ if ( evaluator.evaluate( ss, apDn, name, entry ) )
{
Attribute operational;
if ( subentry.isAccessControlSubentry() )
{
operational = entry.get( AC_SUBENTRIES );
+
if ( operational == null )
{
operational = new AttributeImpl( AC_SUBENTRIES );
entry.put( operational );
}
+
operational.add( subentryDn.toString() );
}
+
if ( subentry.isSchemaSubentry() )
{
operational = entry.get( SCHEMA_SUBENTRY );
+
if ( operational == null )
{
operational = new AttributeImpl( SCHEMA_SUBENTRY );
entry.put( operational );
}
+
operational.add( subentryDn.toString() );
}
+
if ( subentry.isCollectiveSubentry() )
{
operational = entry.get( COLLECTIVE_ATTRIBUTE_SUBENTRIES );
+
if ( operational == null )
{
operational = new AttributeImpl( COLLECTIVE_ATTRIBUTE_SUBENTRIES );
entry.put( operational );
}
+
operational.add( subentryDn.toString() );
}
+
if ( subentry.isTriggerSubentry() )
{
operational = entry.get( TRIGGER_SUBENTRIES );
+
if ( operational == null )
{
operational = new AttributeImpl( TRIGGER_SUBENTRIES );
entry.put( operational );
}
+
operational.add( subentryDn.toString() );
}
}
}
- next.add(normName, entry );
+ next.add( opContext );
}
}
@@ -523,15 +550,16 @@
// Methods dealing subentry deletion
// -----------------------------------------------------------------------
- public void delete( NextInterceptor next, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- Attributes entry = nexus.lookup( name );
+ LdapDN name = opContext.getDn();
+ Attributes entry = nexus.lookup( new LookupOperationContext( name ) );
Attribute objectClasses = AttributeUtils.getAttribute( entry, objectClassType );
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, "subentry" ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC ) )
{
SubtreeSpecification ss = subentryCache.removeSubentry( name.toNormName() ).getSubtreeSpecification();
- next.delete( name );
+ next.delete( opContext );
/* ----------------------------------------------------------------
* Find the baseDn for the subentry and use that to search the tree
@@ -546,13 +574,16 @@
LdapDN baseDn = ( LdapDN ) apName.clone();
baseDn.addAll( ss.getBase() );
- ExprNode filter = new PresenceNode( oidRegistry.getOid( "objectclass" ) );
+ ExprNode filter = new PresenceNode( oidRegistry.getOid( SchemaConstants.OBJECT_CLASS_AT ) );
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setReturningAttributes( new String[]
{ "+", "*" } );
- NamingEnumeration subentries = nexus.search( baseDn, factoryCfg.getEnvironment(), filter, controls );
+ NamingEnumeration subentries =
+ nexus.search(
+ new SearchOperationContext( baseDn, factoryCfg.getEnvironment(), filter, controls ) );
+
while ( subentries.hasMore() )
{
SearchResult result = ( SearchResult ) subentries.next();
@@ -562,13 +593,13 @@
if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
- nexus.modify( dn, getOperationalModsForRemove( name, candidate ) );
+ nexus.modify( new ModifyOperationContext( dn, getOperationalModsForRemove( name, candidate ) ) );
}
}
}
else
{
- next.delete( name );
+ next.delete( opContext );
}
}
@@ -591,7 +622,9 @@
ExprNode filter = new PresenceNode( "administrativeRole" );
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
- NamingEnumeration aps = nexus.search( name, factoryCfg.getEnvironment(), filter, controls );
+ NamingEnumeration aps =
+ nexus.search(
+ new SearchOperationContext( name, factoryCfg.getEnvironment(), filter, controls ) );
if ( aps.hasMore() )
{
aps.close();
@@ -675,12 +708,15 @@
}
- public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
+ public void rename( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- Attributes entry = nexus.lookup( name );
+ LdapDN name = opContext.getDn();
+ String newRdn = ((RenameOperationContext)opContext).getNewRdn();
+
+ Attributes entry = nexus.lookup( new LookupOperationContext( name ) );
Attribute objectClasses = AttributeUtils.getAttribute( entry, objectClassType );
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, "subentry" ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC ) )
{
Subentry subentry = subentryCache.getSubentry( name.toNormName() );
SubtreeSpecification ss = subentry.getSubtreeSpecification();
@@ -691,21 +727,24 @@
LdapDN newName = ( LdapDN ) name.clone();
newName.remove( newName.size() - 1 );
- LdapDN rdn = new LdapDN( newRn );
+ LdapDN rdn = new LdapDN( newRdn );
newName.addAll( rdn );
rdn.normalize( attrRegistry.getNormalizerMapping() );
newName.normalize( attrRegistry.getNormalizerMapping() );
String newNormName = newName.toNormName();
subentryCache.setSubentry( newNormName, ss, subentry.getTypes() );
- next.modifyRn( name, newRn, deleteOldRn );
+ next.rename( opContext );
subentry = subentryCache.getSubentry( newNormName );
- ExprNode filter = new PresenceNode( oidRegistry.getOid( "objectclass" ) );
+ ExprNode filter = new PresenceNode( oidRegistry.getOid( SchemaConstants.OBJECT_CLASS_AT ) );
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setReturningAttributes( new String[] { "+", "*" } );
- NamingEnumeration subentries = nexus.search( baseDn, factoryCfg.getEnvironment(), filter, controls );
+ NamingEnumeration subentries =
+ nexus.search(
+ new SearchOperationContext( baseDn, factoryCfg.getEnvironment(), filter, controls ) );
+
while ( subentries.hasMore() )
{
SearchResult result = ( SearchResult ) subentries.next();
@@ -715,7 +754,7 @@
if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
- nexus.modify( dn, getOperationalModsForReplace( name, newName, subentry, candidate ) );
+ nexus.modify( new ModifyOperationContext( dn, getOperationalModsForReplace( name, newName, subentry, candidate ) ) );
}
}
}
@@ -727,31 +766,37 @@
log.warn( msg );
throw new LdapSchemaViolationException( msg, ResultCodeEnum.NOT_ALLOWED_ON_RDN );
}
- next.modifyRn( name, newRn, deleteOldRn );
+
+ next.rename( opContext );
// calculate the new DN now for use below to modify subentry operational
// attributes contained within this regular entry with name changes
LdapDN newName = ( LdapDN ) name.clone();
newName.remove( newName.size() - 1 );
- newName.add( newRn );
+ newName.add( newRdn );
newName.normalize( attrRegistry.getNormalizerMapping() );
ModificationItemImpl[] mods = getModsOnEntryRdnChange( name, newName, entry );
if ( mods.length > 0 )
{
- nexus.modify( newName, mods );
+ nexus.modify( new ModifyOperationContext( newName, mods ) );
}
}
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
- Attributes entry = nexus.lookup( oriChildName );
+ LdapDN oriChildName = opContext.getDn();
+ LdapDN parent = ((MoveAndRenameOperationContext)opContext).getParent();
+ String newRn = ((RenameOperationContext)opContext).getNewRdn();
+
+
+ Attributes entry = nexus.lookup( new LookupOperationContext( oriChildName ) );
Attribute objectClasses = AttributeUtils.getAttribute( entry, objectClassType );
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, "subentry" ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC ) )
{
Subentry subentry = subentryCache.getSubentry( oriChildName.toNormName() );
SubtreeSpecification ss = subentry.getSubtreeSpecification();
@@ -759,7 +804,7 @@
apName.remove( apName.size() - 1 );
LdapDN baseDn = ( LdapDN ) apName.clone();
baseDn.addAll( ss.getBase() );
- LdapDN newName = ( LdapDN ) newParentName.clone();
+ LdapDN newName = ( LdapDN ) parent.clone();
newName.remove( newName.size() - 1 );
LdapDN rdn = new LdapDN( newRn );
@@ -769,15 +814,18 @@
String newNormName = newName.toNormName();
subentryCache.setSubentry( newNormName, ss, subentry.getTypes() );
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
+ next.moveAndRename( opContext );
subentry = subentryCache.getSubentry( newNormName );
- ExprNode filter = new PresenceNode( oidRegistry.getOid( "objectclass" ) );
+ ExprNode filter = new PresenceNode( oidRegistry.getOid( SchemaConstants.OBJECT_CLASS_AT ) );
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setReturningAttributes( new String[] { "+", "*" } );
- NamingEnumeration subentries = nexus.search( baseDn, factoryCfg.getEnvironment(), filter, controls );
+ NamingEnumeration subentries =
+ nexus.search(
+ new SearchOperationContext( baseDn, factoryCfg.getEnvironment(), filter, controls ) );
+
while ( subentries.hasMore() )
{
SearchResult result = ( SearchResult ) subentries.next();
@@ -787,8 +835,8 @@
if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
- nexus.modify( dn, getOperationalModsForReplace( oriChildName, newName, subentry,
- candidate ) );
+ nexus.modify( new ModifyOperationContext( dn, getOperationalModsForReplace( oriChildName, newName, subentry,
+ candidate ) ) );
}
}
}
@@ -800,29 +848,33 @@
log.warn( msg );
throw new LdapSchemaViolationException( msg, ResultCodeEnum.NOT_ALLOWED_ON_RDN );
}
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
+
+ next.moveAndRename( opContext );
// calculate the new DN now for use below to modify subentry operational
// attributes contained within this regular entry with name changes
- LdapDN newName = ( LdapDN ) newParentName.clone();
+ LdapDN newName = ( LdapDN ) parent.clone();
newName.add( newRn );
newName.normalize( attrRegistry.getNormalizerMapping() );
ModificationItemImpl[] mods = getModsOnEntryRdnChange( oriChildName, newName, entry );
if ( mods.length > 0 )
{
- nexus.modify( newName, mods );
+ nexus.modify( new ModifyOperationContext( newName, mods ) );
}
}
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- Attributes entry = nexus.lookup( oriChildName );
- Attribute objectClasses = entry.get( "objectClass" );
+ LdapDN oriChildName = opContext.getDn();
+ LdapDN newParentName = ((MoveOperationContext)opContext).getParent();
+
+ Attributes entry = nexus.lookup( new LookupOperationContext( oriChildName ) );
+ Attribute objectClasses = entry.get( SchemaConstants.OBJECT_CLASS_AT );
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, "subentry" ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC ) )
{
Subentry subentry = subentryCache.getSubentry( oriChildName.toString() );
SubtreeSpecification ss = subentry.getSubtreeSpecification();
@@ -836,16 +888,19 @@
String newNormName = newName.toNormName();
subentryCache.setSubentry( newNormName, ss, subentry.getTypes() );
- next.move( oriChildName, newParentName );
+ next.move( opContext );
subentry = subentryCache.getSubentry( newNormName );
- ExprNode filter = new PresenceNode( "objectclass" );
+ ExprNode filter = new PresenceNode( SchemaConstants.OBJECT_CLASS_AT );
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setReturningAttributes( new String[]
{ "+", "*" } );
- NamingEnumeration subentries = nexus.search( baseDn, factoryCfg.getEnvironment(), filter, controls );
+ NamingEnumeration subentries =
+ nexus.search(
+ new SearchOperationContext( baseDn, factoryCfg.getEnvironment(), filter, controls ) );
+
while ( subentries.hasMore() )
{
SearchResult result = ( SearchResult ) subentries.next();
@@ -855,8 +910,8 @@
if ( evaluator.evaluate( ss, apName, dn, candidate ) )
{
- nexus.modify( dn, getOperationalModsForReplace( oriChildName, newName, subentry,
- candidate ) );
+ nexus.modify( new ModifyOperationContext( dn, getOperationalModsForReplace( oriChildName, newName, subentry,
+ candidate ) ) );
}
}
}
@@ -868,7 +923,8 @@
log.warn( msg );
throw new LdapSchemaViolationException( msg, ResultCodeEnum.NOT_ALLOWED_ON_RDN );
}
- next.move( oriChildName, newParentName );
+
+ next.move( opContext );
// calculate the new DN now for use below to modify subentry operational
// attributes contained within this regular entry with name changes
@@ -878,7 +934,7 @@
if ( mods.length > 0 )
{
- nexus.modify( newName, mods );
+ nexus.modify( new ModifyOperationContext( newName, mods ) );
}
}
}
@@ -891,7 +947,7 @@
private int getSubentryTypes( Attributes subentry, int modOp, Attributes mods ) throws NamingException
{
- if ( mods.get( "objectClass" ) == null )
+ if ( mods.get( SchemaConstants.OBJECT_CLASS_AT ) == null )
{
return getSubentryTypes( subentry );
}
@@ -903,8 +959,8 @@
return getSubentryTypes( mods );
}
- Attribute ocChanges = mods.get( "objectClass" );
- Attribute ocFinalState = ( Attribute ) subentry.get( "objectClass" ).clone();
+ Attribute ocChanges = mods.get( SchemaConstants.OBJECT_CLASS_AT );
+ Attribute ocFinalState = ( Attribute ) subentry.get( SchemaConstants.OBJECT_CLASS_AT ).clone();
if ( modOp == DirContext.ADD_ATTRIBUTE )
{
for ( int ii = 0; ii < ocChanges.size(); ii++ )
@@ -928,10 +984,10 @@
private int getSubentryTypes( Attributes entry, ModificationItemImpl[] mods ) throws NamingException
{
- Attribute ocFinalState = ( Attribute ) entry.get( "objectClass" ).clone();
+ Attribute ocFinalState = ( Attribute ) entry.get( SchemaConstants.OBJECT_CLASS_AT ).clone();
for ( int ii = 0; ii < mods.length; ii++ )
{
- if ( mods[ii].getAttribute().getID().equalsIgnoreCase( "objectClass" ) )
+ if ( mods[ii].getAttribute().getID().equalsIgnoreCase( SchemaConstants.OBJECT_CLASS_AT ) )
{
switch ( mods[ii].getModificationOp() )
{
@@ -959,96 +1015,12 @@
return getSubentryTypes( attrs );
}
-
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes mods ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
- Attributes entry = nexus.lookup( name );
- Attributes oldEntry = (Attributes) entry.clone();
- Attribute objectClasses = AttributeUtils.getAttribute( entry, objectClassType );
-
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, "subentry" ) && mods.get( "subtreeSpecification" ) != null )
- {
- SubtreeSpecification ssOld = subentryCache.removeSubentry( name.toNormName() ).getSubtreeSpecification();
- SubtreeSpecification ssNew;
-
- try
- {
- ssNew = ssParser.parse( ( String ) mods.get( "subtreeSpecification" ).get() );
- }
- catch ( Exception e )
- {
- String msg = "failed to parse the new subtreeSpecification";
- log.error( msg, e );
- throw new LdapInvalidAttributeValueException( msg, ResultCodeEnum.INVALID_ATTRIBUTE_SYNTAX );
- }
-
- subentryCache.setSubentry( name.toNormName(), ssNew, getSubentryTypes( entry, modOp, mods ) );
- next.modify( name, modOp, mods );
-
- // search for all entries selected by the old SS and remove references to subentry
- LdapDN apName = ( LdapDN ) name.clone();
- apName.remove( apName.size() - 1 );
- LdapDN oldBaseDn = ( LdapDN ) apName.clone();
- oldBaseDn.addAll( ssOld.getBase() );
- ExprNode filter = new PresenceNode( oidRegistry.getOid( "objectClass" ) );
- SearchControls controls = new SearchControls();
- controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
- controls.setReturningAttributes( new String[]
- { "+", "*" } );
- NamingEnumeration subentries = nexus.search( oldBaseDn, factoryCfg.getEnvironment(), filter, controls );
- while ( subentries.hasMore() )
- {
- SearchResult result = ( SearchResult ) subentries.next();
- Attributes candidate = result.getAttributes();
- LdapDN dn = new LdapDN( result.getName() );
- dn.normalize( attrRegistry.getNormalizerMapping() );
-
- if ( evaluator.evaluate( ssOld, apName, dn, candidate ) )
- {
- nexus.modify( dn, getOperationalModsForRemove( name, candidate ) );
- }
- }
-
- // search for all selected entries by the new SS and add references to subentry
- Subentry subentry = subentryCache.getSubentry( name.toNormName() );
- Attributes operational = getSubentryOperatationalAttributes( name, subentry );
- LdapDN newBaseDn = ( LdapDN ) apName.clone();
- newBaseDn.addAll( ssNew.getBase() );
- subentries = nexus.search( newBaseDn, factoryCfg.getEnvironment(), filter, controls );
- while ( subentries.hasMore() )
- {
- SearchResult result = ( SearchResult ) subentries.next();
- Attributes candidate = result.getAttributes();
- LdapDN dn = new LdapDN( result.getName() );
- dn.normalize( attrRegistry.getNormalizerMapping() );
-
- if ( evaluator.evaluate( ssNew, apName, dn, candidate ) )
- {
- nexus.modify( dn, getOperationalModsForAdd( candidate, operational ) );
- }
- }
- }
- else
- {
- next.modify( name, modOp, mods );
-
- if ( !AttributeUtils.containsValueCaseIgnore( objectClasses, "subentry" ) )
- {
- Attributes newEntry = nexus.lookup( name );
-
- ModificationItemImpl[] subentriesOpAttrMods = getModsOnEntryModification(name, oldEntry, newEntry);
- if ( subentriesOpAttrMods.length > 0)
- {
- nexus.modify(name, subentriesOpAttrMods);
- }
- }
- }
- }
-
-
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] mods ) throws NamingException
- {
- Attributes entry = nexus.lookup( name );
+ LdapDN name = opContext.getDn();
+ ModificationItemImpl[] mods = ((ModifyOperationContext)opContext).getModItems();
+
+ Attributes entry = nexus.lookup( new LookupOperationContext( name ) );
Attributes oldEntry = (Attributes) entry.clone();
Attribute objectClasses = AttributeUtils.getAttribute( entry, objectClassType );
boolean isSubtreeSpecificationModification = false;
@@ -1056,14 +1028,14 @@
for ( int ii = 0; ii < mods.length; ii++ )
{
- if ( "subtreeSpecification".equalsIgnoreCase( mods[ii].getAttribute().getID() ) )
+ if ( SchemaConstants.SUBTREE_SPECIFICATION_AT.equalsIgnoreCase( mods[ii].getAttribute().getID() ) )
{
isSubtreeSpecificationModification = true;
subtreeMod = mods[ii];
}
}
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, "subentry" ) && isSubtreeSpecificationModification )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC ) && isSubtreeSpecificationModification )
{
SubtreeSpecification ssOld = subentryCache.removeSubentry( name.toString() ).getSubtreeSpecification();
SubtreeSpecification ssNew;
@@ -1080,19 +1052,22 @@
}
subentryCache.setSubentry( name.toNormName(), ssNew, getSubentryTypes( entry, mods ) );
- next.modify( name, mods );
+ next.modify( opContext );
// search for all entries selected by the old SS and remove references to subentry
LdapDN apName = ( LdapDN ) name.clone();
apName.remove( apName.size() - 1 );
LdapDN oldBaseDn = ( LdapDN ) apName.clone();
oldBaseDn.addAll( ssOld.getBase() );
- ExprNode filter = new PresenceNode( oidRegistry.getOid( "objectClass" ) );
+ ExprNode filter = new PresenceNode( oidRegistry.getOid( SchemaConstants.OBJECT_CLASS_AT ) );
SearchControls controls = new SearchControls();
controls.setSearchScope( SearchControls.SUBTREE_SCOPE );
controls.setReturningAttributes( new String[]
{ "+", "*" } );
- NamingEnumeration subentries = nexus.search( oldBaseDn, factoryCfg.getEnvironment(), filter, controls );
+ NamingEnumeration subentries =
+ nexus.search(
+ new SearchOperationContext( oldBaseDn, factoryCfg.getEnvironment(), filter, controls ) );
+
while ( subentries.hasMore() )
{
SearchResult result = ( SearchResult ) subentries.next();
@@ -1102,7 +1077,7 @@
if ( evaluator.evaluate( ssOld, apName, dn, candidate ) )
{
- nexus.modify( dn, getOperationalModsForRemove( name, candidate ) );
+ nexus.modify( new ModifyOperationContext( dn, getOperationalModsForRemove( name, candidate ) ) );
}
}
@@ -1111,7 +1086,8 @@
Attributes operational = getSubentryOperatationalAttributes( name, subentry );
LdapDN newBaseDn = ( LdapDN ) apName.clone();
newBaseDn.addAll( ssNew.getBase() );
- subentries = nexus.search( newBaseDn, factoryCfg.getEnvironment(), filter, controls );
+ subentries = nexus.search(
+ new SearchOperationContext( newBaseDn, factoryCfg.getEnvironment(), filter, controls ) );
while ( subentries.hasMore() )
{
SearchResult result = ( SearchResult ) subentries.next();
@@ -1121,22 +1097,23 @@
if ( evaluator.evaluate( ssNew, apName, dn, candidate ) )
{
- nexus.modify( dn, getOperationalModsForAdd( candidate, operational ) );
+ nexus.modify( new ModifyOperationContext( dn, getOperationalModsForAdd( candidate, operational ) )) ;
}
}
}
else
{
- next.modify( name, mods );
+ next.modify( opContext );
- if ( !AttributeUtils.containsValueCaseIgnore( objectClasses, "subentry" ) )
+ if ( !AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC ) )
{
- Attributes newEntry = nexus.lookup( name );
+ Attributes newEntry = nexus.lookup( new LookupOperationContext( name ) );
- ModificationItemImpl[] subentriesOpAttrMods = getModsOnEntryModification(name, oldEntry, newEntry);
+ ModificationItemImpl[] subentriesOpAttrMods = getModsOnEntryModification( name, oldEntry, newEntry );
+
if ( subentriesOpAttrMods.length > 0)
{
- nexus.modify(name, subentriesOpAttrMods);
+ nexus.modify( new ModifyOperationContext( name, subentriesOpAttrMods ) );
}
}
}
@@ -1389,15 +1366,15 @@
}
// see if we can use objectclass if present
- Attribute objectClasses = result.getAttributes().get( "objectClass" );
+ Attribute objectClasses = result.getAttributes().get( SchemaConstants.OBJECT_CLASS_AT );
if ( objectClasses != null )
{
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SUBENTRY_OBJECTCLASS ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC ) )
{
return false;
}
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SUBENTRY_OBJECTCLASS_OID ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC_OID ) )
{
return false;
}
@@ -1405,7 +1382,7 @@
for ( int ii = 0; ii < objectClasses.size(); ii++ )
{
String oc = ( String ) objectClasses.get( ii );
- if ( oc.equalsIgnoreCase( SUBENTRY_OBJECTCLASS ) )
+ if ( oc.equalsIgnoreCase( SchemaConstants.SUBENTRY_OC ) )
{
return false;
}
@@ -1450,15 +1427,15 @@
}
// see if we can use objectclass if present
- Attribute objectClasses = result.getAttributes().get( "objectClass" );
+ Attribute objectClasses = result.getAttributes().get( SchemaConstants.OBJECT_CLASS_AT );
if ( objectClasses != null )
{
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SUBENTRY_OBJECTCLASS ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC ) )
{
return true;
}
- if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SUBENTRY_OBJECTCLASS_OID ) )
+ if ( AttributeUtils.containsValueCaseIgnore( objectClasses, SchemaConstants.SUBENTRY_OC_OID ) )
{
return true;
}
@@ -1466,7 +1443,7 @@
for ( int ii = 0; ii < objectClasses.size(); ii++ )
{
String oc = ( String ) objectClasses.get( ii );
- if ( oc.equalsIgnoreCase( SUBENTRY_OBJECTCLASS ) )
+ if ( oc.equalsIgnoreCase( SchemaConstants.SUBENTRY_OC ) )
{
return true;
}
diff --git a/core/src/main/java/org/apache/directory/server/core/trigger/AbstractStoredProcedureParameterInjector.java b/core/src/main/java/org/apache/directory/server/core/trigger/AbstractStoredProcedureParameterInjector.java
index e3314ed..3d241d2 100644
--- a/core/src/main/java/org/apache/directory/server/core/trigger/AbstractStoredProcedureParameterInjector.java
+++ b/core/src/main/java/org/apache/directory/server/core/trigger/AbstractStoredProcedureParameterInjector.java
@@ -40,12 +40,12 @@
public abstract class AbstractStoredProcedureParameterInjector implements StoredProcedureParameterInjector
{
private Invocation invocation;
- private Map injectors;
+ private Map<Class, MicroInjector> injectors;
public AbstractStoredProcedureParameterInjector( Invocation invocation ) throws NamingException
{
this.invocation = invocation;
- injectors = new HashMap();
+ injectors = new HashMap<Class, MicroInjector>();
injectors.put( StoredProcedureParameter.Generic_OPERATION_PRINCIPAL.class, $operationPrincipalInjector );
injectors.put( StoredProcedureParameter.Generic_LDAP_CONTEXT.class, $ldapContextInjector );
}
@@ -57,7 +57,7 @@
return userName;
}
- protected Map getInjectors()
+ protected Map<Class, MicroInjector> getInjectors()
{
return injectors;
}
@@ -72,15 +72,15 @@
this.invocation = invocation;
}
- public final List getArgumentsToInject( List parameterList ) throws NamingException
+ public final List<Object> getArgumentsToInject( List<StoredProcedureParameter> parameterList ) throws NamingException
{
- List arguments = new ArrayList();
+ List<Object> arguments = new ArrayList<Object>();
- Iterator it = parameterList.iterator();
+ Iterator<StoredProcedureParameter> it = parameterList.iterator();
while ( it.hasNext() )
{
- StoredProcedureParameter spParameter = ( StoredProcedureParameter ) it.next();
- MicroInjector injector = ( MicroInjector ) injectors.get( spParameter.getClass() );
+ StoredProcedureParameter spParameter = it.next();
+ MicroInjector injector = injectors.get( spParameter.getClass() );
arguments.add( injector.inject( spParameter ) );
}
@@ -101,7 +101,7 @@
{
Generic_LDAP_CONTEXT ldapCtxParam = ( Generic_LDAP_CONTEXT ) param;
LdapDN ldapCtxName = ldapCtxParam.getCtxName();
- return (( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller() ).getRootContext()).lookup( ldapCtxName );
+ return ( ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller() ).getRootContext()).lookup( ldapCtxName );
};
};
diff --git a/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java b/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java
index 3663fc7..ee701bb 100644
--- a/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java
+++ b/core/src/main/java/org/apache/directory/server/core/trigger/AddStoredProcedureParameterInjector.java
@@ -34,14 +34,12 @@
private LdapDN addedEntryName;
private Attributes addedEntry;
- private Map injectors;
-
public AddStoredProcedureParameterInjector( Invocation invocation, LdapDN addedEntryName, Attributes addedEntry ) throws NamingException
{
super( invocation );
this.addedEntryName = addedEntryName;
this.addedEntry = addedEntry;
- injectors = super.getInjectors();
+ Map<Class, MicroInjector> injectors = super.getInjectors();
injectors.put( StoredProcedureParameter.Add_ENTRY.class, $entryInjector );
injectors.put( StoredProcedureParameter.Add_ATTRIBUTES.class, $attributesInjector );
}
diff --git a/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java b/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java
index 3778116..66cad71 100644
--- a/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java
+++ b/core/src/main/java/org/apache/directory/server/core/trigger/DeleteStoredProcedureParameterInjector.java
@@ -26,6 +26,7 @@
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -37,14 +38,12 @@
private LdapDN deletedEntryName;
private Attributes deletedEntry;
- private Map injectors;
-
public DeleteStoredProcedureParameterInjector( Invocation invocation, LdapDN deletedEntryName ) throws NamingException
{
super( invocation );
this.deletedEntryName = deletedEntryName;
this.deletedEntry = getDeletedEntry();
- injectors = super.getInjectors();
+ Map<Class, MicroInjector> injectors = super.getInjectors();
injectors.put( StoredProcedureParameter.Delete_NAME.class, $nameInjector );
injectors.put( StoredProcedureParameter.Delete_DELETED_ENTRY.class, $deletedEntryInjector );
}
@@ -73,7 +72,7 @@
* Using LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS here to exclude operational attributes
* especially subentry related ones like "triggerExecutionSubentries".
*/
- Attributes deletedEntry = proxy.lookup( deletedEntryName, PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
+ Attributes deletedEntry = proxy.lookup( new LookupOperationContext( deletedEntryName ), PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
return deletedEntry;
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/trigger/ModifyDNStoredProcedureParameterInjector.java b/core/src/main/java/org/apache/directory/server/core/trigger/ModifyDNStoredProcedureParameterInjector.java
index d70c61b..d83595c 100644
--- a/core/src/main/java/org/apache/directory/server/core/trigger/ModifyDNStoredProcedureParameterInjector.java
+++ b/core/src/main/java/org/apache/directory/server/core/trigger/ModifyDNStoredProcedureParameterInjector.java
@@ -26,35 +26,123 @@
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.trigger.StoredProcedureParameter;
public class ModifyDNStoredProcedureParameterInjector extends AbstractStoredProcedureParameterInjector
{
- private LdapDN oldName;
- private String newRn;
private boolean deleteOldRn;
-
- private Map injectors;
-
- public ModifyDNStoredProcedureParameterInjector( Invocation invocation, boolean deleteOldRn,
+ private LdapDN oldRDN;
+ private LdapDN newRDN;
+ private LdapDN oldSuperiorDN;
+ private LdapDN newSuperiorDN;
+ private LdapDN oldDN;
+ private LdapDN newDN;
+
+ public ModifyDNStoredProcedureParameterInjector( Invocation invocation, boolean deleteOldRn,
LdapDN oldRDN, LdapDN newRDN, LdapDN oldSuperiorDN, LdapDN newSuperiorDN, LdapDN oldDN, LdapDN newDN) throws NamingException
{
super( invocation );
- init( oldName, newRn, deleteOldRn );
- }
-
- private void init( LdapDN oldName, String newRn, boolean deleteOldRn ) throws NamingException
- {
- this.oldName = oldName;
- this.newRn = newRn;
this.deleteOldRn = deleteOldRn;
- injectors = super.getInjectors();
- /*
- injectors.put( ModDNStoredProcedureParameter.ENTRY, $entryInjector.inject() );
- injectors.put( ModDNStoredProcedureParameter.NEW_RDN, $newRdnInjector.inject() );
- injectors.put( ModDNStoredProcedureParameter.NEW_SUPERIOR, $newSuperior.inject() );
- injectors.put( ModDNStoredProcedureParameter.DELETE_OLD_RDN, $deleteOldRdnInjector.inject() );
- */
+ this.oldRDN = oldRDN;
+ this.newRDN = newRDN;
+ this.oldSuperiorDN = oldSuperiorDN;
+ this.newSuperiorDN = newSuperiorDN;
+ this.oldDN = oldDN;
+ this.newDN = newDN;
+
+ Map<Class, MicroInjector> injectors = super.getInjectors();
+ injectors.put( StoredProcedureParameter.ModifyDN_ENTRY.class, $entryInjector );
+ injectors.put( StoredProcedureParameter.ModifyDN_NEW_RDN.class, $newrdnInjector );
+ injectors.put( StoredProcedureParameter.ModifyDN_DELETE_OLD_RDN.class, $deleteoldrdnInjector );
+ injectors.put( StoredProcedureParameter.ModifyDN_NEW_SUPERIOR.class, $newSuperiorInjector );
+ injectors.put( StoredProcedureParameter.ModifyDN_OLD_RDN.class, $oldRDNInjector );
+ injectors.put( StoredProcedureParameter.ModifyDN_OLD_SUPERIOR_DN.class, $oldSuperiorDNInjector );
+ injectors.put( StoredProcedureParameter.ModifyDN_NEW_DN.class, $newDNInjector );
+
}
+ /**
+ * Injector for 'entry' parameter of ModifyDNRequest as in RFC4511.
+ */
+ MicroInjector $entryInjector = new MicroInjector()
+ {
+ public Object inject( StoredProcedureParameter param ) throws NamingException
+ {
+ // Return a safe copy constructed with user provided name.
+ return new LdapDN( oldDN.getUpName() );
+ };
+ };
+ /**
+ * Injector for 'newrdn' parameter of ModifyDNRequest as in RFC4511.
+ */
+ MicroInjector $newrdnInjector = new MicroInjector()
+ {
+ public Object inject( StoredProcedureParameter param ) throws NamingException
+ {
+ // Return a safe copy constructed with user provided name.
+ return new LdapDN( newRDN.getUpName() );
+ };
+ };
+
+ /**
+ * Injector for 'newrdn' parameter of ModifyDNRequest as in RFC4511.
+ */
+ MicroInjector $deleteoldrdnInjector = new MicroInjector()
+ {
+ public Object inject( StoredProcedureParameter param ) throws NamingException
+ {
+ // Return a safe copy constructed with user provided name.
+ return new Boolean( deleteOldRn );
+ };
+ };
+
+ /**
+ * Injector for 'newSuperior' parameter of ModifyDNRequest as in RFC4511.
+ */
+ MicroInjector $newSuperiorInjector = new MicroInjector()
+ {
+ public Object inject( StoredProcedureParameter param ) throws NamingException
+ {
+ // Return a safe copy constructed with user provided name.
+ return new LdapDN( newSuperiorDN.getUpName() );
+ };
+ };
+
+ /**
+ * Extra injector for 'oldRDN' which can be derived from parameters specified for ModifyDNRequest as in RFC4511.
+ */
+ MicroInjector $oldRDNInjector = new MicroInjector()
+ {
+ public Object inject( StoredProcedureParameter param ) throws NamingException
+ {
+ // Return a safe copy constructed with user provided name.
+ return new LdapDN( oldRDN.getUpName() );
+ };
+ };
+
+ /**
+ * Extra injector for 'oldRDN' which can be derived from parameters specified for ModifyDNRequest as in RFC4511.
+ */
+ MicroInjector $oldSuperiorDNInjector = new MicroInjector()
+ {
+ public Object inject( StoredProcedureParameter param ) throws NamingException
+ {
+ // Return a safe copy constructed with user provided name.
+ return new LdapDN( oldSuperiorDN.getUpName() );
+ };
+ };
+
+ /**
+ * Extra injector for 'newDN' which can be derived from parameters specified for ModifyDNRequest as in RFC4511.
+ */
+ MicroInjector $newDNInjector = new MicroInjector()
+ {
+ public Object inject( StoredProcedureParameter param ) throws NamingException
+ {
+ // Return a safe copy constructed with user provided name.
+ return new LdapDN( newDN.getUpName() );
+ };
+ };
+
}
diff --git a/core/src/main/java/org/apache/directory/server/core/trigger/ModifyStoredProcedureParameterInjector.java b/core/src/main/java/org/apache/directory/server/core/trigger/ModifyStoredProcedureParameterInjector.java
index 37456f3..033c2cb 100644
--- a/core/src/main/java/org/apache/directory/server/core/trigger/ModifyStoredProcedureParameterInjector.java
+++ b/core/src/main/java/org/apache/directory/server/core/trigger/ModifyStoredProcedureParameterInjector.java
@@ -22,11 +22,12 @@
import java.util.Map;
-import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -37,38 +38,16 @@
{
private LdapDN modifiedEntryName;
private ModificationItemImpl[] modifications;
-
private Attributes oldEntry;
- private Map injectors;
- public ModifyStoredProcedureParameterInjector( Invocation invocation, LdapDN modifiedEntryName, ModificationItemImpl[] modifications ) throws NamingException
+ public ModifyStoredProcedureParameterInjector( Invocation invocation, OperationContext opContext ) throws NamingException
{
super( invocation );
- init( modifiedEntryName, modifications );
- }
-
- public ModifyStoredProcedureParameterInjector( Invocation invocation, LdapDN modifiedEntryName, int modOp, Attributes modifications ) throws NamingException
- {
- super( invocation );
- ModificationItemImpl[] mods = new ModificationItemImpl[ modifications.size() ];
- NamingEnumeration modEnum = modifications.getAll();
- int i = 0;
- while ( modEnum.hasMoreElements() )
- {
- Attribute attribute = ( Attribute ) modEnum.nextElement();
- mods[ i++ ] = new ModificationItemImpl( modOp, attribute );
- }
-
- init( modifiedEntryName, mods );
- }
-
- private void init( LdapDN modifiedEntryName, ModificationItemImpl[] modifications ) throws NamingException
- {
- this.modifiedEntryName = modifiedEntryName;
- this.modifications = modifications;
+ modifiedEntryName = opContext.getDn();
+ modifications = ((ModifyOperationContext)opContext).getModItems();
this.oldEntry = getEntry();
- injectors = super.getInjectors();
+ Map<Class, MicroInjector> injectors = super.getInjectors();
injectors.put( StoredProcedureParameter.Modify_OBJECT.class, $objectInjector );
injectors.put( StoredProcedureParameter.Modify_MODIFICATION.class, $modificationInjector );
injectors.put( StoredProcedureParameter.Modify_OLD_ENTRY.class, $oldEntryInjector );
@@ -115,7 +94,7 @@
* Using LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS here to exclude operational attributes
* especially subentry related ones like "triggerExecutionSubentries".
*/
- return proxy.lookup( modifiedEntryName, PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
+ return proxy.lookup( new LookupOperationContext( modifiedEntryName ), PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
}
}
diff --git a/core/src/main/java/org/apache/directory/server/core/trigger/StoredProcedureParameterInjector.java b/core/src/main/java/org/apache/directory/server/core/trigger/StoredProcedureParameterInjector.java
index d1d99db..c5b5cb0 100644
--- a/core/src/main/java/org/apache/directory/server/core/trigger/StoredProcedureParameterInjector.java
+++ b/core/src/main/java/org/apache/directory/server/core/trigger/StoredProcedureParameterInjector.java
@@ -28,7 +28,7 @@
public interface StoredProcedureParameterInjector
{
- List getArgumentsToInject( List parameterList ) throws NamingException;
+ List<Object> getArgumentsToInject( List<StoredProcedureParameter> parameterList ) throws NamingException;
public interface MicroInjector
{
diff --git a/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java b/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java
index 4e3c57c..10e8500 100644
--- a/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java
+++ b/core/src/main/java/org/apache/directory/server/core/trigger/TriggerService.java
@@ -24,7 +24,6 @@
import java.lang.reflect.Method;
import java.text.ParseException;
import java.util.ArrayList;
-import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
@@ -40,6 +39,12 @@
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.InterceptorChain;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveAndRenameOperationContext;
+import org.apache.directory.server.core.interceptor.context.MoveOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.RenameOperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.ServerLdapContext;
@@ -47,8 +52,8 @@
import org.apache.directory.server.core.sp.LdapClassLoader;
import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNamingException;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.schema.NormalizerMappingResolver;
@@ -56,6 +61,7 @@
import org.apache.directory.shared.ldap.trigger.LdapOperation;
import org.apache.directory.shared.ldap.trigger.TriggerSpecification;
import org.apache.directory.shared.ldap.trigger.TriggerSpecificationParser;
+import org.apache.directory.shared.ldap.trigger.TriggerSpecification.SPSpec;
import org.apache.directory.shared.ldap.util.DirectoryClassUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -69,10 +75,12 @@
*/
public class TriggerService extends BaseInterceptor
{
- public static final String SERVICE_NAME = "triggerService";
-
/** the logger for this class */
private static final Logger log = LoggerFactory.getLogger( TriggerService.class );
+
+ /** The service name */
+ public static final String NAME = "triggerService";
+
/** the entry trigger attribute string: entryTrigger */
private static final String ENTRY_TRIGGER_ATTR = "entryTriggerSpecification";
@@ -111,7 +119,7 @@
* @param entry the target entry that is considered as the trigger source
* @throws NamingException if there are problems accessing attribute values
*/
- private void addPrescriptiveTriggerSpecs( List triggerSpecs, PartitionNexusProxy proxy,
+ private void addPrescriptiveTriggerSpecs( List<TriggerSpecification> triggerSpecs, PartitionNexusProxy proxy,
LdapDN dn, Attributes entry ) throws NamingException
{
@@ -124,11 +132,11 @@
* to be in the same naming context as their access point so the subentries
* effecting their parent entry applies to them as well.
*/
- if ( entry.get( "objectClass" ).contains( "subentry" ) )
+ if ( entry.get( SchemaConstants.OBJECT_CLASS_AT ).contains( SchemaConstants.SUBENTRY_OC ) )
{
LdapDN parentDn = ( LdapDN ) dn.clone();
parentDn.remove( dn.size() - 1 );
- entry = proxy.lookup( parentDn, PartitionNexusProxy.LOOKUP_BYPASS );
+ entry = proxy.lookup( new LookupOperationContext( parentDn ), PartitionNexusProxy.LOOKUP_BYPASS );
}
Attribute subentries = entry.get( TRIGGER_SUBENTRIES_ATTR );
@@ -152,7 +160,7 @@
* @param entry the target entry that is considered as the trigger source
* @throws NamingException if there are problems accessing attribute values
*/
- private void addEntryTriggerSpecs( Collection triggerSpecs, Attributes entry ) throws NamingException
+ private void addEntryTriggerSpecs( List<TriggerSpecification> triggerSpecs, Attributes entry ) throws NamingException
{
Attribute entryTrigger = entry.get( ENTRY_TRIGGER_ATTR );
if ( entryTrigger == null )
@@ -180,15 +188,23 @@
}
}
- public Map getActionTimeMappedTriggerSpecsForOperation( List triggerSpecs, LdapOperation ldapOperation )
+ /**
+ * Return a selection of trigger specifications for a certain type of trigger action time.
+ *
+ * @NOTE: This method serves as an extion point for new Action Time types.
+ *
+ * @param triggerSpecs
+ * @param ldapOperation
+ */
+ public Map<ActionTime, List<TriggerSpecification>> getActionTimeMappedTriggerSpecsForOperation( List<TriggerSpecification> triggerSpecs, LdapOperation ldapOperation )
{
- List afterTriggerSpecs = new ArrayList();
- Map triggerSpecMap = new HashMap();
+ List<TriggerSpecification> afterTriggerSpecs = new ArrayList<TriggerSpecification>();
+ Map<ActionTime, List<TriggerSpecification>> triggerSpecMap = new HashMap<ActionTime, List<TriggerSpecification>>();
- Iterator it = triggerSpecs.iterator();
+ Iterator<TriggerSpecification> it = triggerSpecs.iterator();
while ( it.hasNext() )
{
- TriggerSpecification triggerSpec = ( TriggerSpecification ) it.next();
+ TriggerSpecification triggerSpec = it.next();
if ( triggerSpec.getLdapOperation().equals( ldapOperation ) )
{
if ( triggerSpec.getActionTime().equals( ActionTime.AFTER ) )
@@ -197,7 +213,7 @@
}
else
{
- // TODO
+
}
}
}
@@ -229,12 +245,15 @@
this.enabled = true; // TODO: Get this from the configuration if needed.
}
- public void add( NextInterceptor next, LdapDN normName, Attributes addedEntry ) throws NamingException
+ public void add( NextInterceptor next, OperationContext addContext ) throws NamingException
{
+ LdapDN name = addContext.getDn();
+ Attributes entry = ((AddOperationContext)addContext).getEntry();
+
// Bypass trigger handling if the service is disabled.
if ( !enabled )
{
- next.add( normName, addedEntry );
+ next.add( addContext );
return;
}
@@ -242,196 +261,177 @@
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
ServerLdapContext callerRootCtx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller() ).getRootContext();
- StoredProcedureParameterInjector injector = new AddStoredProcedureParameterInjector( invocation, normName, addedEntry );
+ StoredProcedureParameterInjector injector = new AddStoredProcedureParameterInjector( invocation, name, entry );
// Gather Trigger Specifications which apply to the entry being deleted.
- List triggerSpecs = new ArrayList();
- addPrescriptiveTriggerSpecs( triggerSpecs, proxy, normName, addedEntry );
+ List<TriggerSpecification> triggerSpecs = new ArrayList<TriggerSpecification>();
+ addPrescriptiveTriggerSpecs( triggerSpecs, proxy, name, entry );
+
/**
* NOTE: We do not handle entryTriggerSpecs for ADD operation.
*/
// Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation = LdapOperation.ADD.
- Map triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.ADD );
+ Map<ActionTime, List<TriggerSpecification>> triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.ADD );
- next.add( normName, addedEntry );
- triggerSpecCache.subentryAdded( normName, addedEntry );
+ next.add( addContext );
+ triggerSpecCache.subentryAdded( name, entry );
// Fire AFTER Triggers.
- List afterTriggerSpecs = ( List ) triggerMap.get( ActionTime.AFTER );
+ List<TriggerSpecification> afterTriggerSpecs = triggerMap.get( ActionTime.AFTER );
executeTriggers( afterTriggerSpecs, injector, callerRootCtx );
}
- public void delete( NextInterceptor next, LdapDN normName ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext deleteContext ) throws NamingException
{
+ LdapDN name = deleteContext.getDn();
+
// Bypass trigger handling if the service is disabled.
if ( !enabled )
{
- next.delete( normName );
+ next.delete( deleteContext );
return;
}
// Gather supplementary data.
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes deletedEntry = proxy.lookup( normName, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes deletedEntry = proxy.lookup( new LookupOperationContext( name ), PartitionNexusProxy.LOOKUP_BYPASS );
ServerLdapContext callerRootCtx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller() ).getRootContext();
- StoredProcedureParameterInjector injector = new DeleteStoredProcedureParameterInjector( invocation, normName );
+ StoredProcedureParameterInjector injector = new DeleteStoredProcedureParameterInjector( invocation, name );
// Gather Trigger Specifications which apply to the entry being deleted.
- List triggerSpecs = new ArrayList();
- addPrescriptiveTriggerSpecs( triggerSpecs, proxy, normName, deletedEntry );
+ List<TriggerSpecification> triggerSpecs = new ArrayList<TriggerSpecification>();
+ addPrescriptiveTriggerSpecs( triggerSpecs, proxy, name, deletedEntry );
addEntryTriggerSpecs( triggerSpecs, deletedEntry );
// Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation = LdapOperation.DELETE.
- Map triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.DELETE );
+ Map<ActionTime, List<TriggerSpecification>> triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.DELETE );
- next.delete( normName );
- triggerSpecCache.subentryDeleted( normName, deletedEntry );
+ next.delete( deleteContext );
+ triggerSpecCache.subentryDeleted( name, deletedEntry );
// Fire AFTER Triggers.
- List afterTriggerSpecs = ( List ) triggerMap.get( ActionTime.AFTER );
+ List<TriggerSpecification> afterTriggerSpecs = triggerMap.get( ActionTime.AFTER );
executeTriggers( afterTriggerSpecs, injector, callerRootCtx );
}
- public void modify( NextInterceptor next, LdapDN normName, int modOp, Attributes mods ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
// Bypass trigger handling if the service is disabled.
if ( !enabled )
{
- next.modify( normName, modOp, mods );
+ next.modify( opContext );
return;
}
+ LdapDN normName = opContext.getDn();
+
// Gather supplementary data.
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes modifiedEntry = proxy.lookup( normName, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes modifiedEntry = proxy.lookup( new LookupOperationContext( normName ), PartitionNexusProxy.LOOKUP_BYPASS );
ServerLdapContext callerRootCtx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller() ).getRootContext();
- StoredProcedureParameterInjector injector = new ModifyStoredProcedureParameterInjector( invocation, normName, modOp, mods );
+ StoredProcedureParameterInjector injector = new ModifyStoredProcedureParameterInjector( invocation, opContext );
// Gather Trigger Specifications which apply to the entry being modified.
- List triggerSpecs = new ArrayList();
+ List<TriggerSpecification> triggerSpecs = new ArrayList<TriggerSpecification>();
addPrescriptiveTriggerSpecs( triggerSpecs, proxy, normName, modifiedEntry );
addEntryTriggerSpecs( triggerSpecs, modifiedEntry );
// Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation = LdapOperation.MODIFY.
- Map triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.MODIFY );
+ Map<ActionTime, List<TriggerSpecification>> triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.MODIFY );
- next.modify( normName, modOp, mods );
- triggerSpecCache.subentryModified( normName, modOp, mods, modifiedEntry );
+ next.modify( opContext );
+ triggerSpecCache.subentryModified( opContext, modifiedEntry );
// Fire AFTER Triggers.
- List afterTriggerSpecs = ( List ) triggerMap.get( ActionTime.AFTER );
- executeTriggers( afterTriggerSpecs, injector, callerRootCtx );
- }
-
-
- public void modify( NextInterceptor next, LdapDN normName, ModificationItemImpl[] mods ) throws NamingException
- {
- // Bypass trigger handling if the service is disabled.
- if ( !enabled )
- {
- next.modify( normName, mods );
- return;
- }
-
- // Gather supplementary data.
- Invocation invocation = InvocationStack.getInstance().peek();
- PartitionNexusProxy proxy = invocation.getProxy();
- Attributes modifiedEntry = proxy.lookup( normName, PartitionNexusProxy.LOOKUP_BYPASS );
- ServerLdapContext callerRootCtx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller() ).getRootContext();
- StoredProcedureParameterInjector injector = new ModifyStoredProcedureParameterInjector( invocation, normName, mods );
-
- // Gather Trigger Specifications which apply to the entry being modified.
- List triggerSpecs = new ArrayList();
- addPrescriptiveTriggerSpecs( triggerSpecs, proxy, normName, modifiedEntry );
- addEntryTriggerSpecs( triggerSpecs, modifiedEntry );
-
- // Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation = LdapOperation.MODIFY.
- Map triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.MODIFY );
-
- next.modify( normName, mods );
- triggerSpecCache.subentryModified( normName, mods, modifiedEntry );
-
- // Fire AFTER Triggers.
- List afterTriggerSpecs = ( List ) triggerMap.get( ActionTime.AFTER );
+ List<TriggerSpecification> afterTriggerSpecs = triggerMap.get( ActionTime.AFTER );
executeTriggers( afterTriggerSpecs, injector, callerRootCtx );
}
- public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn ) throws NamingException
+ public void rename( NextInterceptor next, OperationContext renameContext ) throws NamingException
{
+ LdapDN name = renameContext.getDn();
+ String newRdn = ((RenameOperationContext)renameContext).getNewRdn();
+ boolean deleteOldRn = ((RenameOperationContext)renameContext).getDelOldDn();
+
// Bypass trigger handling if the service is disabled.
if ( !enabled )
{
- next.modifyRn( name, newRn, deleteOldRn );
+ next.rename( renameContext );
return;
}
// Gather supplementary data.
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes renamedEntry = proxy.lookup( name, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes renamedEntry = proxy.lookup( new LookupOperationContext( name ), PartitionNexusProxy.LOOKUP_BYPASS );
ServerLdapContext callerRootCtx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller() ).getRootContext();
LdapDN oldRDN = new LdapDN( name.getRdn().getUpName() );
- LdapDN newRDN = new LdapDN( newRn );
+ LdapDN newRDN = new LdapDN( newRdn );
LdapDN oldSuperiorDN = ( LdapDN ) name.clone();
oldSuperiorDN.remove( oldSuperiorDN.size() - 1 );
LdapDN newSuperiorDN = ( LdapDN ) oldSuperiorDN.clone();
LdapDN oldDN = ( LdapDN ) name.clone();
LdapDN newDN = ( LdapDN ) name.clone();
- newDN.add( newRn );
+ newDN.add( newRdn );
StoredProcedureParameterInjector injector = new ModifyDNStoredProcedureParameterInjector(
invocation, deleteOldRn, oldRDN, newRDN, oldSuperiorDN, newSuperiorDN, oldDN, newDN );
// Gather Trigger Specifications which apply to the entry being renamed.
- List triggerSpecs = new ArrayList();
+ List<TriggerSpecification> triggerSpecs = new ArrayList<TriggerSpecification>();
addPrescriptiveTriggerSpecs( triggerSpecs, proxy, name, renamedEntry );
addEntryTriggerSpecs( triggerSpecs, renamedEntry );
// Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation = LdapOperation.MODIFYDN_RENAME.
- Map triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.MODIFYDN_RENAME );
+ Map<ActionTime, List<TriggerSpecification>> triggerMap = getActionTimeMappedTriggerSpecsForOperation( triggerSpecs, LdapOperation.MODIFYDN_RENAME );
- next.modifyRn( name, newRn, deleteOldRn );
+ next.rename( renameContext );
triggerSpecCache.subentryRenamed( name, newDN );
// Fire AFTER Triggers.
- List afterTriggerSpecs = ( List ) triggerMap.get( ActionTime.AFTER );
+ List<TriggerSpecification> afterTriggerSpecs = triggerMap.get( ActionTime.AFTER );
executeTriggers( afterTriggerSpecs, injector, callerRootCtx );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName, String newRn, boolean deleteOldRn ) throws NamingException
+ public void moveAndRename( NextInterceptor next, OperationContext moveAndRenameContext ) throws NamingException
{
+ LdapDN oriChildName = moveAndRenameContext.getDn();
+ LdapDN parent = ((MoveAndRenameOperationContext)moveAndRenameContext).getParent();
+ String newRn = ((MoveAndRenameOperationContext)moveAndRenameContext).getNewRdn();
+ boolean deleteOldRn = ((MoveAndRenameOperationContext)moveAndRenameContext).getDelOldDn();
+
// Bypass trigger handling if the service is disabled.
if ( !enabled )
{
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
+ next.moveAndRename( moveAndRenameContext );
return;
}
// Gather supplementary data.
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes movedEntry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes movedEntry = proxy.lookup( new LookupOperationContext( oriChildName ), PartitionNexusProxy.LOOKUP_BYPASS );
ServerLdapContext callerRootCtx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller() ).getRootContext();
LdapDN oldRDN = new LdapDN( oriChildName.getRdn().getUpName() );
LdapDN newRDN = new LdapDN( newRn );
LdapDN oldSuperiorDN = ( LdapDN ) oriChildName.clone();
oldSuperiorDN.remove( oldSuperiorDN.size() - 1 );
- LdapDN newSuperiorDN = ( LdapDN ) newParentName.clone();
+ LdapDN newSuperiorDN = ( LdapDN ) parent.clone();
LdapDN oldDN = ( LdapDN ) oriChildName.clone();
- LdapDN newDN = ( LdapDN ) newParentName.clone();
+ LdapDN newDN = ( LdapDN ) parent.clone();
newDN.add( newRn );
StoredProcedureParameterInjector injector = new ModifyDNStoredProcedureParameterInjector(
invocation, deleteOldRn, oldRDN, newRDN, oldSuperiorDN, newSuperiorDN, oldDN, newDN );
// Gather Trigger Specifications which apply to the entry being exported.
- List exportTriggerSpecs = new ArrayList();
+ List<TriggerSpecification> exportTriggerSpecs = new ArrayList<TriggerSpecification>();
addPrescriptiveTriggerSpecs( exportTriggerSpecs, proxy, oriChildName, movedEntry );
addEntryTriggerSpecs( exportTriggerSpecs, movedEntry );
@@ -440,13 +440,13 @@
// will not be valid at the new location.
// This will certainly be fixed by the SubentryService,
// but after this service.
- Attributes importedEntry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
+ Attributes importedEntry = proxy.lookup( new LookupOperationContext( oriChildName ), PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
// As the target entry does not exist yet and so
// its subentry operational attributes are not there,
// we need to construct an entry to represent it
// at least with minimal requirements which are object class
// and access control subentry operational attributes.
- SubentryService subentryService = ( SubentryService ) chain.get( "subentryService" );
+ SubentryService subentryService = ( SubentryService ) chain.get( SubentryService.NAME );
Attributes fakeImportedEntry = subentryService.getSubentryAttributes( newDN, importedEntry );
NamingEnumeration attrList = importedEntry.getAll();
while ( attrList.hasMore() )
@@ -456,39 +456,42 @@
// Gather Trigger Specifications which apply to the entry being imported.
// Note: Entry Trigger Specifications are not valid for Import.
- List importTriggerSpecs = new ArrayList();
+ List<TriggerSpecification> importTriggerSpecs = new ArrayList<TriggerSpecification>();
addPrescriptiveTriggerSpecs( importTriggerSpecs, proxy, newDN, fakeImportedEntry );
// Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation = LdapOperation.MODIFYDN_EXPORT.
- Map exportTriggerMap = getActionTimeMappedTriggerSpecsForOperation( exportTriggerSpecs, LdapOperation.MODIFYDN_EXPORT );
+ Map<ActionTime, List<TriggerSpecification>> exportTriggerMap = getActionTimeMappedTriggerSpecsForOperation( exportTriggerSpecs, LdapOperation.MODIFYDN_EXPORT );
// Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation = LdapOperation.MODIFYDN_IMPORT.
- Map importTriggerMap = getActionTimeMappedTriggerSpecsForOperation( importTriggerSpecs, LdapOperation.MODIFYDN_IMPORT );
+ Map<ActionTime, List<TriggerSpecification>> importTriggerMap = getActionTimeMappedTriggerSpecsForOperation( importTriggerSpecs, LdapOperation.MODIFYDN_IMPORT );
- next.move( oriChildName, newParentName, newRn, deleteOldRn );
+ next.moveAndRename( moveAndRenameContext );
triggerSpecCache.subentryRenamed( oldDN, newDN );
// Fire AFTER Triggers.
- List afterExportTriggerSpecs = ( List ) exportTriggerMap.get( ActionTime.AFTER );
- List afterImportTriggerSpecs = ( List ) importTriggerMap.get( ActionTime.AFTER );
+ List<TriggerSpecification> afterExportTriggerSpecs = exportTriggerMap.get( ActionTime.AFTER );
+ List<TriggerSpecification> afterImportTriggerSpecs = importTriggerMap.get( ActionTime.AFTER );
executeTriggers( afterExportTriggerSpecs, injector, callerRootCtx );
executeTriggers( afterImportTriggerSpecs, injector, callerRootCtx );
}
- public void move( NextInterceptor next, LdapDN oriChildName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor next, OperationContext moveContext ) throws NamingException
{
// Bypass trigger handling if the service is disabled.
if ( !enabled )
{
- next.move( oriChildName, newParentName );
+ next.move( moveContext );
return;
}
+ LdapDN oriChildName = moveContext.getDn();
+ LdapDN newParentName = ((MoveOperationContext)moveContext).getParent();
+
// Gather supplementary data.
Invocation invocation = InvocationStack.getInstance().peek();
PartitionNexusProxy proxy = invocation.getProxy();
- Attributes movedEntry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_BYPASS );
+ Attributes movedEntry = proxy.lookup( new LookupOperationContext( oriChildName ), PartitionNexusProxy.LOOKUP_BYPASS );
ServerLdapContext callerRootCtx = ( ServerLdapContext ) ( ( ServerLdapContext ) invocation.getCaller() ).getRootContext();
LdapDN oldRDN = new LdapDN( oriChildName.getRdn().getUpName() );
@@ -504,7 +507,7 @@
invocation, false, oldRDN, newRDN, oldSuperiorDN, newSuperiorDN, oldDN, newDN );
// Gather Trigger Specifications which apply to the entry being exported.
- List exportTriggerSpecs = new ArrayList();
+ List<TriggerSpecification> exportTriggerSpecs = new ArrayList<TriggerSpecification>();
addPrescriptiveTriggerSpecs( exportTriggerSpecs, proxy, oriChildName, movedEntry );
addEntryTriggerSpecs( exportTriggerSpecs, movedEntry );
@@ -513,15 +516,16 @@
// will not be valid at the new location.
// This will certainly be fixed by the SubentryService,
// but after this service.
- Attributes importedEntry = proxy.lookup( oriChildName, PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
+ Attributes importedEntry = proxy.lookup( new LookupOperationContext( oriChildName ), PartitionNexusProxy.LOOKUP_EXCLUDING_OPR_ATTRS_BYPASS );
// As the target entry does not exist yet and so
// its subentry operational attributes are not there,
// we need to construct an entry to represent it
// at least with minimal requirements which are object class
// and access control subentry operational attributes.
- SubentryService subentryService = ( SubentryService ) chain.get( "subentryService" );
+ SubentryService subentryService = ( SubentryService ) chain.get( SubentryService.NAME );
Attributes fakeImportedEntry = subentryService.getSubentryAttributes( newDN, importedEntry );
NamingEnumeration attrList = importedEntry.getAll();
+
while ( attrList.hasMore() )
{
fakeImportedEntry.put( ( Attribute ) attrList.next() );
@@ -529,21 +533,21 @@
// Gather Trigger Specifications which apply to the entry being imported.
// Note: Entry Trigger Specifications are not valid for Import.
- List importTriggerSpecs = new ArrayList();
+ List<TriggerSpecification> importTriggerSpecs = new ArrayList<TriggerSpecification>();
addPrescriptiveTriggerSpecs( importTriggerSpecs, proxy, newDN, fakeImportedEntry );
// Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation = LdapOperation.MODIFYDN_EXPORT.
- Map exportTriggerMap = getActionTimeMappedTriggerSpecsForOperation( exportTriggerSpecs, LdapOperation.MODIFYDN_EXPORT );
+ Map<ActionTime, List<TriggerSpecification>> exportTriggerMap = getActionTimeMappedTriggerSpecsForOperation( exportTriggerSpecs, LdapOperation.MODIFYDN_EXPORT );
// Gather a Map<ActionTime,TriggerSpecification> where TriggerSpecification.ldapOperation = LdapOperation.MODIFYDN_IMPORT.
- Map importTriggerMap = getActionTimeMappedTriggerSpecsForOperation( importTriggerSpecs, LdapOperation.MODIFYDN_IMPORT );
+ Map<ActionTime, List<TriggerSpecification>> importTriggerMap = getActionTimeMappedTriggerSpecsForOperation( importTriggerSpecs, LdapOperation.MODIFYDN_IMPORT );
- next.move( oriChildName, newParentName );
+ next.move( moveContext );
triggerSpecCache.subentryRenamed( oldDN, newDN );
// Fire AFTER Triggers.
- List afterExportTriggerSpecs = ( List ) exportTriggerMap.get( ActionTime.AFTER );
- List afterImportTriggerSpecs = ( List ) importTriggerMap.get( ActionTime.AFTER );
+ List<TriggerSpecification> afterExportTriggerSpecs = exportTriggerMap.get( ActionTime.AFTER );
+ List<TriggerSpecification> afterImportTriggerSpecs = importTriggerMap.get( ActionTime.AFTER );
executeTriggers( afterExportTriggerSpecs, injector, callerRootCtx );
executeTriggers( afterImportTriggerSpecs, injector, callerRootCtx );
}
@@ -552,15 +556,15 @@
// Utility Methods
////////////////////////////////////////////////////////////////////////////
- private Object executeTriggers( List triggerSpecs, StoredProcedureParameterInjector injector, ServerLdapContext callerRootCtx ) throws NamingException
+ private Object executeTriggers( List<TriggerSpecification> triggerSpecs, StoredProcedureParameterInjector injector, ServerLdapContext callerRootCtx ) throws NamingException
{
Object result = null;
- Iterator it = triggerSpecs.iterator();
+ Iterator<TriggerSpecification> it = triggerSpecs.iterator();
while( it.hasNext() )
{
- TriggerSpecification tsec = ( TriggerSpecification ) it.next();
+ TriggerSpecification tsec = it.next();
// TODO: Replace the Authorization Code with a REAL one.
if ( triggerExecutionAuthorizer.hasPermission() )
@@ -582,22 +586,28 @@
private Object executeTrigger( TriggerSpecification tsec, StoredProcedureParameterInjector injector, ServerLdapContext callerRootCtx ) throws NamingException
{
- List arguments = new ArrayList();
- arguments.addAll( injector.getArgumentsToInject( tsec.getStoredProcedureParameters() ) );
- List typeList = new ArrayList();
- typeList.addAll( getTypesFromValues( arguments ) );
+ List<Object> returnValues = new ArrayList<Object>();
+ List<SPSpec> spSpecs = tsec.getSPSpecs();
+ for ( SPSpec spSpec : spSpecs )
+ {
+ List<Object> arguments = new ArrayList<Object>();
+ arguments.addAll( injector.getArgumentsToInject( spSpec.getParameters() ) );
+ List<Class> typeList = new ArrayList<Class>();
+ typeList.addAll( getTypesFromValues( arguments ) );
+ Class[] types = getTypesFromValues( arguments ).toArray( EMPTY_CLASS_ARRAY );
+ Object[] values = arguments.toArray();
+ Object returnValue = executeProcedure( callerRootCtx, spSpec.getName(), types, values );
+ returnValues.add(returnValue);
+ }
- Class[] types = ( Class[] ) ( getTypesFromValues( arguments ).toArray( EMPTY_CLASS_ARRAY ) );
- Object[] values = arguments.toArray();
-
- return executeProcedure( callerRootCtx, tsec.getStoredProcedureName(), types, values );
+ return returnValues;
}
private static Class[] EMPTY_CLASS_ARRAY = new Class[ 0 ];
- private List getTypesFromValues( List objects )
+ private List<Class> getTypesFromValues( List objects )
{
- List types = new ArrayList();
+ List<Class> types = new ArrayList<Class>();
Iterator it = objects.iterator();
diff --git a/core/src/main/java/org/apache/directory/server/core/trigger/TriggerSpecCache.java b/core/src/main/java/org/apache/directory/server/core/trigger/TriggerSpecCache.java
index a07ebb7..9b13c2f 100644
--- a/core/src/main/java/org/apache/directory/server/core/trigger/TriggerSpecCache.java
+++ b/core/src/main/java/org/apache/directory/server/core/trigger/TriggerSpecCache.java
@@ -38,8 +38,12 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.filter.AssertionEnum;
import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.filter.SimpleNode;
@@ -65,8 +69,6 @@
{
/** the attribute id for prescriptive trigger: prescriptiveTrigger */
private static final String PRESCRIPTIVE_TRIGGER_ATTR = "prescriptiveTriggerSpecification";
- /** the attribute id for an object class: objectClass */
- private static final String OC_ATTR = "objectClass";
/** the object class for trigger subentries: triggerExecutionSubentry */
private static final String TRIGGER_SUBENTRY_OC = "triggerExecutionSubentry";
@@ -76,7 +78,7 @@
/** cloned startup environment properties we use for subentry searching */
private final Hashtable env;
/** a map of strings to TriggerSpecification collections */
- private final Map triggerSpecs = new HashMap();
+ private final Map<String, List<TriggerSpecification>> triggerSpecs = new HashMap<String, List<TriggerSpecification>>();
/** a handle on the partition nexus */
private final PartitionNexus nexus;
/** a normalizing TriggerSpecification parser */
@@ -111,20 +113,25 @@
// search all naming contexts for trigger subentenries
// generate TriggerSpecification arrays for each subentry
// add that subentry to the hash
- Iterator suffixes = nexus.listSuffixes();
+ Iterator suffixes = nexus.listSuffixes( null );
+
while ( suffixes.hasNext() )
{
String suffix = ( String ) suffixes.next();
LdapDN baseDn = new LdapDN( suffix );
- ExprNode filter = new SimpleNode( OC_ATTR, TRIGGER_SUBENTRY_OC, AssertionEnum.EQUALITY );
+ ExprNode filter = new SimpleNode( SchemaConstants.OBJECT_CLASS_AT, TRIGGER_SUBENTRY_OC, AssertionEnum.EQUALITY );
SearchControls ctls = new SearchControls();
ctls.setSearchScope( SearchControls.SUBTREE_SCOPE );
- NamingEnumeration results = nexus.search( baseDn, env, filter, ctls );
+ NamingEnumeration results =
+ nexus.search(
+ new SearchOperationContext( baseDn, env, filter, ctls ) );
+
while ( results.hasMore() )
{
SearchResult result = ( SearchResult ) results.next();
String subentryDn = result.getName();
Attribute triggerSpec = result.getAttributes().get( PRESCRIPTIVE_TRIGGER_ATTR );
+
if ( triggerSpec == null )
{
log.warn( "Found triggerExecutionSubentry '" + subentryDn + "' without any " + PRESCRIPTIVE_TRIGGER_ATTR );
@@ -135,6 +142,7 @@
normSubentryName.normalize( attrRegistry.getNormalizerMapping() );
subentryAdded( normSubentryName, result.getAttributes() );
}
+
results.close();
}
}
@@ -156,12 +164,14 @@
{
// only do something if the entry contains prescriptiveTrigger
Attribute triggerSpec = entry.get( PRESCRIPTIVE_TRIGGER_ATTR );
- if ( !hasPrescriptiveTrigger( entry ) )
+
+ if ( triggerSpec == null )
{
return;
}
- List subentryTriggerSpecs = new ArrayList();
+ List<TriggerSpecification> subentryTriggerSpecs = new ArrayList<TriggerSpecification>();
+
for ( int ii = 0; ii < triggerSpec.size(); ii++ )
{
TriggerSpecification item = null;
@@ -169,15 +179,16 @@
try
{
item = triggerSpecParser.parse( ( String ) triggerSpec.get( ii ) );
+ subentryTriggerSpecs.add( item );
}
catch ( ParseException e )
{
String msg = "TriggerSpecification parser failure on '" + item + "'. Cannnot add Trigger Specificaitons to TriggerSpecCache.";
log.error( msg, e );
}
-
- subentryTriggerSpecs.add( item );
+
}
+
triggerSpecs.put( normName.toString(), subentryTriggerSpecs );
}
@@ -193,18 +204,23 @@
}
- public void subentryModified( LdapDN normName, ModificationItemImpl[] mods, Attributes entry ) throws NamingException
+ public void subentryModified( OperationContext opContext, Attributes entry ) throws NamingException
{
if ( !hasPrescriptiveTrigger( entry ) )
{
return;
}
+ LdapDN normName = opContext.getDn();
+ ModificationItemImpl[] mods = ((ModifyOperationContext)opContext).getModItems();
+
boolean isTriggerSpecModified = false;
+
for ( int ii = 0; ii < mods.length; ii++ )
{
isTriggerSpecModified |= mods[ii].getAttribute().contains( PRESCRIPTIVE_TRIGGER_ATTR );
}
+
if ( isTriggerSpecModified )
{
subentryDeleted( normName, entry );
@@ -213,27 +229,12 @@
}
- public void subentryModified( LdapDN normName, int modOp, Attributes mods, Attributes entry ) throws NamingException
+ public List<TriggerSpecification> getSubentryTriggerSpecs( String subentryDn )
{
- if ( !hasPrescriptiveTrigger( entry ) )
- {
- return;
- }
-
- if ( mods.get( PRESCRIPTIVE_TRIGGER_ATTR ) != null )
- {
- subentryDeleted( normName, entry );
- subentryAdded( normName, entry );
- }
- }
-
-
- public List getSubentryTriggerSpecs( String subentryDn )
- {
- List subentryTriggerSpecs = ( List ) triggerSpecs.get( subentryDn );
+ List<TriggerSpecification> subentryTriggerSpecs = triggerSpecs.get( subentryDn );
if ( subentryTriggerSpecs == null )
{
- return Collections.EMPTY_LIST;
+ return Collections.emptyList();
}
return Collections.unmodifiableList( subentryTriggerSpecs );
}
diff --git a/core/src/main/resources/META-INF/LICENSE.txt b/core/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..c13db16
--- /dev/null
+++ b/core/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,301 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/core/src/main/resources/META-INF/NOTICE.txt b/core/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/core/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/core/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticatorOneWayEncryptedTest.java b/core/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticatorOneWayEncryptedTest.java
index 8ab30e7..6d96d00 100644
--- a/core/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticatorOneWayEncryptedTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/authn/SimpleAuthenticatorOneWayEncryptedTest.java
@@ -21,9 +21,8 @@
package org.apache.directory.server.core.authn;
-import java.security.NoSuchAlgorithmException;
-
import org.apache.directory.server.core.authn.SimpleAuthenticator;
+import org.apache.directory.shared.ldap.util.StringTools;
import junit.framework.TestCase;
@@ -48,24 +47,24 @@
public void testGetAlgorithmForHashedPassword()
{
String digestetValue = "{SHA}LhkDrSoM6qr0fW6hzlfOJQW61tc=";
- assertEquals( "SHA", auth.getAlgorithmForHashedPassword( digestetValue ) );
+ assertEquals( "SHA", auth.getAlgorithmForHashedPassword( StringTools.getBytesUtf8( digestetValue ) ) );
assertEquals( "SHA", auth.getAlgorithmForHashedPassword( digestetValue.getBytes() ) );
String noAlgorithm = "Secret1!";
- assertEquals( null, auth.getAlgorithmForHashedPassword( noAlgorithm ) );
+ assertEquals( null, auth.getAlgorithmForHashedPassword( StringTools.getBytesUtf8( noAlgorithm ) ) );
assertEquals( null, auth.getAlgorithmForHashedPassword( noAlgorithm.getBytes() ) );
String unknownAlgorithm = "{XYZ}LhkDrSoM6qr0fW6hzlfOJQW61tc=";
- assertEquals( null, auth.getAlgorithmForHashedPassword( unknownAlgorithm ) );
+ assertEquals( null, auth.getAlgorithmForHashedPassword( StringTools.getBytesUtf8( unknownAlgorithm ) ) );
assertEquals( null, auth.getAlgorithmForHashedPassword( unknownAlgorithm.getBytes() ) );
}
- public void testCreateDigestedPassword() throws NoSuchAlgorithmException
+ public void testCreateDigestedPassword() throws IllegalArgumentException
{
String pwd = "Secret1!";
String expected = "{SHA}znbJr3+tymFoQD4+Njh4ITtI7Cc=";
- String digested = auth.createDigestedPassword( "SHA", pwd );
+ String digested = auth.createDigestedPassword( "SHA", StringTools.getBytesUtf8( pwd ) );
assertEquals( expected, digested );
}
diff --git a/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java b/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
index fde5b25..9f72762 100644
--- a/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/authz/support/MaxImmSubFilterTest.java
@@ -34,6 +34,7 @@
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import junit.framework.Assert;
import junit.framework.TestCase;
@@ -41,6 +42,7 @@
import org.apache.directory.server.core.DirectoryService;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.DirectoryServiceListener;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
import org.apache.directory.server.core.jndi.DeadContext;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
import org.apache.directory.shared.ldap.aci.ACITuple;
@@ -152,22 +154,21 @@
final int count;
- public MockProxy(int count)
+ public MockProxy(int count) throws NamingException
{
super( new DeadContext(), new MockDirectoryService() );
this.count = count;
}
- public NamingEnumeration search( LdapDN base, Map env, ExprNode filter, SearchControls searchCtls )
+ public NamingEnumeration<SearchResult> search( OperationContext opContext )
throws NamingException
{
return new BogusEnumeration( count );
}
- public NamingEnumeration search( LdapDN base, Map env, ExprNode filter, SearchControls searchCtls,
- Collection bypass ) throws NamingException
+ public NamingEnumeration<SearchResult> search( OperationContext opContext, Collection bypass ) throws NamingException
{
return new BogusEnumeration( count );
}
diff --git a/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java b/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
index 68913f3..732f5a6 100644
--- a/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/interceptor/InterceptorChainTest.java
@@ -21,36 +21,34 @@
import java.util.ArrayList;
-import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
-import java.util.Map;
+import java.util.Set;
+
+import javax.naming.Context;
+import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.SearchResult;
import junit.framework.TestCase;
import org.apache.directory.server.core.DirectoryService;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
import org.apache.directory.server.core.DirectoryServiceListener;
-import org.apache.directory.server.core.configuration.PartitionConfiguration;
import org.apache.directory.server.core.configuration.InterceptorConfiguration;
import org.apache.directory.server.core.configuration.MutableInterceptorConfiguration;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
import org.apache.directory.server.core.invocation.Invocation;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.jndi.DeadContext;
import org.apache.directory.server.core.partition.PartitionNexusProxy;
-import org.apache.directory.shared.ldap.filter.ExprNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
-import javax.naming.NamingException;
-import javax.naming.NamingEnumeration;
-import javax.naming.Context;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.SearchControls;
-
/**
* Unit test cases for InterceptorChain methods.
@@ -64,7 +62,7 @@
{ new MockInterceptor( "0" ), new MockInterceptor( "1" ), new MockInterceptor( "2" ),
new MockInterceptor( "3" ), new MockInterceptor( "4" ) };
private InterceptorChain chain;
- private List interceptors = new ArrayList( interceptorArray.length );
+ private List<Interceptor> interceptors = new ArrayList<Interceptor>( interceptorArray.length );
protected void setUp() throws Exception
@@ -100,7 +98,7 @@
try
{
- chain.lookup( dn );
+ chain.lookup( new LookupOperationContext( dn ) );
}
catch ( Exception e )
{
@@ -126,7 +124,7 @@
try
{
- chain.lookup( dn );
+ chain.lookup( new LookupOperationContext( dn ) );
}
catch ( Exception e )
{
@@ -150,7 +148,7 @@
Context ctx = new DeadContext();
DirectoryService ds = new MockDirectoryService();
PartitionNexusProxy proxy = new PartitionNexusProxy( ctx, ds );
- Collection bypass = new HashSet();
+ Set<String> bypass = new HashSet<String>();
bypass.add( "0" );
bypass.add( "1" );
Invocation i = new Invocation( proxy, ctx, "lookup", new Object[]
@@ -159,7 +157,7 @@
try
{
- chain.lookup( dn );
+ chain.lookup( new LookupOperationContext( dn ) );
}
catch ( Exception e )
{
@@ -184,7 +182,7 @@
Context ctx = new DeadContext();
DirectoryService ds = new MockDirectoryService();
PartitionNexusProxy proxy = new PartitionNexusProxy( ctx, ds );
- Collection bypass = new HashSet();
+ Set<String> bypass = new HashSet<String>();
bypass.add( "0" );
bypass.add( "4" );
Invocation i = new Invocation( proxy, ctx, "lookup", new Object[]
@@ -193,7 +191,7 @@
try
{
- chain.lookup( dn );
+ chain.lookup( new LookupOperationContext( dn ) );
}
catch ( Exception e )
{
@@ -214,7 +212,7 @@
Context ctx = new DeadContext();
DirectoryService ds = new MockDirectoryService();
PartitionNexusProxy proxy = new PartitionNexusProxy( ctx, ds );
- Collection bypass = new HashSet();
+ Set<String> bypass = new HashSet<String>();
bypass.add( "1" );
bypass.add( "3" );
Invocation i = new Invocation( proxy, ctx, "lookup", new Object[]
@@ -223,7 +221,7 @@
try
{
- chain.lookup( dn );
+ chain.lookup( new LookupOperationContext( dn ) );
}
catch ( Exception e )
{
@@ -250,7 +248,7 @@
try
{
- chain.lookup( dn );
+ chain.lookup( new LookupOperationContext( dn ) );
}
catch ( Exception e )
{
@@ -287,163 +285,141 @@
}
- public Attributes getRootDSE( NextInterceptor next ) throws NamingException
+ public Attributes getRootDSE( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- return next.getRootDSE();
+ return next.getRootDSE( opContext );
}
- public LdapDN getMatchedName ( NextInterceptor next, LdapDN name ) throws NamingException
+ public LdapDN getMatchedName ( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- return next.getMatchedName( name );
+ return next.getMatchedName( opContext );
}
- public LdapDN getSuffix ( NextInterceptor next, LdapDN name ) throws NamingException
+ public LdapDN getSuffix ( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- return next.getSuffix( name );
+ return next.getSuffix( opContext );
}
- public Iterator listSuffixes ( NextInterceptor next ) throws NamingException
+ public Iterator listSuffixes ( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- return next.listSuffixes();
+ return next.listSuffixes( opContext );
}
- public void addContextPartition( NextInterceptor next, PartitionConfiguration cfg )
+ public void addContextPartition( NextInterceptor next, OperationContext opContext )
throws NamingException
{
interceptors.add( this );
- next.addContextPartition( cfg );
+ next.addContextPartition( opContext );
}
- public void removeContextPartition( NextInterceptor next, LdapDN suffix ) throws NamingException
+ public void removeContextPartition( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- next.removeContextPartition( suffix );
+ next.removeContextPartition( opContext );
}
- public boolean compare( NextInterceptor next, LdapDN name, String oid, Object value ) throws NamingException
+ public boolean compare( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- return next.compare( name, oid, value );
+ return next.compare( opContext );
}
- public void delete( NextInterceptor next, LdapDN name ) throws NamingException
+ public void delete( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- next.delete( name );
+ next.delete( opContext );
}
- public void add(NextInterceptor next, LdapDN name, Attributes entry)
+ public void add(NextInterceptor next, OperationContext opContext )
throws NamingException
{
interceptors.add( this );
- next.add(name, entry );
+ next.add( opContext );
}
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes attributes ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- next.modify( name, modOp, attributes );
+ next.modify( opContext );
}
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] items ) throws NamingException
+ public NamingEnumeration list( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- next.modify( name, items );
+ return next.list( opContext );
}
- public NamingEnumeration list( NextInterceptor next, LdapDN baseName ) throws NamingException
+ public NamingEnumeration<SearchResult> search( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- return next.list( baseName );
+ return next.search( opContext );
}
- public NamingEnumeration search( NextInterceptor next, LdapDN baseName, Map environment, ExprNode filter,
- SearchControls searchControls ) throws NamingException
+ public Attributes lookup( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- return next.search( baseName, environment, filter, searchControls );
+ return next.lookup( opContext );
}
- public Attributes lookup( NextInterceptor next, LdapDN name ) throws NamingException
+ public boolean hasEntry( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- return next.lookup( name );
+ return next.hasEntry( opContext );
}
- public Attributes lookup( NextInterceptor next, LdapDN dn, String[] attrIds ) throws NamingException
- {
- interceptors.add( this );
- return next.lookup( dn, attrIds );
- }
-
-
- public boolean hasEntry( NextInterceptor next, LdapDN name ) throws NamingException
- {
- interceptors.add( this );
- return next.hasEntry( name );
- }
-
-
- public boolean isSuffix( NextInterceptor next, LdapDN name ) throws NamingException
- {
- interceptors.add( this );
- return next.isSuffix( name );
- }
-
-
- public void modifyRn( NextInterceptor next, LdapDN name, String newRn, boolean deleteOldRn )
+ public void rename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
interceptors.add( this );
- next.modifyRn( name, newRn, deleteOldRn );
+ next.rename( opContext );
}
- public void move( NextInterceptor next, LdapDN oldName, LdapDN newParentName ) throws NamingException
+ public void move( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- next.move( oldName, newParentName );
+ next.move( opContext );
}
- public void move( NextInterceptor next, LdapDN oldName, LdapDN newParentName, String newRn, boolean deleteOldRn )
+ public void moveAndRename( NextInterceptor next, OperationContext opContext )
throws NamingException
{
interceptors.add( this );
- next.move( oldName, newParentName, newRn, deleteOldRn );
+ next.moveAndRename( opContext );
}
- public void bind( NextInterceptor next, LdapDN bindDn, byte[] credentials, List mechanisms, String saslAuthId )
- throws NamingException
+ public void bind( NextInterceptor next, OperationContext opContext )
+ throws NamingException
{
interceptors.add( this );
- next.bind( bindDn, credentials, mechanisms, saslAuthId );
+ next.bind( opContext );
}
- public void unbind( NextInterceptor next, LdapDN bindDn ) throws NamingException
+ public void unbind( NextInterceptor next, OperationContext opContext ) throws NamingException
{
interceptors.add( this );
- next.unbind( bindDn );
+ next.unbind( opContext );
}
}
diff --git a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributeSerializerTest.java b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributeSerializerTest.java
deleted file mode 100644
index fd9719a..0000000
--- a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributeSerializerTest.java
+++ /dev/null
@@ -1,245 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.core.partition.impl.btree.jdbm;
-
-
-import java.io.IOException;
-
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-
-import org.apache.directory.shared.ldap.message.AttributeImpl;
-import org.apache.directory.shared.ldap.util.ArrayUtils;
-
-import junit.framework.TestCase;
-
-
-/**
- * Tests the {@link AttributeSerializer}.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public class AttributeSerializerTest extends TestCase
-{
- public void testGetLengthBytes()
- {
- // test first 10 values
- for ( int ii = 0; ii < 10; ii++ )
- {
- byte[] bites = AttributeSerializer.getLengthBytes( ii );
- int deserialized = AttributeSerializer.getLength( bites );
- assertEquals( ii, deserialized );
- }
-
- // test first byte boundry
- for ( int ii = 250; ii < 260; ii++ )
- {
- byte[] bites = AttributeSerializer.getLengthBytes( ii );
- int deserialized = AttributeSerializer.getLength( bites );
- assertEquals( ii, deserialized );
- }
-
- // test 2nd byte boundry
- for ( int ii = 65530; ii < 65540; ii++ )
- {
- byte[] bites = AttributeSerializer.getLengthBytes( ii );
- int deserialized = AttributeSerializer.getLength( bites );
- assertEquals( ii, deserialized );
- }
-
- // test 3rd byte boundry
- for ( int ii = 16777210; ii < 16777220; ii++ )
- {
- byte[] bites = AttributeSerializer.getLengthBytes( ii );
- int deserialized = AttributeSerializer.getLength( bites );
- assertEquals( ii, deserialized );
- }
- }
-
-
- public void testWriteLengthBytes0()
- {
- byte[] buf = new byte[7];
-
- int pos = AttributeSerializer.writeLengthBytes( buf, 23 );
- assertEquals( 4, pos );
- assertEquals( 0, buf[0] );
- assertEquals( 0, buf[1] );
- assertEquals( 0, buf[2] );
- assertEquals( 23, buf[3] );
- assertEquals( 0, buf[4] );
- assertEquals( 0, buf[5] );
- assertEquals( 0, buf[6] );
-
- pos = AttributeSerializer.writeValueBytes( buf, "a", pos );
- assertEquals( 6, pos );
- assertEquals( 0, buf[4] );
- assertEquals( 97, buf[5] );
- assertEquals( 0, buf[6] );
- }
-
-
- public void testWriteValueBytes0()
- {
- byte[] buf = new byte[20];
-
- int pos = AttributeSerializer.writeLengthBytes( buf, 23 );
- assertEquals( 4, pos );
- assertEquals( 0, buf[0] );
- assertEquals( 0, buf[1] );
- assertEquals( 0, buf[2] );
- assertEquals( 23, buf[3] );
- assertEquals( 0, buf[4] );
- assertEquals( 0, buf[5] );
- assertEquals( 0, buf[6] );
-
- pos = AttributeSerializer.writeValueBytes( buf, "abc", pos );
- assertEquals( 10, pos );
- assertEquals( 0, buf[4] );
- assertEquals( 97, buf[5] );
- assertEquals( 0, buf[6] );
- assertEquals( 98, buf[7] );
- assertEquals( 0, buf[8] );
- assertEquals( 99, buf[9] );
- assertEquals( 0, buf[10] ); // here now
- assertEquals( 0, buf[11] );
- assertEquals( 0, buf[12] );
-
- pos = AttributeSerializer.write( buf, "def", pos );
- assertEquals( 20, pos );
- assertEquals( 0, buf[10] );
- assertEquals( 0, buf[11] );
- assertEquals( 0, buf[12] );
- assertEquals( 6, buf[13] );
-
- assertEquals( 0, buf[14] );
- assertEquals( 100, buf[15] );
- assertEquals( 0, buf[16] );
- assertEquals( 101, buf[17] );
- assertEquals( 0, buf[18] );
- assertEquals( 102, buf[19] );
- }
-
-
- public void testReadString()
- {
- byte[] buf = new byte[26];
-
- // let's write the length so we can read it
- int pos = AttributeSerializer.writeLengthBytes( buf, 6 );
- assertEquals( 4, pos );
- assertEquals( 0, buf[0] );
- assertEquals( 0, buf[1] );
- assertEquals( 0, buf[2] );
- assertEquals( 6, buf[3] );
-
- // let's write the value so we can read it
- pos = AttributeSerializer.writeValueBytes( buf, "abc", pos );
- assertEquals( 10, pos );
- assertEquals( 0, buf[4] );
- assertEquals( 97, buf[5] );
- assertEquals( 0, buf[6] );
- assertEquals( 98, buf[7] );
- assertEquals( 0, buf[8] );
- assertEquals( 99, buf[9] );
-
- // let's write another string as well
- pos = AttributeSerializer.write( buf, "defgh", pos );
- assertEquals( 24, pos );
- assertEquals( 0, buf[10] );
- assertEquals( 0, buf[11] );
- assertEquals( 0, buf[12] );
- assertEquals( 10, buf[13] );
-
- assertEquals( 0, buf[14] );
- assertEquals( 100, buf[15] );
- assertEquals( 0, buf[16] );
- assertEquals( 101, buf[17] );
- assertEquals( 0, buf[18] );
- assertEquals( 102, buf[19] );
- assertEquals( 0, buf[20] );
- assertEquals( 103, buf[21] );
- assertEquals( 0, buf[22] );
- assertEquals( 104, buf[23] );
- assertEquals( 0, buf[24] );
- assertEquals( 0, buf[25] );
-
- // now let's read "abc"
- String s1 = AttributeSerializer.readString( buf );
- assertEquals( "abc", s1 );
- }
-
-
- public void testFullCycleNonBinaryAttribute() throws IOException
- {
- AttributeImpl attr = new AttributeImpl( "testing" );
- AttributeSerializer serializer = new AttributeSerializer();
- attr.add( "value0" );
- attr.add( "val1" );
- attr.add( "anything over here!" );
-
- byte[] serialized = serializer.serialize( attr );
- Attribute deserialized = ( Attribute ) serializer.deserialize( serialized );
- assertEquals( attr, deserialized );
- }
-
-
- public void testFullCycleBinaryAttribute() throws IOException, NamingException
- {
- AttributeImpl attr = new AttributeImpl( "testing" );
- AttributeSerializer serializer = new AttributeSerializer();
- byte[] ba0 = new byte[2];
- ba0[0] = 7;
- ba0[1] = 23;
- attr.add( ba0 );
- byte[] ba1 = new byte[3];
- ba1[0] = 34;
- ba1[1] = 111;
- ba1[2] = 67;
- attr.add( ba1 );
-
- byte[] serialized = serializer.serialize( attr );
- Attribute deserialized = ( Attribute ) serializer.deserialize( serialized );
- ArrayUtils.isEquals( ba0, deserialized.get() );
- ArrayUtils.isEquals( ba1, deserialized.get( 1 ) );
- }
-
-
- public void doSerializerSpeedTest() throws IOException
- {
- final int limit = 1000000;
- long start = System.currentTimeMillis();
- for ( int ii = 0; ii < limit; ii++ )
- {
- AttributeImpl attr = new AttributeImpl( "testing" );
- AttributeSerializer serializer = new AttributeSerializer();
- attr.add( "value0" );
- attr.add( "val1" );
- attr.add( "anything over here!" );
-
- byte[] serialized = serializer.serialize( attr );
- serializer.deserialize( serialized );
- }
-
- System.out.println( limit + " attributes with 3 values each were serialized and deserialized in "
- + ( System.currentTimeMillis() - start ) + " (ms)" );
- }
-}
diff --git a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializerTest.java b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializerTest.java
index 8718627..326cb2a 100644
--- a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializerTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializerTest.java
@@ -25,6 +25,7 @@
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.util.ArrayUtils;
+import org.apache.directory.shared.ldap.util.AttributesSerializerUtils;
import junit.framework.TestCase;
@@ -58,7 +59,7 @@
attrs.put( attr0 );
attrs.put( attr1 );
- AttributesSerializer serializer = new AttributesSerializer();
+ AttributesSerializerUtils serializer = new AttributesSerializerUtils();
byte[] buf = serializer.serialize( attrs );
AttributesImpl deserialized = ( AttributesImpl ) serializer.deserialize( buf );
diff --git a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeEnumerationTest.java b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeEnumerationTest.java
index 2d22765..0a13ae3 100644
--- a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeEnumerationTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeEnumerationTest.java
@@ -22,15 +22,16 @@
import java.io.File;
import java.io.IOException;
-import java.math.BigInteger;
import javax.naming.NamingException;
+import org.apache.directory.shared.ldap.util.LongComparator;
+
import jdbm.RecordManager;
import jdbm.btree.BTree;
import jdbm.recman.BaseRecordManager;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+//import org.apache.directory.shared.ldap.util.BigIntegerComparator;
import junit.framework.TestCase;
@@ -53,7 +54,7 @@
{
tempFile = File.createTempFile( "jdbm", "test" );
rm = new BaseRecordManager( tempFile.getAbsolutePath() );
- tree = BTree.createInstance( rm, new BigIntegerComparator() );
+ tree = BTree.createInstance( rm, new LongComparator() );
}
protected void tearDown() throws Exception
@@ -73,7 +74,7 @@
public void testOneElement() throws IOException, NamingException
{
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
BTreeEnumeration bte = new BTreeEnumeration( tree );
assertTrue( bte.hasMore() );
@@ -91,32 +92,32 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
BTreeEnumeration bte = new BTreeEnumeration( tree );
assertTrue( bte.hasMore() );
- assertEquals( new BigInteger( "1" ), bte.next() );
+ assertEquals( 1L, bte.next() );
assertTrue( bte.hasMore() );
- assertEquals( new BigInteger( "2" ), bte.next() );
+ assertEquals( 2L, bte.next() );
assertTrue( bte.hasMore() );
- assertEquals( new BigInteger( "4" ), bte.next() );
+ assertEquals( 4L, bte.next() );
assertTrue( bte.hasMore() );
- assertEquals( new BigInteger( "5" ), bte.next() );
+ assertEquals( 5L, bte.next() );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
diff --git a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeIteratorTest.java b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeIteratorTest.java
index 1d33d1e..122186d 100644
--- a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeIteratorTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeIteratorTest.java
@@ -22,15 +22,16 @@
import java.io.File;
import java.io.IOException;
-import java.math.BigInteger;
import javax.naming.NamingException;
+import org.apache.directory.shared.ldap.util.LongComparator;
+
import jdbm.RecordManager;
import jdbm.btree.BTree;
import jdbm.recman.BaseRecordManager;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+//import org.apache.directory.shared.ldap.util.BigIntegerComparator;
import junit.framework.TestCase;
@@ -53,7 +54,7 @@
{
tempFile = File.createTempFile( "jdbm", "test" );
rm = new BaseRecordManager( tempFile.getAbsolutePath() );
- tree = BTree.createInstance( rm, new BigIntegerComparator() );
+ tree = BTree.createInstance( rm, new LongComparator() );
}
protected void tearDown() throws Exception
@@ -73,7 +74,7 @@
public void testOneElement() throws IOException, NamingException
{
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
BTreeIterator bte = new BTreeIterator( tree, true );
assertTrue( bte.hasNext() );
@@ -91,32 +92,32 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
BTreeIterator bte = new BTreeIterator( tree, true );
assertTrue( bte.hasNext() );
- assertEquals( new BigInteger( "1" ), bte.next() );
+ assertEquals( 1L, bte.next() );
assertTrue( bte.hasNext() );
- assertEquals( new BigInteger( "2" ), bte.next() );
+ assertEquals( 2L, bte.next() );
assertTrue( bte.hasNext() );
- assertEquals( new BigInteger( "4" ), bte.next() );
+ assertEquals( 4L, bte.next() );
assertTrue( bte.hasNext() );
- assertEquals( new BigInteger( "5" ), bte.next() );
+ assertEquals( 5L, bte.next() );
assertFalse( "iterator consumed should not have elements", bte.hasNext() );
}
@@ -131,32 +132,32 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
BTreeIterator bte = new BTreeIterator( tree, false );
assertTrue( bte.hasNext() );
- assertEquals( new BigInteger( "5" ), bte.next() );
+ assertEquals( 5L, bte.next() );
assertTrue( bte.hasNext() );
- assertEquals( new BigInteger( "4" ), bte.next() );
+ assertEquals( 4L, bte.next() );
assertTrue( bte.hasNext() );
- assertEquals( new BigInteger( "2" ), bte.next() );
+ assertEquals( 2L, bte.next() );
assertTrue( bte.hasNext() );
- assertEquals( new BigInteger( "1" ), bte.next() );
+ assertEquals( 1L, bte.next() );
assertFalse( "iterator consumed should not have elements", bte.hasNext() );
}
diff --git a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeTupleEnumerationTest.java b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeTupleEnumerationTest.java
index 01b0d29..8971399 100644
--- a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeTupleEnumerationTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/BTreeTupleEnumerationTest.java
@@ -22,7 +22,6 @@
import java.io.File;
import java.io.IOException;
-import java.math.BigInteger;
import javax.naming.NamingException;
@@ -31,7 +30,8 @@
import jdbm.recman.BaseRecordManager;
import org.apache.directory.server.core.partition.impl.btree.Tuple;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+import org.apache.directory.shared.ldap.util.LongComparator;
+//import org.apache.directory.shared.ldap.util.BigIntegerComparator;
import junit.framework.TestCase;
@@ -54,7 +54,7 @@
{
tempFile = File.createTempFile( "jdbm", "test" );
rm = new BaseRecordManager( tempFile.getAbsolutePath() );
- tree = BTree.createInstance( rm, new BigIntegerComparator() );
+ tree = BTree.createInstance( rm, new LongComparator() );
}
protected void tearDown() throws Exception
@@ -67,19 +67,19 @@
public void testEmptyBTree() throws NamingException
{
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, BigInteger.ONE );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, 1L );
assertFalse( "enumeration on empty btree should not have elements", bte.hasMore() );
}
public void testOneElement() throws IOException, NamingException
{
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, BigInteger.ONE );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, 1L );
assertTrue( bte.hasMore() );
Tuple tuple = ( Tuple ) bte.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
+ assertEquals( 1L, tuple.getKey() );
assertEquals( value, tuple.getValue() );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
@@ -94,39 +94,39 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, BigInteger.ONE );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, 1L );
Tuple tuple = ( Tuple ) bte.next();
assertTrue( bte.hasMore() );
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "1" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
bte.next();
assertTrue( bte.hasMore() );
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
bte.next();
assertTrue( bte.hasMore() );
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "4" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 4L, tuple.getValue() );
bte.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "5" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 5L, tuple.getValue() );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
@@ -141,30 +141,30 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new BigIntegerComparator(),
- BigInteger.ONE, new BigInteger( "3" ), false );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new LongComparator(),
+ 1L, 3L, false );
Tuple tuple = ( Tuple ) bte.next();
assertTrue( bte.hasMore() );
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
bte.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "1" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
@@ -179,21 +179,21 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new BigIntegerComparator(),
- BigInteger.ONE, BigInteger.ZERO, false );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new LongComparator(),
+ 1L, 0L, false );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
@@ -208,25 +208,25 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new BigIntegerComparator(),
- BigInteger.ONE, BigInteger.ONE, false );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new LongComparator(),
+ 1L, 1L, false );
Tuple tuple = ( Tuple ) bte.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "1" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
@@ -241,30 +241,30 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new BigIntegerComparator(),
- BigInteger.ONE, new BigInteger( "3" ), true );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new LongComparator(),
+ 1L, 3L, true );
Tuple tuple = ( Tuple ) bte.next();
assertTrue( bte.hasMore() );
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "4" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 4L, tuple.getValue() );
bte.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "5" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 5L, tuple.getValue() );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
@@ -279,21 +279,21 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new BigIntegerComparator(),
- BigInteger.ONE, new BigInteger( "6" ), true );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new LongComparator(),
+ 1L, 6L, true );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
@@ -308,25 +308,25 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new BigIntegerComparator(),
- BigInteger.ONE, new BigInteger( "5" ), true );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new LongComparator(),
+ 1L, 5L, true );
Tuple tuple = ( Tuple ) bte.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "5" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 5L, tuple.getValue() );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
@@ -341,35 +341,35 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new BigIntegerComparator(),
- BigInteger.ONE, new BigInteger( "4" ), false );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new LongComparator(),
+ 1L, 4L, false );
Tuple tuple = ( Tuple ) bte.next();
assertTrue( bte.hasMore() );
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "4" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 4L, tuple.getValue() );
bte.next();
assertTrue( bte.hasMore() );
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
bte.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "1" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
@@ -384,30 +384,30 @@
* 4, -
* 5, -
*/
- BigInteger value = new BigInteger( "1" );
+ Long value = 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
- value = value.add( BigInteger.ONE );
+ value += 1L;
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- value = value.add( BigInteger.ONE );
+ value += 1L;
tree.insert( value, EMPTY_BYTES, true );
- BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new BigIntegerComparator(),
- BigInteger.ONE, new BigInteger( "4" ), true );
+ BTreeTupleEnumeration bte = new BTreeTupleEnumeration( tree, new LongComparator(),
+ 1L, 4L, true );
Tuple tuple = ( Tuple ) bte.next();
assertTrue( bte.hasMore() );
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "4" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 4L, tuple.getValue() );
bte.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "5" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 5L, tuple.getValue() );
assertFalse( "enumeration consumed should not have elements", bte.hasMore() );
}
diff --git a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableDupsBTreeTest.java b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableDupsBTreeTest.java
index 43ef546..3e302e6 100644
--- a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableDupsBTreeTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableDupsBTreeTest.java
@@ -22,7 +22,6 @@
import java.io.File;
import java.io.Serializable;
-import java.math.BigInteger;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
@@ -31,9 +30,10 @@
import org.apache.directory.server.core.partition.impl.btree.TupleComparator;
import org.apache.directory.server.schema.SerializableComparator;
import org.apache.directory.shared.ldap.util.ArrayEnumeration;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+import org.apache.directory.shared.ldap.util.LongComparator;
import jdbm.RecordManager;
+import jdbm.helper.LongSerializer;
import jdbm.recman.BaseRecordManager;
import junit.framework.TestCase;
@@ -50,7 +50,7 @@
private static final long serialVersionUID = 1L;
private transient File tempFile = null;
private transient RecordManager rm = null;
- private final BigIntegerComparator biComparator = new BigIntegerComparator();
+ private final LongComparator biComparator = new LongComparator();
private final SerializableComparator serializableComparator = new SerializableComparator( "integerMatchingRule" )
{
private static final long serialVersionUID = 1L;
@@ -108,16 +108,16 @@
rm = new BaseRecordManager( tempFile.getAbsolutePath() );
// make sure the table never uses a btree for duplicates
- table = new JdbmTable( "test", true, 1, rm, comparator );
+ table = new JdbmTable( "test", true, 1, rm, comparator, null, null );
- for ( BigInteger ii = BigInteger.ZERO; ii.intValue() < 3; ii = ii.add( BigInteger.ONE ) )
+ for ( Long ii = 0L; ii.intValue() < 3; ii++ )
{
- table.put( BigInteger.ONE, ii );
+ table.put( 1L, ii );
}
- table.put( new BigInteger( "2" ), BigInteger.ONE );
- table.put( new BigInteger( "4" ), BigInteger.ONE );
- table.put( new BigInteger( "5" ), BigInteger.ONE );
+ table.put( 2L, 1L );
+ table.put( 4L, 1L );
+ table.put( 5L, 1L );
}
protected void tearDown() throws Exception
@@ -142,40 +142,40 @@
public void testHas() throws Exception
{
// test the has( Object ) method
- assertTrue( table.has( BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("2") ) );
- assertTrue( table.has( new BigInteger("4") ) );
- assertTrue( table.has( new BigInteger("5") ) );
- assertFalse( table.has( new BigInteger("3") ) );
- assertFalse( table.has( BigInteger.ZERO ) );
- assertFalse( table.has( new BigInteger( "999" ) ) );
+ assertTrue( table.has( 1L ) );
+ assertTrue( table.has( 2L ) );
+ assertTrue( table.has( 4L ) );
+ assertTrue( table.has( 5L ) );
+ assertFalse( table.has( 3L ) );
+ assertFalse( table.has( 0L ) );
+ assertFalse( table.has( 999L ) );
// test the has( Object, Object ) method
- assertTrue( table.has( BigInteger.ONE, BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("2"), BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("4"), BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("5"), BigInteger.ONE ) );
- assertFalse( table.has( new BigInteger("5"), BigInteger.ZERO ) );
- assertFalse( table.has( new BigInteger("3"), BigInteger.ONE ) );
- assertFalse( table.has( BigInteger.ONE, new BigInteger("999") ) );
- assertFalse( table.has( new BigInteger( "999" ), BigInteger.ONE ) );
+ assertTrue( table.has( 1L, 1L ) );
+ assertTrue( table.has( 2L, 1L ) );
+ assertTrue( table.has( 4L, 1L ) );
+ assertTrue( table.has( 5L, 1L ) );
+ assertFalse( table.has( 5L, 0L ) );
+ assertFalse( table.has( 3L, 1L ) );
+ assertFalse( table.has( 1L, 999L ) );
+ assertFalse( table.has( 999L, 1L ) );
// test the has( Object, boolean ) method
- assertFalse( table.has( BigInteger.ZERO, false ) ); // we do not have a key less than or equal to 0
- assertTrue( table.has( BigInteger.ONE, false ) ); // we do have a key less than or equal to 1
- assertTrue( table.has( BigInteger.ZERO, true ) ); // we do have a key greater than or equal to 0
- assertTrue( table.has( BigInteger.ONE, true ) ); // we do have a key greater than or equal to 1
- assertTrue( table.has( new BigInteger( "5" ), true ) ); // we do have a key greater than or equal to 5
- assertFalse( table.has( new BigInteger( "6" ), true ) ); // we do NOT have a key greater than or equal to 11
- assertFalse( table.has( new BigInteger( "999" ), true ) ); // we do NOT have a key greater than or equal to 12
+ assertFalse( table.has( Long.valueOf( 0L ), false ) ); // we do not have a key less than or equal to 0
+ assertTrue( table.has( Long.valueOf( 1L ), false ) ); // we do have a key less than or equal to 1
+ assertTrue( table.has( Long.valueOf( 0L ), true ) ); // we do have a key greater than or equal to 0
+ assertTrue( table.has( Long.valueOf( 1L ), true ) ); // we do have a key greater than or equal to 1
+ assertTrue( table.has( Long.valueOf( 5L ), true ) ); // we do have a key greater than or equal to 5
+ assertFalse( table.has( Long.valueOf( 6L ), true ) ); // we do NOT have a key greater than or equal to 11
+ assertFalse( table.has( Long.valueOf( 999L ), true ) ); // we do NOT have a key greater than or equal to 12
// test the has( Object, Object, boolean ) method
- assertTrue( table.has( BigInteger.ONE, BigInteger.ZERO, true ) );
- assertTrue( table.has( BigInteger.ONE, BigInteger.ONE, true ) );
- assertTrue( table.has( BigInteger.ONE, new BigInteger("2"), true ) );
- assertFalse( table.has( BigInteger.ONE, new BigInteger("3"), true ) );
- assertTrue( table.has( BigInteger.ONE, BigInteger.ZERO, false ) );
- assertFalse( table.has( BigInteger.ONE, new BigInteger("-1"), false ) );
+ assertTrue( table.has( 1L, 0L, true ) );
+ assertTrue( table.has( 1L, 1L, true ) );
+ assertTrue( table.has( 1L, 2L, true ) );
+ assertFalse( table.has( 1L, 3L, true ) );
+ assertTrue( table.has( 1L, 0L, false ) );
+ assertFalse( table.has( 1L, -1L, false ) );
}
@@ -195,13 +195,13 @@
assertEquals( 6, table.count() );
// test the count(Object) method
- assertEquals( 3, table.count( BigInteger.ONE ) );
- assertEquals( 0, table.count( BigInteger.ZERO ) );
- assertEquals( 1, table.count( new BigInteger( "2" ) ) );
+ assertEquals( 3, table.count( 1L ) );
+ assertEquals( 0, table.count( 0L ) );
+ assertEquals( 1, table.count( 2L ) );
// test the count( Object, boolean ) method
// note for speed this count method returns the same as count()
- assertEquals( table.count(), table.count( BigInteger.ONE, true ) );
+ assertEquals( table.count(), table.count( 1L, true ) );
}
@@ -212,11 +212,11 @@
*/
public void testGet() throws Exception
{
- assertEquals( BigInteger.ZERO, table.get( BigInteger.ONE ) );
- assertEquals( BigInteger.ONE, table.get( new BigInteger( "2" ) ) );
- assertEquals( null, table.get( new BigInteger( "3" ) ) );
- assertEquals( BigInteger.ONE, table.get( new BigInteger( "4" ) ) );
- assertEquals( BigInteger.ONE, table.get( new BigInteger( "5" ) ) );
+ assertEquals( 0L, table.get( 1L ) );
+ assertEquals( 1L, table.get( 2L ) );
+ assertEquals( null, table.get( 3L ) );
+ assertEquals( 1L, table.get( 4L ) );
+ assertEquals( 1L, table.get( 5L ) );
}
@@ -243,33 +243,33 @@
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "4" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 4L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "5" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 5L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
@@ -277,31 +277,31 @@
// test the listTuples(Object) method
// -------------------------------------------------------------------
- tuples = table.listTuples( BigInteger.ZERO );
+ tuples = table.listTuples( 0L );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ) );
+ tuples = table.listTuples( 2L );
assertTrue( tuples.hasMore() );
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE );
+ tuples = table.listTuples( 1L );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertFalse( tuples.hasMore() );
@@ -309,141 +309,141 @@
// test the listTuples(Object, boolean) method
// -------------------------------------------------------------------
- tuples = table.listTuples( BigInteger.ZERO, false );
+ tuples = table.listTuples( 0L, false );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, false );
+ tuples = table.listTuples( 1L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), false );
+ tuples = table.listTuples( 2L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "6" ), true );
+ tuples = table.listTuples( 6L, true );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "5" ), true );
+ tuples = table.listTuples( 5L, true );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "5" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 5L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "4" ), true );
+ tuples = table.listTuples( 4L, true );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "4" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 4L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "5" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 5L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
// -------------------------------------------------------------------
// test the listTuples(Object,Object,boolean) method
// -------------------------------------------------------------------
- tuples = table.listTuples( BigInteger.ZERO, BigInteger.ZERO, true );
+ tuples = table.listTuples( 0L, 0L, true );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ZERO, BigInteger.ZERO, false );
+ tuples = table.listTuples( 0L, 0L, false );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), BigInteger.ZERO, false );
+ tuples = table.listTuples( 2L, 0L, false );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), new BigInteger( "99" ), true );
+ tuples = table.listTuples( 2L, 99L, true );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), BigInteger.ONE, false );
+ tuples = table.listTuples( 2L, 1L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), new BigInteger( "99" ), false );
+ tuples = table.listTuples( 2L, 99L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, new BigInteger( "3" ), true );
+ tuples = table.listTuples( 1L, 3L, true );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, new BigInteger( "-1" ), false );
+ tuples = table.listTuples( 1L, -1L, false );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, new BigInteger( "1" ), true );
+ tuples = table.listTuples( 1L, 1L, true );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, new BigInteger( "1" ), false );
+ tuples = table.listTuples( 1L, 1L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertFalse( tuples.hasMore() );
@@ -459,27 +459,27 @@
// test the listValues(Object) method
// -------------------------------------------------------------------
- NamingEnumeration values = table.listValues( BigInteger.ZERO );
+ NamingEnumeration values = table.listValues( 0L );
assertFalse( values.hasMore() );
- values = table.listValues( new BigInteger( "2" ) );
+ values = table.listValues( 2L );
assertTrue( values.hasMore() );
Object value = values.next();
- assertEquals( BigInteger.ONE, value );
+ assertEquals( 1L, value );
assertFalse( values.hasMore() );
- values = table.listValues( BigInteger.ONE );
+ values = table.listValues( 1L );
assertTrue( values.hasMore() ) ;
value = values.next();
- assertEquals( BigInteger.ZERO, value );
+ assertEquals( 0L, value );
assertTrue( values.hasMore() ) ;
value = values.next();
- assertEquals( BigInteger.ONE, value );
+ assertEquals( 1L, value );
assertTrue( values.hasMore() ) ;
value = values.next();
- assertEquals( new BigInteger( "2" ), value );
+ assertEquals( 2L, value );
assertFalse( values.hasMore() );
}
@@ -498,63 +498,63 @@
// this instead tests the NamingEnumeration overload
NamingEnumeration values = new ArrayNE( new Object[] {
- new BigInteger( "3" ),
- new BigInteger( "4" ),
- new BigInteger( "5" ),
- new BigInteger( "6" ),
+ 3L,
+ 4L,
+ 5L,
+ 6L,
} );
- table.put( BigInteger.ONE, values );
+ table.put( 1L, values );
assertFalse( values.hasMore() );
- values = table.listValues( BigInteger.ONE );
+ values = table.listValues( 1L );
assertTrue( values.hasMore() );
- assertEquals( BigInteger.ZERO, values.next() );
+ assertEquals( 0L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( BigInteger.ONE, values.next() );
+ assertEquals( 1L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "2" ), values.next() );
+ assertEquals( 2L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "3" ), values.next() );
+ assertEquals( 3L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "4" ), values.next() );
+ assertEquals( 4L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "5" ), values.next() );
+ assertEquals( 5L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "6" ), values.next() );
+ assertEquals( 6L, values.next() );
assertFalse( values.hasMore() );
values = new ArrayNE( new Object[] {
- new BigInteger( "3" ),
- new BigInteger( "4" ),
- new BigInteger( "5" ),
- new BigInteger( "6" ),
+ 3L,
+ 4L,
+ 5L,
+ 6L,
} );
- table.put( BigInteger.ZERO, values );
+ table.put( 0L, values );
assertFalse( values.hasMore() );
- values = table.listValues( BigInteger.ZERO );
+ values = table.listValues( 0L );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "3" ), values.next() );
+ assertEquals( 3L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "4" ), values.next() );
+ assertEquals( 4L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "5" ), values.next() );
+ assertEquals( 5L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "6" ), values.next() );
+ assertEquals( 6L, values.next() );
assertFalse( values.hasMore() );
}
@@ -570,19 +570,19 @@
try
{
- table.remove( BigInteger.ZERO );
+ table.remove( 0L );
fail( "should not get here trying to remove non-existent key" );
}
catch ( IllegalArgumentException e )
{
}
- Object value = table.remove( new BigInteger( "2" ) );
- assertEquals( BigInteger.ONE, value );
+ Object value = table.remove( 2L );
+ assertEquals( 1L, value );
assertEquals( 5, table.count() );
- value = table.remove( BigInteger.ONE );
- assertEquals( BigInteger.ZERO, value ); // return first value of dups
+ value = table.remove( 1L );
+ assertEquals( 0L, value ); // return first value of dups
assertEquals( 2, table.count() );
}
@@ -596,15 +596,15 @@
// tests the remove(Object) method
// -------------------------------------------------------------------
- Object value = table.remove( BigInteger.ZERO, BigInteger.ZERO );
+ Object value = table.remove( 0L, 0L );
assertNull( value );
- value = table.remove( new BigInteger( "2" ), BigInteger.ONE );
- assertEquals( BigInteger.ONE, value );
+ value = table.remove( 2L, 1L );
+ assertEquals( 1L, value );
assertEquals( 5, table.count() );
- value = table.remove( BigInteger.ONE, new BigInteger( "2" ) );
- assertEquals( new BigInteger( "2" ), value );
+ value = table.remove( 1L, 2L );
+ assertEquals( 2L, value );
assertEquals( 4, table.count() );
}
@@ -615,12 +615,12 @@
public void testRemoveObjectNamingEnumeration() throws Exception
{
NamingEnumeration values = new ArrayNE( new Object[] {
- new BigInteger( "1" ),
- new BigInteger( "2" )
+ 1L,
+ 2L
} );
- Object value = table.remove( BigInteger.ONE, values );
- assertEquals( BigInteger.ONE, value );
+ Object value = table.remove( 1L, values );
+ assertEquals( 1L, value );
assertEquals( 4, table.count() );
}
diff --git a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableDupsTreeSetTest.java b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableDupsTreeSetTest.java
index 6ce798f..af74cbc 100644
--- a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableDupsTreeSetTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableDupsTreeSetTest.java
@@ -22,7 +22,6 @@
import java.io.File;
import java.io.Serializable;
-import java.math.BigInteger;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
@@ -31,9 +30,10 @@
import org.apache.directory.server.core.partition.impl.btree.TupleComparator;
import org.apache.directory.server.schema.SerializableComparator;
import org.apache.directory.shared.ldap.util.ArrayEnumeration;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+import org.apache.directory.shared.ldap.util.LongComparator;
import jdbm.RecordManager;
+import jdbm.helper.LongSerializer;
import jdbm.recman.BaseRecordManager;
import junit.framework.TestCase;
@@ -50,7 +50,7 @@
private static final long serialVersionUID = 1L;
private transient File tempFile = null;
private transient RecordManager rm = null;
- private final BigIntegerComparator biComparator = new BigIntegerComparator();
+ private final LongComparator biComparator = new LongComparator();
private final SerializableComparator serializableComparator = new SerializableComparator( "integerMatchingRule" )
{
private static final long serialVersionUID = 1L;
@@ -108,16 +108,17 @@
rm = new BaseRecordManager( tempFile.getAbsolutePath() );
// make sure the table never uses a btree for duplicates
- table = new JdbmTable( "test", true, Integer.MAX_VALUE, rm, comparator );
+ table = new JdbmTable( "test", true, Integer.MAX_VALUE, rm,
+ comparator, null, null );
- for ( BigInteger ii = BigInteger.ZERO; ii.intValue() < 3; ii = ii.add( BigInteger.ONE ) )
+ for ( Long ii = 0L; ii.intValue() < 3; ii++ )
{
- table.put( BigInteger.ONE, ii );
+ table.put( 1L, ii );
}
- table.put( new BigInteger( "2" ), BigInteger.ONE );
- table.put( new BigInteger( "4" ), BigInteger.ONE );
- table.put( new BigInteger( "5" ), BigInteger.ONE );
+ table.put( 2L, 1L );
+ table.put( 4L, 1L );
+ table.put( 5L, 1L );
}
protected void tearDown() throws Exception
@@ -143,40 +144,40 @@
public void testHas() throws Exception
{
// test the has( Object ) method
- assertTrue( table.has( BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("2") ) );
- assertTrue( table.has( new BigInteger("4") ) );
- assertTrue( table.has( new BigInteger("5") ) );
- assertFalse( table.has( new BigInteger("3") ) );
- assertFalse( table.has( BigInteger.ZERO ) );
- assertFalse( table.has( new BigInteger( "999" ) ) );
+ assertTrue( table.has( 1L ) );
+ assertTrue( table.has( 2L ) );
+ assertTrue( table.has( 4L ) );
+ assertTrue( table.has( 5L ) );
+ assertFalse( table.has( 3L ) );
+ assertFalse( table.has( 0L ) );
+ assertFalse( table.has( 999L ) );
// test the has( Object, Object ) method
- assertTrue( table.has( BigInteger.ONE, BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("2"), BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("4"), BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("5"), BigInteger.ONE ) );
- assertFalse( table.has( new BigInteger("5"), BigInteger.ZERO ) );
- assertFalse( table.has( new BigInteger("3"), BigInteger.ONE ) );
- assertFalse( table.has( BigInteger.ONE, new BigInteger("999") ) );
- assertFalse( table.has( new BigInteger( "999" ), BigInteger.ONE ) );
+ assertTrue( table.has( 1L, 1L ) );
+ assertTrue( table.has( 2L, 1L ) );
+ assertTrue( table.has( 4L, 1L ) );
+ assertTrue( table.has( 5L, 1L ) );
+ assertFalse( table.has( 5L, 0L ) );
+ assertFalse( table.has( 3L, 1L ) );
+ assertFalse( table.has( 1L, 999L ) );
+ assertFalse( table.has( 999L, 1L ) );
// test the has( Object, boolean ) method
- assertFalse( table.has( BigInteger.ZERO, false ) ); // we do not have a key less than or equal to 0
- assertTrue( table.has( BigInteger.ONE, false ) ); // we do have a key less than or equal to 1
- assertTrue( table.has( BigInteger.ZERO, true ) ); // we do have a key greater than or equal to 0
- assertTrue( table.has( BigInteger.ONE, true ) ); // we do have a key greater than or equal to 1
- assertTrue( table.has( new BigInteger( "5" ), true ) ); // we do have a key greater than or equal to 5
- assertFalse( table.has( new BigInteger( "6" ), true ) ); // we do NOT have a key greater than or equal to 11
- assertFalse( table.has( new BigInteger( "999" ), true ) ); // we do NOT have a key greater than or equal to 12
+ assertFalse( table.has( Long.valueOf( 0 ), false ) ); // we do not have a key less than or equal to 0
+ assertTrue( table.has( Long.valueOf( 1 ), false ) ); // we do have a key less than or equal to 1
+ assertTrue( table.has( Long.valueOf( 0 ), true ) ); // we do have a key greater than or equal to 0
+ assertTrue( table.has( Long.valueOf( 1 ), true ) ); // we do have a key greater than or equal to 1
+ assertTrue( table.has( Long.valueOf( 5 ), true ) ); // we do have a key greater than or equal to 5
+ assertFalse( table.has( Long.valueOf( 6 ), true ) ); // we do NOT have a key greater than or equal to 11
+ assertFalse( table.has( Long.valueOf( 999 ), true ) ); // we do NOT have a key greater than or equal to 12
// test the has( Object, Object, boolean ) method
- assertTrue( table.has( BigInteger.ONE, BigInteger.ZERO, true ) );
- assertTrue( table.has( BigInteger.ONE, BigInteger.ONE, true ) );
- assertTrue( table.has( BigInteger.ONE, new BigInteger("2"), true ) );
- assertFalse( table.has( BigInteger.ONE, new BigInteger("3"), true ) );
- assertTrue( table.has( BigInteger.ONE, BigInteger.ZERO, false ) );
- assertFalse( table.has( BigInteger.ONE, new BigInteger("-1"), false ) );
+ assertTrue( table.has( 1L, 0L, true ) );
+ assertTrue( table.has( 1L, 1L, true ) );
+ assertTrue( table.has( 1L, 2L, true ) );
+ assertFalse( table.has( 1L, 3L, true ) );
+ assertTrue( table.has( 1L, 0L, false ) );
+ assertFalse( table.has( 1L, -1L, false ) );
}
@@ -196,13 +197,13 @@
assertEquals( 6, table.count() );
// test the count(Object) method
- assertEquals( 3, table.count( BigInteger.ONE ) );
- assertEquals( 0, table.count( BigInteger.ZERO ) );
- assertEquals( 1, table.count( new BigInteger( "2" ) ) );
+ assertEquals( 3, table.count( 1L ) );
+ assertEquals( 0, table.count( 0L ) );
+ assertEquals( 1, table.count( 2L ) );
// test the count( Object, boolean ) method
// note for speed this count method returns the same as count()
- assertEquals( table.count(), table.count( BigInteger.ONE, true ) );
+ assertEquals( table.count(), table.count( 1L, true ) );
}
@@ -213,11 +214,11 @@
*/
public void testGet() throws Exception
{
- assertEquals( BigInteger.ZERO, table.get( BigInteger.ONE ) );
- assertEquals( BigInteger.ONE, table.get( new BigInteger( "2" ) ) );
- assertEquals( null, table.get( new BigInteger( "3" ) ) );
- assertEquals( BigInteger.ONE, table.get( new BigInteger( "4" ) ) );
- assertEquals( BigInteger.ONE, table.get( new BigInteger( "5" ) ) );
+ assertEquals( 0L, table.get( 1L ) );
+ assertEquals( 1L, table.get( 2L ) );
+ assertEquals( null, table.get( 3L ) );
+ assertEquals( 1L, table.get( 4L ) );
+ assertEquals( 1L, table.get( 5L ) );
}
@@ -244,33 +245,33 @@
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "4" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 4L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "5" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 5L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
@@ -278,31 +279,31 @@
// test the listTuples(Object) method
// -------------------------------------------------------------------
- tuples = table.listTuples( BigInteger.ZERO );
+ tuples = table.listTuples( 0L );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ) );
+ tuples = table.listTuples( 2L );
assertTrue( tuples.hasMore() );
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE );
+ tuples = table.listTuples( 1L );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertFalse( tuples.hasMore() );
@@ -310,141 +311,141 @@
// test the listTuples(Object, boolean) method
// -------------------------------------------------------------------
- tuples = table.listTuples( BigInteger.ZERO, false );
+ tuples = table.listTuples( 0L, false );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, false );
+ tuples = table.listTuples( 1L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), false );
+ tuples = table.listTuples( 2L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "6" ), true );
+ tuples = table.listTuples( 6L, true );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "5" ), true );
+ tuples = table.listTuples( 5L, true );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "5" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 5L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "4" ), true );
+ tuples = table.listTuples( 4L, true );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "4" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 4L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "5" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 5L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
// -------------------------------------------------------------------
// test the listTuples(Object,Object,boolean) method
// -------------------------------------------------------------------
- tuples = table.listTuples( BigInteger.ZERO, BigInteger.ZERO, true );
+ tuples = table.listTuples( 0L, 0L, true );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ZERO, BigInteger.ZERO, false );
+ tuples = table.listTuples( 0L, 0L, false );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), BigInteger.ZERO, false );
+ tuples = table.listTuples( 2L, 0L, false );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), new BigInteger( "99" ), true );
+ tuples = table.listTuples( 2L, 99L, true );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), BigInteger.ONE, false );
+ tuples = table.listTuples( 2L, 1L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), new BigInteger( "99" ), false );
+ tuples = table.listTuples( 2L, 99L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, new BigInteger( "3" ), true );
+ tuples = table.listTuples( 1L, 3L, true );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, new BigInteger( "-1" ), false );
+ tuples = table.listTuples( 1L, -1L, false );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, new BigInteger( "1" ), true );
+ tuples = table.listTuples( 1L, 1L, true );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "2" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 2L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, new BigInteger( "1" ), false );
+ tuples = table.listTuples( 1L, 1L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ZERO, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 0L, tuple.getValue() );
assertFalse( tuples.hasMore() );
@@ -460,27 +461,27 @@
// test the listValues(Object) method
// -------------------------------------------------------------------
- NamingEnumeration values = table.listValues( BigInteger.ZERO );
+ NamingEnumeration values = table.listValues( 0L );
assertFalse( values.hasMore() );
- values = table.listValues( new BigInteger( "2" ) );
+ values = table.listValues( 2L );
assertTrue( values.hasMore() );
Object value = values.next();
- assertEquals( BigInteger.ONE, value );
+ assertEquals( 1L, value );
assertFalse( values.hasMore() );
- values = table.listValues( BigInteger.ONE );
+ values = table.listValues( 1L );
assertTrue( values.hasMore() ) ;
value = values.next();
- assertEquals( BigInteger.ZERO, value );
+ assertEquals( 0L, value );
assertTrue( values.hasMore() ) ;
value = values.next();
- assertEquals( BigInteger.ONE, value );
+ assertEquals( 1L, value );
assertTrue( values.hasMore() ) ;
value = values.next();
- assertEquals( new BigInteger( "2" ), value );
+ assertEquals( 2L, value );
assertFalse( values.hasMore() );
}
@@ -499,63 +500,63 @@
// this instead tests the NamingEnumeration overload
NamingEnumeration values = new ArrayNE( new Object[] {
- new BigInteger( "3" ),
- new BigInteger( "4" ),
- new BigInteger( "5" ),
- new BigInteger( "6" ),
+ 3L,
+ 4L,
+ 5L,
+ 6L,
} );
- table.put( BigInteger.ONE, values );
+ table.put( 1L, values );
assertFalse( values.hasMore() );
- values = table.listValues( BigInteger.ONE );
+ values = table.listValues( 1L );
assertTrue( values.hasMore() );
- assertEquals( BigInteger.ZERO, values.next() );
+ assertEquals( 0L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( BigInteger.ONE, values.next() );
+ assertEquals( 1L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "2" ), values.next() );
+ assertEquals( 2L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "3" ), values.next() );
+ assertEquals( 3L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "4" ), values.next() );
+ assertEquals( 4L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "5" ), values.next() );
+ assertEquals( 5L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "6" ), values.next() );
+ assertEquals( 6L, values.next() );
assertFalse( values.hasMore() );
values = new ArrayNE( new Object[] {
- new BigInteger( "3" ),
- new BigInteger( "4" ),
- new BigInteger( "5" ),
- new BigInteger( "6" ),
+ 3L,
+ 4L,
+ 5L,
+ 6L,
} );
- table.put( BigInteger.ZERO, values );
+ table.put( 0L, values );
assertFalse( values.hasMore() );
- values = table.listValues( BigInteger.ZERO );
+ values = table.listValues( 0L );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "3" ), values.next() );
+ assertEquals( 3L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "4" ), values.next() );
+ assertEquals( 4L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "5" ), values.next() );
+ assertEquals( 5L, values.next() );
assertTrue( values.hasMore() );
- assertEquals( new BigInteger( "6" ), values.next() );
+ assertEquals( 6L, values.next() );
assertFalse( values.hasMore() );
}
@@ -571,19 +572,19 @@
try
{
- table.remove( BigInteger.ZERO );
+ table.remove( 0L );
fail( "should not get here trying to remove non-existent key" );
}
catch ( IllegalArgumentException e )
{
}
- Object value = table.remove( new BigInteger( "2" ) );
- assertEquals( BigInteger.ONE, value );
+ Object value = table.remove( 2L );
+ assertEquals( 1L, value );
assertEquals( 5, table.count() );
- value = table.remove( BigInteger.ONE );
- assertEquals( BigInteger.ZERO, value ); // return first value of dups
+ value = table.remove( 1L );
+ assertEquals( 0L, value ); // return first value of dups
assertEquals( 2, table.count() );
}
@@ -597,15 +598,15 @@
// tests the remove(Object) method
// -------------------------------------------------------------------
- Object value = table.remove( BigInteger.ZERO, BigInteger.ZERO );
+ Object value = table.remove( 0L, 0L );
assertNull( value );
- value = table.remove( new BigInteger( "2" ), BigInteger.ONE );
- assertEquals( BigInteger.ONE, value );
+ value = table.remove( 2L, 1L );
+ assertEquals( 1L, value );
assertEquals( 5, table.count() );
- value = table.remove( BigInteger.ONE, new BigInteger( "2" ) );
- assertEquals( new BigInteger( "2" ), value );
+ value = table.remove( 1L, 2L );
+ assertEquals( 2L, value );
assertEquals( 4, table.count() );
}
@@ -616,12 +617,12 @@
public void testRemoveObjectNamingEnumeration() throws Exception
{
NamingEnumeration values = new ArrayNE( new Object[] {
- new BigInteger( "1" ),
- new BigInteger( "2" )
+ 1L,
+ 2L
} );
- Object value = table.remove( BigInteger.ONE, values );
- assertEquals( BigInteger.ONE, value );
+ Object value = table.remove( 1L, values );
+ assertEquals( 1L, value );
assertEquals( 4, table.count() );
}
diff --git a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableNoDupsTest.java b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableNoDupsTest.java
index f148e37..e464a9b 100644
--- a/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableNoDupsTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTableNoDupsTest.java
@@ -22,7 +22,6 @@
import java.io.File;
import java.io.Serializable;
-import java.math.BigInteger;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
@@ -31,9 +30,11 @@
import org.apache.directory.server.core.partition.impl.btree.TupleRenderer;
import org.apache.directory.server.schema.SerializableComparator;
import org.apache.directory.shared.ldap.util.ArrayEnumeration;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+import org.apache.directory.shared.ldap.util.LongComparator;
import jdbm.RecordManager;
+import jdbm.helper.LongSerializer;
+import jdbm.helper.Serializer;
import jdbm.recman.BaseRecordManager;
import junit.framework.TestCase;
@@ -50,7 +51,7 @@
private static final long serialVersionUID = 1L;
private transient File tempFile = null;
private transient RecordManager rm = null;
- private final BigIntegerComparator biComparator = new BigIntegerComparator();
+ private final LongComparator biComparator = new LongComparator();
private final SerializableComparator serializableComparator = new SerializableComparator( "integerMatchingRule" )
{
private static final long serialVersionUID = 1L;
@@ -82,12 +83,12 @@
rm = new BaseRecordManager( tempFile.getAbsolutePath() );
// make sure the table does not use duplicates
- table = new JdbmTable( "test", rm, serializableComparator );
+ table = new JdbmTable( "test", rm, serializableComparator, LongSerializer.INSTANCE, LongSerializer.INSTANCE );
- table.put( new BigInteger( "1" ), BigInteger.ONE );
- table.put( new BigInteger( "2" ), BigInteger.ONE );
- table.put( new BigInteger( "4" ), BigInteger.ONE );
- table.put( new BigInteger( "5" ), BigInteger.ONE );
+ table.put( 1L, 1L );
+ table.put( 2L, 1L );
+ table.put( 4L, 1L );
+ table.put( 5L, 1L );
}
protected void tearDown() throws Exception
@@ -119,7 +120,7 @@
table.sync();
table.close();
- table = new JdbmTable( "test", rm, serializableComparator );
+ table = new JdbmTable( "test", rm, serializableComparator, LongSerializer.INSTANCE, LongSerializer.INSTANCE );
}
@@ -137,37 +138,37 @@
public void testHas() throws Exception
{
// test the has( Object ) method
- assertTrue( table.has( BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("2") ) );
- assertTrue( table.has( new BigInteger("4") ) );
- assertTrue( table.has( new BigInteger("5") ) );
- assertFalse( table.has( new BigInteger("3") ) );
- assertFalse( table.has( BigInteger.ZERO ) );
- assertFalse( table.has( new BigInteger( "999" ) ) );
+ assertTrue( table.has( 1L ) );
+ assertTrue( table.has( 2L ) );
+ assertTrue( table.has( 4L ) );
+ assertTrue( table.has( 5L ) );
+ assertFalse( table.has( 3L ) );
+ assertFalse( table.has( 0L ) );
+ assertFalse( table.has( 999L ) );
// test the has( Object, Object ) method
- assertTrue( table.has( BigInteger.ONE, BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("2"), BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("4"), BigInteger.ONE ) );
- assertTrue( table.has( new BigInteger("5"), BigInteger.ONE ) );
- assertFalse( table.has( new BigInteger("5"), BigInteger.ZERO ) );
- assertFalse( table.has( new BigInteger("3"), BigInteger.ONE ) );
- assertFalse( table.has( BigInteger.ONE, new BigInteger("999") ) );
- assertFalse( table.has( new BigInteger( "999" ), BigInteger.ONE ) );
+ assertTrue( table.has( 1L, 1L ) );
+ assertTrue( table.has( 2L, 1L ) );
+ assertTrue( table.has( 4L, 1L ) );
+ assertTrue( table.has( 5L, 1L ) );
+ assertFalse( table.has( 5L, 0L ) );
+ assertFalse( table.has( 3L, 1L ) );
+ assertFalse( table.has( 1L, 999L ) );
+ assertFalse( table.has( 999L, 1L ) );
// test the has( Object, boolean ) method
- assertFalse( table.has( BigInteger.ZERO, false ) ); // we do not have a key less than or equal to 0
- assertTrue( table.has( BigInteger.ONE, false ) ); // we do have a key less than or equal to 1
- assertTrue( table.has( BigInteger.ZERO, true ) ); // we do have a key greater than or equal to 0
- assertTrue( table.has( BigInteger.ONE, true ) ); // we do have a key greater than or equal to 1
- assertTrue( table.has( new BigInteger( "5" ), true ) ); // we do have a key greater than or equal to 5
- assertFalse( table.has( new BigInteger( "6" ), true ) ); // we do NOT have a key greater than or equal to 11
- assertFalse( table.has( new BigInteger( "999" ), true ) ); // we do NOT have a key greater than or equal to 12
+ assertFalse( table.has( Long.valueOf(0), false ) ); // we do not have a key less than or equal to 0
+ assertTrue( table.has( Long.valueOf(1), false ) ); // we do have a key less than or equal to 1
+ assertTrue( table.has( Long.valueOf(0), true ) ); // we do have a key greater than or equal to 0
+ assertTrue( table.has( Long.valueOf(1), true ) ); // we do have a key greater than or equal to 1
+ assertTrue( table.has( Long.valueOf(5), true ) ); // we do have a key greater than or equal to 5
+ assertFalse( table.has( Long.valueOf(6), true ) ); // we do NOT have a key greater than or equal to 11
+ assertFalse( table.has( Long.valueOf(999), true ) ); // we do NOT have a key greater than or equal to 12
// test the has( Object, Object, boolean ) method
try
{
- table.has( BigInteger.ONE, BigInteger.ZERO, true );
+ table.has( 1L, 0L, true );
}
catch ( UnsupportedOperationException usoe )
{
@@ -192,13 +193,13 @@
assertEquals( 4, table.count() );
// test the count(Object) method
- assertEquals( 1, table.count( BigInteger.ONE ) );
- assertEquals( 0, table.count( BigInteger.ZERO ) );
- assertEquals( 1, table.count( new BigInteger( "2" ) ) );
+ assertEquals( 1, table.count( 1L ) );
+ assertEquals( 0, table.count( 0L ) );
+ assertEquals( 1, table.count( 2L ) );
// test the count( Object, boolean ) method
// note for speed this count method returns the same as count()
- assertEquals( table.count(), table.count( BigInteger.ONE, true ) );
+ assertEquals( table.count(), table.count( 1L, true ) );
}
@@ -209,11 +210,11 @@
*/
public void testGet() throws Exception
{
- assertEquals( BigInteger.ONE, table.get( BigInteger.ONE ) );
- assertEquals( BigInteger.ONE, table.get( new BigInteger( "2" ) ) );
- assertEquals( null, table.get( new BigInteger( "3" ) ) );
- assertEquals( BigInteger.ONE, table.get( new BigInteger( "4" ) ) );
- assertEquals( BigInteger.ONE, table.get( new BigInteger( "5" ) ) );
+ assertEquals( 1L, table.get( 1L ) );
+ assertEquals( 1L, table.get( 2L ) );
+ assertEquals( null, table.get( 3L ) );
+ assertEquals( 1L, table.get( 4L ) );
+ assertEquals( 1L, table.get( 5L ) );
}
@@ -240,23 +241,23 @@
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "4" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 4L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "5" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 5L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
@@ -264,69 +265,69 @@
// test the listTuples(Object) method
// -------------------------------------------------------------------
- tuples = table.listTuples( BigInteger.ZERO );
+ tuples = table.listTuples( 0L );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ) );
+ tuples = table.listTuples( 2L );
assertTrue( tuples.hasMore() );
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
// -------------------------------------------------------------------
// test the listTuples(Object, boolean) method
// -------------------------------------------------------------------
- tuples = table.listTuples( BigInteger.ZERO, false );
+ tuples = table.listTuples( 0L, false );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( BigInteger.ONE, false );
+ tuples = table.listTuples( 1L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( new BigInteger( "1" ), tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "2" ), false );
+ tuples = table.listTuples( 2L, false );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "2" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 2L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( BigInteger.ONE, tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 1L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "6" ), true );
+ tuples = table.listTuples( 6L, true );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "5" ), true );
+ tuples = table.listTuples( 5L, true );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "5" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 5L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
- tuples = table.listTuples( new BigInteger( "4" ), true );
+ tuples = table.listTuples( 4L, true );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "4" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 4L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertTrue( tuples.hasMore() ) ;
tuple = ( Tuple ) tuples.next();
- assertEquals( new BigInteger( "5" ), tuple.getKey() );
- assertEquals( BigInteger.ONE, tuple.getValue() );
+ assertEquals( 5L, tuple.getKey() );
+ assertEquals( 1L, tuple.getValue() );
assertFalse( tuples.hasMore() );
// -------------------------------------------------------------------
@@ -335,7 +336,7 @@
try
{
- tuples = table.listTuples( BigInteger.ZERO, BigInteger.ZERO, true );
+ tuples = table.listTuples( 0L, 0L, true );
}
catch( UnsupportedOperationException e )
{
@@ -353,19 +354,19 @@
// test the listValues(Object) method
// -------------------------------------------------------------------
- NamingEnumeration values = table.listValues( BigInteger.ZERO );
+ NamingEnumeration values = table.listValues( 0L );
assertFalse( values.hasMore() );
- values = table.listValues( new BigInteger( "2" ) );
+ values = table.listValues( 2L );
assertTrue( values.hasMore() );
Object value = values.next();
- assertEquals( BigInteger.ONE, value );
+ assertEquals( 1L, value );
assertFalse( values.hasMore() );
- values = table.listValues( BigInteger.ONE );
+ values = table.listValues( 1L );
assertTrue( values.hasMore() ) ;
value = values.next();
- assertEquals( BigInteger.ONE, value );
+ assertEquals( 1L, value );
assertFalse( values.hasMore() );
}
@@ -383,15 +384,15 @@
// this instead tests the NamingEnumeration overload
NamingEnumeration values = new ArrayNE( new Object[] {
- new BigInteger( "3" ),
- new BigInteger( "4" ),
- new BigInteger( "5" ),
- new BigInteger( "6" ),
+ 3L,
+ 4L,
+ 5L,
+ 6L,
} );
try
{
- table.put( BigInteger.ONE, values );
+ table.put( 1L, values );
}
catch( UnsupportedOperationException e )
{
@@ -410,19 +411,19 @@
try
{
- table.remove( BigInteger.ZERO );
+ table.remove( 0L );
fail( "should not get here trying to remove non-existent key" );
}
catch ( IllegalArgumentException e )
{
}
- Object value = table.remove( new BigInteger( "2" ) );
- assertEquals( BigInteger.ONE, value );
+ Object value = table.remove( 2L );
+ assertEquals( 1L, value );
assertEquals( 3, table.count() );
- value = table.remove( BigInteger.ONE );
- assertEquals( BigInteger.ONE, value );
+ value = table.remove( 1L );
+ assertEquals( 1L, value );
assertEquals( 2, table.count() );
}
@@ -436,14 +437,14 @@
// tests the remove(Object) method
// -------------------------------------------------------------------
- Object value = table.remove( BigInteger.ZERO, BigInteger.ZERO );
+ Object value = table.remove( 0L, 0L );
assertNull( value );
- value = table.remove( new BigInteger( "2" ), BigInteger.ONE );
- assertEquals( BigInteger.ONE, value );
+ value = table.remove( 2L, 1L );
+ assertEquals( 1L, value );
assertEquals( 3, table.count() );
- value = table.remove( BigInteger.ONE, new BigInteger( "2" ) );
+ value = table.remove( 1L, 2L );
assertEquals( null, value );
assertEquals( 3, table.count() );
}
@@ -455,13 +456,13 @@
public void testRemoveObjectNamingEnumeration() throws Exception
{
NamingEnumeration values = new ArrayNE( new Object[] {
- new BigInteger( "1" ),
- new BigInteger( "2" )
+ 1L,
+ 2L
} );
try
{
- table.remove( BigInteger.ONE, values );
+ table.remove( 1L, values );
}
catch( UnsupportedOperationException e )
{
diff --git a/core/src/test/java/org/apache/directory/server/core/schema/PartitionSchemaLoaderTest.java b/core/src/test/java/org/apache/directory/server/core/schema/PartitionSchemaLoaderTest.java
index 317064f..6f09814 100644
--- a/core/src/test/java/org/apache/directory/server/core/schema/PartitionSchemaLoaderTest.java
+++ b/core/src/test/java/org/apache/directory/server/core/schema/PartitionSchemaLoaderTest.java
@@ -74,7 +74,7 @@
super.setUp();
// setup working directory
- File workingDirectory = new File( System.getProperty( "workingDirectory" ) );
+ File workingDirectory = new File( System.getProperty( "workingDirectory", System.getProperty( "user.dir" ) ) );
if ( ! workingDirectory.exists() )
{
workingDirectory.mkdirs();
diff --git a/doap_apacheds.rdf b/doap_apacheds.rdf
new file mode 100644
index 0000000..f299d2b
--- /dev/null
+++ b/doap_apacheds.rdf
@@ -0,0 +1,75 @@
+<?xml version="1.0"?>
+<?xml-stylesheet type="text/xsl"?>
+<rdf:RDF xml:lang="en"
+ xmlns="http://usefulinc.com/ns/doap#"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+ xmlns:asfext="http://projects.apache.org/ns/asfext#"
+ xmlns:foaf="http://xmlns.com/foaf/0.1/">
+<!--
+ =======================================================================
+
+ Copyright (c) 2006 The Apache Software Foundation.
+ All rights reserved.
+
+ =======================================================================
+-->
+ <Project rdf:about="http://directory.apache.org">
+ <created>2007-04-17</created>
+ <license rdf:resource="http://usefulinc.com/doap/licenses/asl20" />
+ <name>Apache Directory Server</name>
+ <homepage rdf:resource="http://directory.apache.org" />
+ <asfext:pmc rdf:resource="http://directory.apache.org" />
+ <shortdesc>ApacheDS is an an embeddable directory server entirely written in Java.</shortdesc>
+ <description>ApacheDS is an an embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol.</description>
+ <bug-database rdf:resource="http://issues.apache.org/jira/browse/DIRSERVER" />
+ <mailing-list rdf:resource="http://directory.apache.org/community%26resources/mailing-lists-and-irc.html" />
+ <download-page rdf:resource="http://www.apache.org/dyn/closer.cgi/directory/apacheds/" />
+ <programming-language>Java</programming-language>
+ <category rdf:resource="http://projects.apache.org/category/network-server" />
+
+ <release>
+ <Version>
+ <name>Feature release</name>
+ <created>2007-04-12</created>
+ <revision>1.5.0</revision>
+ </Version>
+ </release>
+
+ <release>
+ <Version>
+ <name>Stable release</name>
+ <created>2007-02-24</created>
+ <revision>1.0.1</revision>
+ </Version>
+ </release>
+
+ <repository>
+ <SVNRepository>
+ <location rdf:resource="http://svn.apache.org/repos/asf/directory/apacheds/"/>
+ <browse rdf:resource="http://svn.apache.org/viewvc/directory/apacheds/"/>
+ </SVNRepository>
+ </repository>
+
+ <maintainer>
+ <foaf:Person>
+ <foaf:name>Stefan Zoerner</foaf:name>
+ <foaf:mbox rdf:resource="mailto:szoerner@apache.org"/>
+ </foaf:Person>
+ </maintainer>
+
+ <asfext:implements><asfext:Standard>
+ <asfext:title>Lightweight Directory Access Protocol (LDAP): The Protocol</asfext:title>
+ <asfext:body>IETF</asfext:body>
+ <asfext:id>RFC 4511</asfext:id>
+ <asfext:url rdf:resource="http://www.ietf.org/rfc/rfc4511.txt"/>
+ </asfext:Standard></asfext:implements>
+
+ <asfext:implements><asfext:Standard>
+ <asfext:title>The Kerberos Network Authentication Service (V5)</asfext:title>
+ <asfext:body>IETF</asfext:body>
+ <asfext:id>RFC 4120</asfext:id>
+ <asfext:url rdf:resource="http://www.ietf.org/rfc/rfc4120.txt"/>
+ </asfext:Standard></asfext:implements>
+
+ </Project>
+</rdf:RDF>
diff --git a/jdbm-store/pom.xml b/jdbm-store/pom.xml
index 6528755..0dd4001 100644
--- a/jdbm-store/pom.xml
+++ b/jdbm-store/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-jdbm-store</artifactId>
<name>ApacheDS JDBM Store</name>
diff --git a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributeSerializer.java b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributeSerializer.java
new file mode 100644
index 0000000..54ce92b
--- /dev/null
+++ b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributeSerializer.java
@@ -0,0 +1,32 @@
+
+package org.apache.directory.server.core.partition.impl.btree.jdbm;
+
+import java.io.IOException;
+
+import org.apache.directory.shared.ldap.util.AttributeSerializerUtils;
+
+import jdbm.helper.Serializer;
+
+public class AttributeSerializer implements Serializer
+{
+ private static final long serialVersionUID = 1L;
+
+
+ /* (non-Javadoc)
+ * @see jdbm.helper.Serializer#deserialize(byte[])
+ */
+ public Object deserialize( byte[] data ) throws IOException
+ {
+ return AttributeSerializerUtils.deserialize( data );
+ }
+
+
+ /* (non-Javadoc)
+ * @see jdbm.helper.Serializer#serialize(java.lang.Object)
+ */
+ public byte[] serialize( Object data ) throws IOException
+ {
+ return AttributeSerializerUtils.serialize( data );
+ }
+
+}
diff --git a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializer.java b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializer.java
new file mode 100644
index 0000000..0f9fac6
--- /dev/null
+++ b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/AttributesSerializer.java
@@ -0,0 +1,32 @@
+
+package org.apache.directory.server.core.partition.impl.btree.jdbm;
+
+import java.io.IOException;
+
+import org.apache.directory.shared.ldap.util.AttributesSerializerUtils;
+
+import jdbm.helper.Serializer;
+
+public class AttributesSerializer implements Serializer
+{
+ private static final long serialVersionUID = 1L;
+
+
+ /* (non-Javadoc)
+ * @see jdbm.helper.Serializer#deserialize(byte[])
+ */
+ public Object deserialize( byte[] data ) throws IOException
+ {
+ return AttributesSerializerUtils.deserialize( data );
+ }
+
+
+ /* (non-Javadoc)
+ * @see jdbm.helper.Serializer#serialize(java.lang.Object)
+ */
+ public byte[] serialize( Object data ) throws IOException
+ {
+ return AttributesSerializerUtils.serialize( data );
+ }
+
+}
diff --git a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmIndex.java b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmIndex.java
index 75d4781..8a6f968 100644
--- a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmIndex.java
+++ b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmIndex.java
@@ -22,7 +22,6 @@
import java.io.File;
import java.io.IOException;
-import java.math.BigInteger;
import java.util.regex.Pattern;
import javax.naming.NamingEnumeration;
@@ -138,7 +137,14 @@
* primary keys. A value for an attribute can occur several times in
* different entries so the forward map can have more than one value.
*/
- forward = new JdbmTable( attribute.getName() + FORWARD_BTREE, true, numDupLimit, recMan, new IndexComparator( comp, true ) );
+ forward = new JdbmTable(
+ attribute.getName() + FORWARD_BTREE,
+ true,
+ numDupLimit,
+ recMan,
+ new IndexComparator( comp, true ),
+ null, null );
+ //LongSerializer.INSTANCE );
/*
* Now the reverse map stores the primary key into the master table as
@@ -146,8 +152,14 @@
* is single valued according to its specification based on a schema
* then duplicate keys should not be allowed within the reverse table.
*/
- reverse = new JdbmTable( attribute.getName() + REVERSE_BTREE, !attribute.isSingleValue(), numDupLimit, recMan,
- new IndexComparator( comp, false ) );
+ reverse = new JdbmTable(
+ attribute.getName() + REVERSE_BTREE,
+ !attribute.isSingleValue(),
+ numDupLimit,
+ recMan,
+ new IndexComparator( comp, false ),
+ null, //LongSerializer.INSTANCE,
+ null);
}
@@ -198,16 +210,16 @@
/**
* @see Index#forwardLookup(java.lang.Object)
*/
- public BigInteger forwardLookup( Object attrVal ) throws NamingException
+ public Long forwardLookup( Object attrVal ) throws NamingException
{
- return ( BigInteger ) forward.get( getNormalized( attrVal ) );
+ return ( Long ) forward.get( getNormalized( attrVal ) );
}
/**
* @see Index#reverseLookup(java.math.BigInteger)
*/
- public Object reverseLookup( BigInteger id ) throws NamingException
+ public Object reverseLookup( Object id ) throws NamingException
{
return reverse.get( id );
}
@@ -221,7 +233,7 @@
* @see org.apache.directory.server.core.partition.impl.btree.Index#add(java.lang.Object,
* java.math.BigInteger)
*/
- public synchronized void add( Object attrVal, BigInteger id ) throws NamingException
+ public synchronized void add( Object attrVal, Object id ) throws NamingException
{
forward.put( getNormalized( attrVal ), id );
reverse.put( id, getNormalized( attrVal ) );
@@ -232,7 +244,7 @@
* @see org.apache.directory.server.core.partition.impl.btree.Index#add(
* javax.naming.directory.Attribute, java.math.BigInteger)
*/
- public synchronized void add( Attribute attr, BigInteger id ) throws NamingException
+ public synchronized void add( Attribute attr, Object id ) throws NamingException
{
// Can efficiently batch add to the reverse table
NamingEnumeration values = attr.getAll();
@@ -251,7 +263,7 @@
* @see Index#add(
* javax.naming.directory.Attributes, java.math.BigInteger)
*/
- public synchronized void add( Attributes attrs, BigInteger id ) throws NamingException
+ public synchronized void add( Attributes attrs, Object id ) throws NamingException
{
add( AttributeUtils.getAttribute( attrs, attribute ), id );
}
@@ -261,7 +273,7 @@
* @see org.apache.directory.server.core.partition.impl.btree.Index#drop(java.lang.Object,
* java.math.BigInteger)
*/
- public synchronized void drop( Object attrVal, BigInteger id ) throws NamingException
+ public synchronized void drop( Object attrVal, Object id ) throws NamingException
{
forward.remove( getNormalized( attrVal ), id );
reverse.remove( id, getNormalized( attrVal ) );
@@ -271,7 +283,7 @@
/**
* @see Index#drop(java.math.BigInteger)
*/
- public void drop( BigInteger entryId ) throws NamingException
+ public void drop( Object entryId ) throws NamingException
{
NamingEnumeration values = reverse.listValues( entryId );
@@ -288,7 +300,7 @@
* @see Index#drop(
* javax.naming.directory.Attribute, java.math.BigInteger)
*/
- public void drop( Attribute attr, BigInteger id ) throws NamingException
+ public void drop( Attribute attr, Object id ) throws NamingException
{
// Can efficiently batch remove from the reverse table
NamingEnumeration values = attr.getAll();
@@ -315,7 +327,7 @@
* @see org.apache.directory.server.core.partition.impl.btree.Index#drop(
* javax.naming.directory.Attributes, java.math.BigInteger)
*/
- public void drop( Attributes attrs, BigInteger id ) throws NamingException
+ public void drop( Attributes attrs, Object id ) throws NamingException
{
drop( AttributeUtils.getAttribute( attrs, attribute ), id );
}
@@ -328,7 +340,7 @@
/**
* @see Index#listReverseIndices(BigInteger)
*/
- public IndexEnumeration listReverseIndices( BigInteger id ) throws NamingException
+ public IndexEnumeration listReverseIndices( Object id ) throws NamingException
{
return new IndexEnumeration( reverse.listTuples( id ), true );
}
@@ -389,7 +401,7 @@
* @see Index#hasValue(java.lang.Object,
* java.math.BigInteger)
*/
- public boolean hasValue( Object attrVal, BigInteger id ) throws NamingException
+ public boolean hasValue( Object attrVal, Object id ) throws NamingException
{
return forward.has( getNormalized( attrVal ), id );
}
@@ -399,7 +411,7 @@
* @see Index#hasValue(java.lang.Object,
* java.math.BigInteger, boolean)
*/
- public boolean hasValue( Object attrVal, BigInteger id, boolean isGreaterThan ) throws NamingException
+ public boolean hasValue( Object attrVal, Object id, boolean isGreaterThan ) throws NamingException
{
return forward.has( getNormalized( attrVal ), id, isGreaterThan );
}
@@ -409,7 +421,7 @@
* @see Index#hasValue(org.apache.regexp.RE,
* java.math.BigInteger)
*/
- public boolean hasValue( Pattern regex, BigInteger id ) throws NamingException
+ public boolean hasValue( Pattern regex, Object id ) throws NamingException
{
IndexEnumeration list = new IndexEnumeration( reverse.listTuples( id ), true, regex );
boolean hasValue = list.hasMore();
@@ -469,6 +481,11 @@
*/
public Object getNormalized( Object attrVal ) throws NamingException
{
+ if ( attrVal instanceof Long )
+ {
+ return attrVal;
+ }
+
Object normalized = keyCache.get( attrVal );
if ( null == normalized )
diff --git a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmMasterTable.java b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmMasterTable.java
index f5b4b73..eae9054 100644
--- a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmMasterTable.java
+++ b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmMasterTable.java
@@ -20,17 +20,15 @@
package org.apache.directory.server.core.partition.impl.btree.jdbm;
-import java.math.BigInteger;
-
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import jdbm.RecordManager;
+import jdbm.helper.LongSerializer;
import jdbm.helper.StringComparator;
import org.apache.directory.server.core.partition.impl.btree.MasterTable;
import org.apache.directory.server.schema.SerializableComparator;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
/**
@@ -42,7 +40,7 @@
public class JdbmMasterTable extends JdbmTable implements MasterTable
{
private static final StringComparator STRCOMP = new StringComparator();
- private static final SerializableComparator BIG_INTEGER_COMPARATOR = new SerializableComparator(
+ private static final SerializableComparator LONG_COMPARATOR = new SerializableComparator(
"1.3.6.1.4.1.18060.0.4.1.1.2" )
{
private static final long serialVersionUID = 4048791282048841016L;
@@ -50,7 +48,23 @@
public int compare( Object o1, Object o2 )
{
- return BigIntegerComparator.INSTANCE.compare( o1, o2 );
+ try
+ {
+ long thisVal = (Long)o1;
+ long anotherVal = (Long)o2;
+ return ( thisVal < anotherVal ? -1 : ( thisVal == anotherVal ? 0 : 1 ) );
+ }
+ catch ( NullPointerException npe )
+ {
+ if ( o1 == null )
+ {
+ throw new IllegalArgumentException( "Argument 'obj1' is null" );
+ }
+ else
+ {
+ throw new IllegalArgumentException( "Argument 'obj2' is null" );
+ }
+ }
}
};
private static final SerializableComparator STRING_COMPARATOR = new SerializableComparator(
@@ -76,13 +90,13 @@
*/
public JdbmMasterTable(RecordManager recMan) throws NamingException
{
- super( DBF, recMan, BIG_INTEGER_COMPARATOR );
- adminTbl = new JdbmTable( "admin", recMan, STRING_COMPARATOR );
+ super( DBF, recMan, LONG_COMPARATOR, LongSerializer.INSTANCE, new AttributesSerializer() );
+ adminTbl = new JdbmTable( "admin", recMan, STRING_COMPARATOR, null, null );
String seqValue = ( String ) adminTbl.get( SEQPROP_KEY );
if ( null == seqValue )
{
- adminTbl.put( SEQPROP_KEY, BigInteger.ZERO.toString() );
+ adminTbl.put( SEQPROP_KEY, "0" );
}
}
@@ -94,7 +108,7 @@
* @return the Attributes of the entry with operational attributes and all.
* @throws NamingException if there is a read error on the underlying Db.
*/
- public Attributes get( BigInteger id ) throws NamingException
+ public Attributes get( Object id ) throws NamingException
{
return ( Attributes ) super.get( id );
}
@@ -110,7 +124,7 @@
* @return the Attributes of the entry put
* @throws NamingException if there is a write error on the underlying Db.
*/
- public Attributes put( Attributes entry, BigInteger id ) throws NamingException
+ public Attributes put( Attributes entry, Object id ) throws NamingException
{
return ( Attributes ) super.put( id, entry );
}
@@ -123,7 +137,7 @@
* @return the Attributes of the deleted entry
* @throws NamingException if there is a write error on the underlying Db
*/
- public Attributes delete( BigInteger id ) throws NamingException
+ public Attributes delete( Object id ) throws NamingException
{
return ( Attributes ) super.remove( id );
}
@@ -137,18 +151,18 @@
* @throws NamingException if the admin table storing sequences cannot be
* read.
*/
- public BigInteger getCurrentId() throws NamingException
+ public Long getCurrentId() throws NamingException
{
- BigInteger id = null;
+ Long id = null;
synchronized ( adminTbl )
{
- id = new BigInteger( ( String ) adminTbl.get( SEQPROP_KEY ) );
+ id = new Long( ( String ) adminTbl.get( SEQPROP_KEY ) );
if ( null == id )
{
- adminTbl.put( SEQPROP_KEY, BigInteger.ZERO.toString() );
- id = BigInteger.ZERO;
+ adminTbl.put( SEQPROP_KEY, "0" );
+ id = 0L;
}
}
@@ -166,23 +180,23 @@
* @throws NamingException if the admin table storing sequences cannot be
* read and writen to.
*/
- public BigInteger getNextId() throws NamingException
+ public Long getNextId() throws NamingException
{
- BigInteger lastVal = null;
- BigInteger nextVal = null;
+ Long lastVal = null;
+ Long nextVal = null;
synchronized ( adminTbl )
{
- lastVal = new BigInteger( ( String ) adminTbl.get( SEQPROP_KEY ) );
+ lastVal = new Long( ( String ) adminTbl.get( SEQPROP_KEY ) );
if ( null == lastVal )
{
- adminTbl.put( SEQPROP_KEY, BigInteger.ONE.toString() );
- return BigInteger.ONE;
+ adminTbl.put( SEQPROP_KEY, "1" );
+ return 1L;
}
else
{
- nextVal = lastVal.add( BigInteger.ONE );
+ nextVal = lastVal + 1L;
adminTbl.put( SEQPROP_KEY, nextVal.toString() );
}
}
diff --git a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java
index 576331e..7a36aa2 100644
--- a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java
+++ b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmStore.java
@@ -21,7 +21,6 @@
import java.io.File;
import java.io.IOException;
-import java.math.BigInteger;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
@@ -51,6 +50,7 @@
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.server.schema.registries.OidRegistry;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNameNotFoundException;
import org.apache.directory.shared.ldap.exception.LdapSchemaViolationException;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -183,7 +183,7 @@
if ( nextObject instanceof String )
{
name = ( String ) nextObject;
- log.warn( "Using default cache size of {} for index on attribute {}",
+ log.debug( "Using default cache size of {} for index on attribute {}",
new Integer( cacheSize ), name );
}
// custom cache size is used
@@ -285,7 +285,7 @@
if ( ! customAddedSystemIndices.contains( systemIndexName ) )
{
AttributeType type = attributeTypeRegistry.lookup( systemIndexName );
- log.warn( "Using default cache size of {} for index on attribute {}",
+ log.debug( "Using default cache size of {} for index on attribute {}",
new Integer( IndexConfiguration.DEFAULT_INDEX_CACHE_SIZE ), systemIndexName );
if ( systemIndexName.equals( Oid.EXISTANCE ) )
{
@@ -359,7 +359,7 @@
oidRegistry = config.getOidRegistry();
attributeTypeRegistry = config.getAttributeTypeRegistry();
- OBJECT_CLASS_AT = attributeTypeRegistry.lookup( "objectClass" );
+ OBJECT_CLASS_AT = attributeTypeRegistry.lookup( SchemaConstants.OBJECT_CLASS_AT );
ALIAS_AT = attributeTypeRegistry.lookup( ALIAS_ATTRIBUTE );
this.upSuffix = new LdapDN( config.getSuffixDn() );
@@ -378,12 +378,12 @@
if ( cacheSize < 0 )
{
cacheSize = DEFAULT_CACHE_SIZE;
- log.warn( "Using the default entry cache size of {} for {} partition",
+ log.debug( "Using the default entry cache size of {} for {} partition",
new Integer( cacheSize ), config.getName() );
}
else
{
- log.info( "Using the custom configured cache size of {} for {} partition",
+ log.debug( "Using the custom configured cache size of {} for {} partition",
new Integer( cacheSize ), config.getName() );
}
recMan = new CacheRecordManager( base, new MRU( cacheSize ) );
@@ -783,32 +783,32 @@
}
- public BigInteger getEntryId( String dn ) throws NamingException
+ public Long getEntryId( String dn ) throws NamingException
{
- return ndnIdx.forwardLookup( dn );
+ return (Long)ndnIdx.forwardLookup( dn );
}
- public String getEntryDn( BigInteger id ) throws NamingException
+ public String getEntryDn( Long id ) throws NamingException
{
return ( String ) ndnIdx.reverseLookup( id );
}
- public BigInteger getParentId( String dn ) throws NamingException
+ public Long getParentId( String dn ) throws NamingException
{
- BigInteger childId = ndnIdx.forwardLookup( dn );
- return ( BigInteger ) hierarchyIdx.reverseLookup( childId );
+ Long childId = (Long)ndnIdx.forwardLookup( dn );
+ return ( Long ) hierarchyIdx.reverseLookup( childId );
}
- public BigInteger getParentId( BigInteger childId ) throws NamingException
+ public Long getParentId( Long childId ) throws NamingException
{
- return ( BigInteger ) hierarchyIdx.reverseLookup( childId );
+ return ( Long ) hierarchyIdx.reverseLookup( childId );
}
- public String getEntryUpdn( BigInteger id ) throws NamingException
+ public String getEntryUpdn( Long id ) throws NamingException
{
return ( String ) updnIdx.reverseLookup( id );
}
@@ -816,7 +816,7 @@
public String getEntryUpdn( String dn ) throws NamingException
{
- BigInteger id = ndnIdx.forwardLookup( dn );
+ Long id = (Long)ndnIdx.forwardLookup( dn );
return ( String ) updnIdx.reverseLookup( id );
}
@@ -835,13 +835,13 @@
* @param aliasId the id of the alias entry in the master table
* @throws NamingException if we cannot delete the indices
*/
- private void dropAliasIndices( BigInteger aliasId ) throws NamingException
+ private void dropAliasIndices( Long aliasId ) throws NamingException
{
String targetDn = ( String ) aliasIdx.reverseLookup( aliasId );
- BigInteger targetId = getEntryId( targetDn );
+ Long targetId = getEntryId( targetDn );
String aliasDn = getEntryDn( aliasId );
LdapDN ancestorDn = ( LdapDN ) new LdapDN( aliasDn ).getPrefix( 1 );
- BigInteger ancestorId = getEntryId( ancestorDn.toString() );
+ Long ancestorId = getEntryId( ancestorDn.toString() );
/*
* We cannot just drop all tuples in the one level and subtree indices
@@ -880,12 +880,12 @@
* @throws NamingException if index addition fails, of the alias is not
* allowed due to chaining or cycle formation.
*/
- private void addAliasIndices( BigInteger aliasId, LdapDN aliasDn, String aliasTarget ) throws NamingException
+ private void addAliasIndices( Long aliasId, LdapDN aliasDn, String aliasTarget ) throws NamingException
{
LdapDN normalizedAliasTargetDn = null; // Name value of aliasedObjectName
- BigInteger targetId = null; // Id of the aliasedObjectName
+ Long targetId = null; // Id of the aliasedObjectName
LdapDN ancestorDn = null; // Name of an alias entry relative
- BigInteger ancestorId = null; // Id of an alias entry relative
+ Long ancestorId = null; // Id of an alias entry relative
// Access aliasedObjectName, normalize it and generate the Name
normalizedAliasTargetDn = new LdapDN( aliasTarget );
@@ -930,7 +930,7 @@
}
// L O O K U P T A R G E T I D
- targetId = ndnIdx.forwardLookup( normalizedAliasTargetDn.toNormName() );
+ targetId = (Long)ndnIdx.forwardLookup( normalizedAliasTargetDn.toNormName() );
/*
* Check For Target Existance
@@ -1007,8 +1007,8 @@
public void add( LdapDN normName, Attributes entry ) throws NamingException
{
- BigInteger id;
- BigInteger parentId = null;
+ Long id;
+ Long parentId = null;
id = master.getNextId();
@@ -1021,7 +1021,7 @@
LdapDN parentDn = null;
if ( normName.equals( normSuffix ) )
{
- parentId = BigInteger.ZERO;
+ parentId = 0L;
}
else
{
@@ -1091,16 +1091,16 @@
}
- public Attributes lookup( BigInteger id ) throws NamingException
+ public Attributes lookup( Long id ) throws NamingException
{
return master.get( id );
}
- public void delete( BigInteger id ) throws NamingException
+ public void delete( Long id ) throws NamingException
{
Attributes entry = lookup( id );
- BigInteger parentId = getParentId( id );
+ Long parentId = getParentId( id );
NamingEnumeration attrs = entry.getIDs();
Attribute objectClass = AttributeUtils.getAttribute( entry, OBJECT_CLASS_AT );
@@ -1114,7 +1114,7 @@
hierarchyIdx.drop( id );
// Remove parent's reference to entry only if entry is not the upSuffix
- if ( !parentId.equals( BigInteger.ZERO ) )
+ if ( !parentId.equals( 0L ) )
{
hierarchyIdx.drop( parentId, id );
}
@@ -1150,13 +1150,13 @@
}
- public NamingEnumeration list( BigInteger id ) throws NamingException
+ public NamingEnumeration list( Long id ) throws NamingException
{
return hierarchyIdx.listIndices( id );
}
- public int getChildCount( BigInteger id ) throws NamingException
+ public int getChildCount( Long id ) throws NamingException
{
return hierarchyIdx.count( id );
}
@@ -1175,7 +1175,7 @@
public Attributes getSuffixEntry() throws NamingException
{
- BigInteger id = getEntryId( normSuffix.toNormName() );
+ Long id = getEntryId( normSuffix.toNormName() );
if ( null == id )
{
@@ -1198,7 +1198,7 @@
}
- public Attributes getIndices( BigInteger id ) throws NamingException
+ public Attributes getIndices( Long id ) throws NamingException
{
Attributes attributes = new AttributesImpl();
@@ -1276,7 +1276,7 @@
* @throws NamingException if index alteration or attribute addition
* fails.
*/
- private void add( BigInteger id, Attributes entry, Attribute mods ) throws NamingException
+ private void add( Long id, Attributes entry, Attribute mods ) throws NamingException
{
String modsOid = oidRegistry.getOid( mods.getID() );
@@ -1329,7 +1329,7 @@
* @throws NamingException if index alteration or attribute modification
* fails.
*/
- private void remove( BigInteger id, Attributes entry, Attribute mods ) throws NamingException
+ private void remove( Long id, Attributes entry, Attribute mods ) throws NamingException
{
String modsOid = oidRegistry.getOid( mods.getID() );
@@ -1395,7 +1395,7 @@
* @throws NamingException if index alteration or attribute modification
* fails.
*/
- private void replace( BigInteger id, Attributes entry, Attribute mods ) throws NamingException
+ private void replace( Long id, Attributes entry, Attribute mods ) throws NamingException
{
String modsOid = oidRegistry.getOid( mods.getID() );
@@ -1444,7 +1444,7 @@
public void modify( LdapDN dn, int modOp, Attributes mods ) throws NamingException
{
NamingEnumeration attrs = null;
- BigInteger id = getEntryId( dn.toString() );
+ Long id = getEntryId( dn.toString() );
Attributes entry = master.get( id );
switch ( modOp )
@@ -1497,7 +1497,7 @@
public void modify( LdapDN dn, ModificationItemImpl[] mods ) throws NamingException
{
- BigInteger id = getEntryId( dn.toString() );
+ Long id = getEntryId( dn.toString() );
Attributes entry = master.get( id );
for ( int ii = 0; ii < mods.length; ii++ )
@@ -1546,11 +1546,11 @@
* @throws NamingException if there are any errors propagating the name
* changes.
*/
- public void modifyRn( LdapDN dn, String newRdn, boolean deleteOldRdn ) throws NamingException
+ public void rename( LdapDN dn, String newRdn, boolean deleteOldRdn ) throws NamingException
{
String newRdnAttr = NamespaceTools.getRdnAttribute( newRdn );
String newRdnValue = NamespaceTools.getRdnValue( newRdn );
- BigInteger id = getEntryId( dn.toString() );
+ Long id = getEntryId( dn.toString() );
Attributes entry = lookup( id );
LdapDN updn = new LdapDN( getEntryUpdn( id ) );
@@ -1671,7 +1671,7 @@
* which affects alias indices.
* @throws NamingException if something goes wrong
*/
- private void modifyDn( BigInteger id, LdapDN updn, boolean isMove ) throws NamingException
+ private void modifyDn( Long id, LdapDN updn, boolean isMove ) throws NamingException
{
String aliasTarget = null;
@@ -1710,7 +1710,7 @@
{
// Get the child and its id
IndexRecord rec = ( IndexRecord ) children.next();
- BigInteger childId = rec.getEntryId();
+ Long childId = (Long)rec.getEntryId();
/*
* Calculate the Dn for the child's new name by copying the parents
@@ -1729,8 +1729,8 @@
public void move( LdapDN oldChildDn, LdapDN newParentDn, String newRdn, boolean deleteOldRdn ) throws NamingException
{
- BigInteger childId = getEntryId( oldChildDn.toString() );
- modifyRn( oldChildDn, newRdn, deleteOldRdn );
+ Long childId = getEntryId( oldChildDn.toString() );
+ rename( oldChildDn, newRdn, deleteOldRdn );
move( oldChildDn, childId, newParentDn );
if ( isSyncOnWrite )
@@ -1742,7 +1742,7 @@
public void move( LdapDN oldChildDn, LdapDN newParentDn ) throws NamingException
{
- BigInteger childId = getEntryId( oldChildDn.toString() );
+ Long childId = getEntryId( oldChildDn.toString() );
move( oldChildDn, childId, newParentDn );
if ( isSyncOnWrite )
@@ -1765,11 +1765,11 @@
* @param newParentDn the normalized dn of the new parent for the child
* @throws NamingException if something goes wrong
*/
- private void move( LdapDN oldChildDn, BigInteger childId, LdapDN newParentDn ) throws NamingException
+ private void move( LdapDN oldChildDn, Long childId, LdapDN newParentDn ) throws NamingException
{
// Get the child and the new parent to be entries and Ids
- BigInteger newParentId = getEntryId( newParentDn.toString() );
- BigInteger oldParentId = getParentId( childId );
+ Long newParentId = getEntryId( newParentDn.toString() );
+ Long oldParentId = getParentId( childId );
/*
* All aliases including and below oldChildDn, will be affected by
@@ -1818,7 +1818,7 @@
{
public boolean assertCandidate( IndexRecord rec ) throws NamingException
{
- String dn = getEntryDn( rec.getEntryId() );
+ String dn = getEntryDn( (Long)rec.getEntryId() );
if ( dn.endsWith( movedBase.toString() ) )
{
return true;
@@ -1828,7 +1828,7 @@
}
};
- BigInteger movedBaseId = getEntryId( movedBase.toString() );
+ Long movedBaseId = getEntryId( movedBase.toString() );
if ( aliasIdx.reverseLookup( movedBaseId ) != null )
{
dropAliasIndices( movedBaseId, movedBase );
@@ -1839,7 +1839,7 @@
while ( aliases.hasMore() )
{
IndexRecord entry = ( IndexRecord ) aliases.next();
- dropAliasIndices( entry.getEntryId(), movedBase );
+ dropAliasIndices( (Long)entry.getEntryId(), movedBase );
}
}
@@ -1852,10 +1852,10 @@
* @param movedBase the base where the move occured
* @throws NamingException if indices fail
*/
- private void dropAliasIndices( BigInteger aliasId, LdapDN movedBase ) throws NamingException
+ private void dropAliasIndices( Long aliasId, LdapDN movedBase ) throws NamingException
{
String targetDn = ( String ) aliasIdx.reverseLookup( aliasId );
- BigInteger targetId = getEntryId( targetDn );
+ Long targetId = getEntryId( targetDn );
String aliasDn = getEntryDn( aliasId );
/*
@@ -1863,7 +1863,7 @@
* moved base. This is the first ancestor effected by the move.
*/
LdapDN ancestorDn = ( LdapDN ) movedBase.getPrefix( 1 );
- BigInteger ancestorId = getEntryId( ancestorDn.toString() );
+ Long ancestorId = getEntryId( ancestorDn.toString() );
/*
* We cannot just drop all tuples in the one level and subtree indices
diff --git a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java
index 48d002b..947889f 100644
--- a/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java
+++ b/jdbm-store/src/main/java/org/apache/directory/server/core/partition/impl/btree/jdbm/JdbmTable.java
@@ -35,6 +35,7 @@
import jdbm.RecordManager;
import jdbm.btree.BTree;
+import jdbm.helper.Serializer;
import jdbm.helper.TupleBrowser;
import org.apache.commons.collections.iterators.ArrayIterator;
@@ -101,9 +102,14 @@
* @throws NamingException if the table's file cannot be created
*/
public JdbmTable( String name, boolean allowsDuplicates, int numDupLimit,
- RecordManager manager, TupleComparator comparator )
+ RecordManager manager, TupleComparator comparator, Serializer keySerializer,
+ Serializer valueSerializer )
throws NamingException
{
+ /*System.out.println( "Creating BTree for " + name + ", key serializer = " +
+ (keySerializer == null ? "null" : keySerializer.getClass().getName()) +
+ ", valueSerializer = " +
+ (valueSerializer == null ? "null" : valueSerializer.getClass().getName()) );*/
this.numDupLimit = numDupLimit;
this.name = name;
this.recMan = manager;
@@ -138,7 +144,7 @@
}
else
{
- bt = BTree.createInstance( recMan, comparator.getKeyComparator() );
+ bt = BTree.createInstance( recMan, comparator.getKeyComparator(), keySerializer, valueSerializer );
recId = bt.getRecid();
recMan.setNamedObject( name, recId );
recId = recMan.insert( new Integer( 0 ) );
@@ -163,9 +169,10 @@
* @param keyComparator a tuple comparator
* @throws NamingException if the table's file cannot be created
*/
- public JdbmTable( String name, RecordManager manager, SerializableComparator keyComparator ) throws NamingException
+ public JdbmTable( String name, RecordManager manager, SerializableComparator keyComparator, Serializer keySerializer, Serializer valueSerializer )
+ throws NamingException
{
- this( name, false, Integer.MAX_VALUE, manager, new KeyOnlyComparator( keyComparator ) );
+ this( name, false, Integer.MAX_VALUE, manager, new KeyOnlyComparator( keyComparator ), keySerializer, valueSerializer );
}
diff --git a/jdbm-store/src/main/resources/META-INF/LICENSE.txt b/jdbm-store/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..c13db16
--- /dev/null
+++ b/jdbm-store/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,301 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/jdbm-store/src/main/resources/META-INF/NOTICE.txt b/jdbm-store/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..7b3e8a4
--- /dev/null
+++ b/jdbm-store/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,14 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
+This product includes a distribution of JDBM
+(http://jdbm.sourceforge.net).
+
diff --git a/kerberos-shared/pom.xml b/kerberos-shared/pom.xml
index c211cd9..6adb5b2 100644
--- a/kerberos-shared/pom.xml
+++ b/kerberos-shared/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-kerberos-shared</artifactId>
<name>ApacheDS Protocol Kerberos Shared</name>
@@ -14,10 +14,6 @@
<packaging>jar</packaging>
<dependencies>
<dependency>
- <groupId>bouncycastle</groupId>
- <artifactId>lcrypto-jdk14</artifactId>
- </dependency>
- <dependency>
<groupId>org.apache.mina</groupId>
<artifactId>mina-core</artifactId>
</dependency>
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java
index fa85a37..c171bee 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumEngine.java
@@ -21,50 +21,38 @@
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public abstract class ChecksumEngine
+public interface ChecksumEngine
{
- public abstract Digest getDigest();
+ /**
+ * Returns the checksum type of this checksum engine.
+ *
+ * @return The checksum type.
+ */
+ public ChecksumType checksumType();
- public abstract ChecksumType checksumType();
+ /**
+ * Returns the key type of this checksum engine.
+ *
+ * @return The key type.
+ */
+ public CipherType keyType();
- public abstract CipherType keyType();
-
-
- public abstract int checksumSize();
-
-
- public abstract int keySize();
-
-
- public abstract int confounderSize();
-
-
- public abstract boolean isSafe();
-
-
- public abstract byte[] calculateKeyedChecksum( byte[] data, byte[] key );
-
-
- public abstract boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum );
-
-
- public byte[] calculateChecksum( byte[] data )
- {
- Digest digester = getDigest();
-
- digester.reset();
- digester.update( data, 0, data.length );
- byte[] returnValue = new byte[digester.getDigestSize()];
- digester.doFinal( returnValue, 0 );
- return returnValue;
- }
+ /**
+ * Calculate a checksum given raw bytes and an (optional) key.
+ *
+ * @param data
+ * @param key
+ * @param usage
+ * @return The checksum value.
+ */
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumHandler.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumHandler.java
new file mode 100644
index 0000000..a93567b
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumHandler.java
@@ -0,0 +1,115 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.checksum;
+
+
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.Aes128CtsSha1Encryption;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.Aes256CtsSha1Encryption;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.Des3CbcSha1KdEncryption;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
+import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.Checksum;
+
+
+/**
+ * A Hashed Adapter encapsulating checksum engines for performing integrity checks.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class ChecksumHandler
+{
+ /** A map of the default encodable class names to the encoder class names. */
+ private static final Map DEFAULT_CHECKSUMS;
+
+ static
+ {
+ Map<ChecksumType, Class> map = new HashMap<ChecksumType, Class>();
+
+ map.put( ChecksumType.HMAC_MD5, HmacMd5Checksum.class );
+ map.put( ChecksumType.HMAC_SHA1_96_AES128, Aes128CtsSha1Encryption.class );
+ map.put( ChecksumType.HMAC_SHA1_96_AES256, Aes256CtsSha1Encryption.class );
+ map.put( ChecksumType.HMAC_SHA1_DES3_KD, Des3CbcSha1KdEncryption.class );
+ map.put( ChecksumType.RSA_MD5, RsaMd5Checksum.class );
+
+ DEFAULT_CHECKSUMS = Collections.unmodifiableMap( map );
+ }
+
+
+ /**
+ * Verify a checksum by providing the raw bytes and an (optional) key for keyed checksums.
+ *
+ * @param checksum
+ * @param bytes
+ * @param key
+ * @param usage
+ * @throws KerberosException
+ */
+ public void verifyChecksum( Checksum checksum, byte[] bytes, byte[] key, KeyUsage usage ) throws KerberosException
+ {
+ if ( checksum == null )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
+ }
+
+ if ( !DEFAULT_CHECKSUMS.containsKey( checksum.getChecksumType() ) )
+ {
+ throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
+ }
+
+ ChecksumType checksumType = checksum.getChecksumType();
+ ChecksumEngine digester = getEngine( checksumType );
+ Checksum newChecksum = new Checksum( checksumType, digester.calculateChecksum( bytes, key, usage ) );
+
+ if ( !newChecksum.equals( checksum ) )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_MODIFIED );
+ }
+ }
+
+
+ private ChecksumEngine getEngine( ChecksumType checksumType ) throws KerberosException
+ {
+ Class clazz = ( Class ) DEFAULT_CHECKSUMS.get( checksumType );
+
+ if ( clazz == null )
+ {
+ throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
+ }
+
+ try
+ {
+ return ( ChecksumEngine ) clazz.newInstance();
+ }
+ catch ( IllegalAccessException iae )
+ {
+ throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
+ }
+ catch ( InstantiationException ie )
+ {
+ throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
+ }
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java
index 14c0981..8806c0b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/ChecksumType.java
@@ -26,56 +26,143 @@
/**
+ * A type-safe enumeration of Kerberos checksum types.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public final class ChecksumType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * The "unknown" checksum type.
*/
public static final ChecksumType UNKNOWN = new ChecksumType( -1, "UNKNOWN" );
+
+ /**
+ * The "null" checksum type.
+ */
public static final ChecksumType NULL = new ChecksumType( 0, "NULL" );
+
+ /**
+ * The CRC32 checksum type.
+ */
public static final ChecksumType CRC32 = new ChecksumType( 1, "CRC32" );
+
+ /**
+ * The rsa-md4 checksum type.
+ */
public static final ChecksumType RSA_MD4 = new ChecksumType( 2, "rsa-md4" );
+
+ /**
+ * The rsa-md4-des checksum type.
+ */
public static final ChecksumType RSA_MD4_DES = new ChecksumType( 3, "rsa-md4-des" );
+
+ /**
+ * The des-mac checksum type.
+ */
public static final ChecksumType DES_MAC = new ChecksumType( 4, "des-mac" );
+
+ /**
+ * The des-mac-k checksum type.
+ */
public static final ChecksumType DES_MAC_K = new ChecksumType( 5, "des-mac-k" );
+
+ /**
+ * The rsa-md4-des-k checksum type.
+ */
public static final ChecksumType RSA_MD4_DES_K = new ChecksumType( 6, "rsa-md4-des-k" );
+
+ /**
+ * The rsa-md5 checksum type.
+ */
public static final ChecksumType RSA_MD5 = new ChecksumType( 7, "rsa-md5" );
+
+ /**
+ * The rsa-md5-des checksum type.
+ */
public static final ChecksumType RSA_MD5_DES = new ChecksumType( 8, "rsa-md5-des" );
+
+ /**
+ * The rsa-md5-des3 checksum type.
+ */
public static final ChecksumType RSA_MD5_DES3 = new ChecksumType( 9, "rsa-md5-des3" );
+
+ /**
+ * The sha1 (unkeyed) checksum type.
+ */
public static final ChecksumType SHA1 = new ChecksumType( 10, "sha1 (unkeyed)" );
+
+ /**
+ * The hmac-sha1-des3-kd checksum type.
+ */
public static final ChecksumType HMAC_SHA1_DES3_KD = new ChecksumType( 12, "hmac-sha1-des3-kd" );
+
+ /**
+ * The hmac-sha1-des3 checksum type.
+ */
public static final ChecksumType HMAC_SHA1_DES3 = new ChecksumType( 13, "hmac-sha1-des3" );
+
+ /**
+ * The sha1 (unkeyed) checksum type.
+ */
public static final ChecksumType SHA1_2 = new ChecksumType( 14, "sha1 (unkeyed)" );
+
+ /**
+ * The hmac-sha1-96-aes128 checksum type.
+ */
public static final ChecksumType HMAC_SHA1_96_AES128 = new ChecksumType( 15, "hmac-sha1-96-aes128" );
+
+ /**
+ * The hmac-sha1-96-aes256 checksum type.
+ */
public static final ChecksumType HMAC_SHA1_96_AES256 = new ChecksumType( 16, "hmac-sha1-96-aes256" );
/**
- * These two lines are all that's necessary to export a List of VALUES.
+ * The hmac-md5 checksum type.
+ */
+ public static final ChecksumType HMAC_MD5 = new ChecksumType( -138, "hmac-md5" );
+
+ /**
+ * Array for building a List of VALUES.
*/
private static final ChecksumType[] values =
{ UNKNOWN, NULL, CRC32, RSA_MD4, RSA_MD4_DES, DES_MAC, DES_MAC_K, RSA_MD4_DES_K, RSA_MD5, RSA_MD5_DES,
- RSA_MD5_DES3, SHA1, HMAC_SHA1_DES3_KD, HMAC_SHA1_DES3, SHA1_2, HMAC_SHA1_96_AES128, HMAC_SHA1_96_AES256 };
- // VALUES needs to be located here, otherwise illegal forward reference
+ RSA_MD5_DES3, SHA1, HMAC_SHA1_DES3_KD, HMAC_SHA1_DES3, SHA1_2, HMAC_SHA1_96_AES128, HMAC_SHA1_96_AES256,
+ HMAC_MD5 };
+
+ /**
+ * A List of all the checksum type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+ /**
+ * The name of the checksum type.
+ */
private final String name;
+
+ /**
+ * The value/code for the checksum type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private ChecksumType(int ordinal, String name)
+ private ChecksumType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
}
+ /**
+ * Returns the checksum type when specified by its ordinal.
+ *
+ * @param type
+ * @return The checksum type.
+ */
public static ChecksumType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -90,6 +177,11 @@
}
+ /**
+ * Returns the number associated with this checksum type.
+ *
+ * @return The checksum type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java
index 53a0ada..541944c 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Crc32Checksum.java
@@ -17,27 +17,22 @@
* under the License.
*
*/
+
package org.apache.directory.server.kerberos.shared.crypto.checksum;
import java.util.zip.CRC32;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class Crc32Checksum extends ChecksumEngine
+public class Crc32Checksum implements ChecksumEngine
{
- public Digest getDigest()
- {
- return new CRC32Digest();
- }
-
-
public ChecksumType checksumType()
{
return ChecksumType.CRC32;
@@ -50,95 +45,25 @@
}
- public int checksumSize()
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
{
- return 4;
+ CRC32 crc32 = new CRC32();
+ crc32.update( data );
+
+ return int2octet( ( int ) crc32.getValue() );
}
- public int keySize()
+ private byte[] int2octet( int value )
{
- return 0;
- }
+ byte[] bytes = new byte[4];
+ int i, shift;
-
- public int confounderSize()
- {
- return 0;
- }
-
-
- public boolean isSafe()
- {
- return false;
- }
-
-
- public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
- {
- return null;
- }
-
-
- public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
- {
- return false;
- }
-
- private class CRC32Digest implements Digest
- {
- private CRC32 crc32 = new CRC32();
-
-
- public String getAlgorithmName()
+ for ( i = 0, shift = 24; i < 4; i++, shift -= 8 )
{
- return "CRC-32";
+ bytes[i] = ( byte ) ( 0xFF & ( value >> shift ) );
}
-
- public int getDigestSize()
- {
- return 4;
- }
-
-
- public void reset()
- {
- crc32.reset();
- }
-
-
- public void update( byte in )
- {
- crc32.update( in );
- }
-
-
- public void update( byte[] in, int inOff, int len )
- {
- crc32.update( in, inOff, len );
- }
-
-
- public int doFinal( byte[] out, int outOff )
- {
- out = int2octet( ( int ) crc32.getValue() );
-
- return 0;
- }
-
-
- private byte[] int2octet( int value )
- {
- byte[] bytes = new byte[4];
- int i, shift;
-
- for ( i = 0, shift = 24; i < 4; i++, shift -= 8 )
- {
- bytes[i] = ( byte ) ( 0xFF & ( value >> shift ) );
- }
-
- return bytes;
- }
+ return bytes;
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacMd5Checksum.java
similarity index 61%
rename from kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java
rename to kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacMd5Checksum.java
index 9654050..3e8f179 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacMd5Checksum.java
@@ -20,67 +20,49 @@
package org.apache.directory.server.kerberos.shared.crypto.checksum;
+import java.security.GeneralSecurityException;
+
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class Sha1Checksum extends ChecksumEngine
+class HmacMd5Checksum implements ChecksumEngine
{
- public Digest getDigest()
- {
- return new SHA1Digest();
- }
-
-
public ChecksumType checksumType()
{
- return ChecksumType.SHA1;
+ return ChecksumType.HMAC_MD5;
}
public CipherType keyType()
{
- return CipherType.NULL;
+ return CipherType.ARCFOUR;
}
- public int checksumSize()
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
{
- return 20;
- }
+ try
+ {
+ SecretKey sk = new SecretKeySpec( key, "ARCFOUR" );
+ Mac mac = Mac.getInstance( "HmacMD5" );
+ mac.init( sk );
- public int keySize()
- {
- return 0;
- }
-
-
- public int confounderSize()
- {
- return 0;
- }
-
-
- public boolean isSafe()
- {
- return false;
- }
-
-
- public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
- {
- return null;
- }
-
-
- public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
- {
- return false;
+ return mac.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java
similarity index 61%
copy from kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java
copy to kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java
index 9654050..4083cff 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes128Checksum.java
@@ -20,67 +20,49 @@
package org.apache.directory.server.kerberos.shared.crypto.checksum;
+import java.security.GeneralSecurityException;
+
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class Sha1Checksum extends ChecksumEngine
+class HmacSha196Aes128Checksum implements ChecksumEngine
{
- public Digest getDigest()
- {
- return new SHA1Digest();
- }
-
-
public ChecksumType checksumType()
{
- return ChecksumType.SHA1;
+ return ChecksumType.HMAC_SHA1_96_AES128;
}
public CipherType keyType()
{
- return CipherType.NULL;
+ return CipherType.AES;
}
- public int checksumSize()
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
{
- return 20;
- }
+ try
+ {
+ SecretKey sk = new SecretKeySpec( key, "AES" );
+ Mac mac = Mac.getInstance( "HmacSHA1" );
+ mac.init( sk );
- public int keySize()
- {
- return 0;
- }
-
-
- public int confounderSize()
- {
- return 0;
- }
-
-
- public boolean isSafe()
- {
- return false;
- }
-
-
- public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
- {
- return null;
- }
-
-
- public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
- {
- return false;
+ return mac.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java
similarity index 61%
copy from kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java
copy to kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java
index 9654050..d2c6e12 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha196Aes256Checksum.java
@@ -20,67 +20,49 @@
package org.apache.directory.server.kerberos.shared.crypto.checksum;
+import java.security.GeneralSecurityException;
+
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class Sha1Checksum extends ChecksumEngine
+class HmacSha196Aes256Checksum implements ChecksumEngine
{
- public Digest getDigest()
- {
- return new SHA1Digest();
- }
-
-
public ChecksumType checksumType()
{
- return ChecksumType.SHA1;
+ return ChecksumType.HMAC_SHA1_96_AES256;
}
public CipherType keyType()
{
- return CipherType.NULL;
+ return CipherType.AES;
}
- public int checksumSize()
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
{
- return 20;
- }
+ try
+ {
+ SecretKey sk = new SecretKeySpec( key, "AES" );
+ Mac mac = Mac.getInstance( "HmacSHA1" );
+ mac.init( sk );
- public int keySize()
- {
- return 0;
- }
-
-
- public int confounderSize()
- {
- return 0;
- }
-
-
- public boolean isSafe()
- {
- return false;
- }
-
-
- public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
- {
- return null;
- }
-
-
- public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
- {
- return false;
+ return mac.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java
similarity index 61%
copy from kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java
copy to kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java
index 9654050..d05d7af 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/Sha1Checksum.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/HmacSha1Des3KdChecksum.java
@@ -20,67 +20,49 @@
package org.apache.directory.server.kerberos.shared.crypto.checksum;
+import java.security.GeneralSecurityException;
+
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class Sha1Checksum extends ChecksumEngine
+class HmacSha1Des3KdChecksum implements ChecksumEngine
{
- public Digest getDigest()
- {
- return new SHA1Digest();
- }
-
-
public ChecksumType checksumType()
{
- return ChecksumType.SHA1;
+ return ChecksumType.HMAC_SHA1_DES3_KD;
}
public CipherType keyType()
{
- return CipherType.NULL;
+ return CipherType.DES3;
}
- public int checksumSize()
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
{
- return 20;
- }
+ try
+ {
+ SecretKey sk = new SecretKeySpec( key, "DESede" );
+ Mac mac = Mac.getInstance( "HmacSHA1" );
+ mac.init( sk );
- public int keySize()
- {
- return 0;
- }
-
-
- public int confounderSize()
- {
- return 0;
- }
-
-
- public boolean isSafe()
- {
- return false;
- }
-
-
- public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
- {
- return null;
- }
-
-
- public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
- {
- return false;
+ return mac.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd4Checksum.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd4Checksum.java
deleted file mode 100644
index 555c557..0000000
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd4Checksum.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.kerberos.shared.crypto.checksum;
-
-
-import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD4Digest;
-
-
-/**
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public class RsaMd4Checksum extends ChecksumEngine
-{
- public Digest getDigest()
- {
- return new MD4Digest();
- }
-
-
- public ChecksumType checksumType()
- {
- return ChecksumType.RSA_MD4;
- }
-
-
- public CipherType keyType()
- {
- return CipherType.NULL;
- }
-
-
- public int checksumSize()
- {
- return 16;
- }
-
-
- public int keySize()
- {
- return 0;
- }
-
-
- public int confounderSize()
- {
- return 0;
- }
-
-
- public boolean isSafe()
- {
- return false;
- }
-
-
- public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
- {
- return null;
- }
-
-
- public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
- {
- return false;
- }
-}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java
index d8e17c8..97a6592 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/checksum/RsaMd5Checksum.java
@@ -20,23 +20,19 @@
package org.apache.directory.server.kerberos.shared.crypto.checksum;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherType;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD5Digest;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class RsaMd5Checksum extends ChecksumEngine
+class RsaMd5Checksum implements ChecksumEngine
{
- public Digest getDigest()
- {
- return new MD5Digest();
- }
-
-
public ChecksumType checksumType()
{
return ChecksumType.RSA_MD5;
@@ -49,38 +45,16 @@
}
- public int checksumSize()
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
{
- return 16;
- }
-
-
- public int keySize()
- {
- return 0;
- }
-
-
- public int confounderSize()
- {
- return 0;
- }
-
-
- public boolean isSafe()
- {
- return false;
- }
-
-
- public byte[] calculateKeyedChecksum( byte[] data, byte[] key )
- {
- return null;
- }
-
-
- public boolean verifyKeyedChecksum( byte[] data, byte[] key, byte[] checksum )
- {
- return false;
+ try
+ {
+ MessageDigest digester = MessageDigest.getInstance( "MD5" );
+ return digester.digest( data );
+ }
+ catch ( NoSuchAlgorithmException nsae )
+ {
+ return null;
+ }
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcEncryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Aes128CtsSha1Encryption.java
similarity index 73%
copy from kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcEncryption.java
copy to kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Aes128CtsSha1Encryption.java
index 2523fda..e6ddbeb 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcEncryption.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Aes128CtsSha1Encryption.java
@@ -20,36 +20,29 @@
package org.apache.directory.server.kerberos.shared.crypto.encryption;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.DESEngine;
+import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public abstract class DesCbcEncryption extends EncryptionEngine
+public class Aes128CtsSha1Encryption extends AesCtsSha1Encryption
{
- public BlockCipher getBlockCipher()
+ public EncryptionType getEncryptionType()
{
- return new DESEngine();
+ return EncryptionType.AES128_CTS_HMAC_SHA1_96;
}
- public CipherType keyType()
+ public ChecksumType checksumType()
{
- return CipherType.DES;
+ return ChecksumType.HMAC_SHA1_96_AES128;
}
- public int blockSize()
+ public int getKeyLength()
{
- return 8;
- }
-
-
- public int keySize()
- {
- return 8;
+ return 128;
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcEncryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Aes256CtsSha1Encryption.java
similarity index 73%
rename from kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcEncryption.java
rename to kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Aes256CtsSha1Encryption.java
index 2523fda..b54db50 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcEncryption.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Aes256CtsSha1Encryption.java
@@ -20,36 +20,29 @@
package org.apache.directory.server.kerberos.shared.crypto.encryption;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.DESEngine;
+import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public abstract class DesCbcEncryption extends EncryptionEngine
+public class Aes256CtsSha1Encryption extends AesCtsSha1Encryption
{
- public BlockCipher getBlockCipher()
+ public EncryptionType getEncryptionType()
{
- return new DESEngine();
+ return EncryptionType.AES256_CTS_HMAC_SHA1_96;
}
- public CipherType keyType()
+ public ChecksumType checksumType()
{
- return CipherType.DES;
+ return ChecksumType.HMAC_SHA1_96_AES256;
}
- public int blockSize()
+ public int getKeyLength()
{
- return 8;
- }
-
-
- public int keySize()
- {
- return 8;
+ return 256;
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesCtsSha1Encryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesCtsSha1Encryption.java
new file mode 100644
index 0000000..302c212
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesCtsSha1Encryption.java
@@ -0,0 +1,204 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.security.GeneralSecurityException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+
+import javax.crypto.Cipher;
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
+import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+abstract class AesCtsSha1Encryption extends EncryptionEngine implements ChecksumEngine
+{
+ private static final byte[] iv = new byte[]
+ { ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00,
+ ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00,
+ ( byte ) 0x00, ( byte ) 0x00 };
+
+
+ public int getConfounderLength()
+ {
+ return 16;
+ }
+
+
+ public int getChecksumLength()
+ {
+ return 12;
+ }
+
+
+ public CipherType keyType()
+ {
+ return CipherType.AES;
+ }
+
+
+ protected abstract int getKeyLength();
+
+
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
+ {
+ byte[] Kc = deriveKey( key, getUsageKc( usage ), 128, getKeyLength() );
+ byte[] checksum = processChecksum( data, Kc );
+
+ return removeTrailingBytes( checksum, 0, checksum.length - getChecksumLength() );
+ }
+
+
+ public byte[] calculateIntegrity( byte[] data, byte[] key, KeyUsage usage )
+ {
+ byte[] Ki = deriveKey( key, getUsageKi( usage ), 128, getKeyLength() );
+ byte[] checksum = processChecksum( data, Ki );
+
+ return removeTrailingBytes( checksum, 0, checksum.length - getChecksumLength() );
+ }
+
+
+ public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
+ {
+ byte[] Ke = deriveKey( key.getKeyValue(), getUsageKe( usage ), 128, getKeyLength() );
+
+ byte[] encryptedData = data.getCipherText();
+
+ // extract the old checksum
+ byte[] oldChecksum = new byte[getChecksumLength()];
+ System
+ .arraycopy( encryptedData, encryptedData.length - getChecksumLength(), oldChecksum, 0, oldChecksum.length );
+
+ // remove trailing checksum
+ encryptedData = removeTrailingBytes( encryptedData, 0, getChecksumLength() );
+
+ // decrypt the data
+ byte[] decryptedData = decrypt( encryptedData, Ke );
+
+ // remove leading confounder
+ byte[] withoutConfounder = removeLeadingBytes( decryptedData, getConfounderLength(), 0 );
+
+ // calculate a new checksum
+ byte[] newChecksum = calculateIntegrity( decryptedData, key.getKeyValue(), usage );
+
+ // compare checksums
+ if ( !Arrays.equals( oldChecksum, newChecksum ) )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
+ }
+
+ return withoutConfounder;
+ }
+
+
+ public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
+ {
+ byte[] Ke = deriveKey( key.getKeyValue(), getUsageKe( usage ), 128, getKeyLength() );
+
+ // build the ciphertext structure
+ byte[] conFounder = getRandomBytes( getConfounderLength() );
+ byte[] dataBytes = concatenateBytes( conFounder, plainText );
+
+ byte[] checksumBytes = calculateIntegrity( dataBytes, key.getKeyValue(), usage );
+
+ byte[] encryptedData = encrypt( dataBytes, Ke );
+ byte[] cipherText = concatenateBytes( encryptedData, checksumBytes );
+
+ return new EncryptedData( getEncryptionType(), key.getKeyVersion(), cipherText );
+ }
+
+
+ public byte[] encrypt( byte[] plainText, byte[] keyBytes )
+ {
+ return processCipher( true, plainText, keyBytes );
+ }
+
+
+ public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
+ {
+ return processCipher( false, cipherText, keyBytes );
+ }
+
+
+ protected byte[] deriveKey( byte[] baseKey, byte[] usage, int n, int k )
+ {
+ return deriveRandom( baseKey, usage, n, k );
+ }
+
+
+ private byte[] processChecksum( byte[] data, byte[] key )
+ {
+ try
+ {
+ SecretKey sk = new SecretKeySpec( key, "AES" );
+
+ Mac mac = Mac.getInstance( "HmacSHA1" );
+ mac.init( sk );
+
+ return mac.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
+ }
+
+
+ private byte[] processCipher( boolean isEncrypt, byte[] data, byte[] keyBytes )
+ {
+ try
+ {
+ Cipher cipher = Cipher.getInstance( "AES/CTS/NoPadding" );
+ SecretKey key = new SecretKeySpec( keyBytes, "AES" );
+
+ AlgorithmParameterSpec paramSpec = new IvParameterSpec( iv );
+
+ if ( isEncrypt )
+ {
+ cipher.init( Cipher.ENCRYPT_MODE, key, paramSpec );
+ }
+ else
+ {
+ cipher.init( Cipher.DECRYPT_MODE, key, paramSpec );
+ }
+
+ return cipher.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/ArcFourHmacMd5Encryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/ArcFourHmacMd5Encryption.java
new file mode 100644
index 0000000..1b7271a
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/ArcFourHmacMd5Encryption.java
@@ -0,0 +1,103 @@
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.security.GeneralSecurityException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.crypto.Cipher;
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+class ArcFourHmacMd5Encryption extends EncryptionEngine
+{
+ public EncryptionType getEncryptionType()
+ {
+ return EncryptionType.RC4_HMAC;
+ }
+
+
+ public int getChecksumLength()
+ {
+ return 16;
+ }
+
+
+ public int getConfounderLength()
+ {
+ return 8;
+ }
+
+
+ public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
+ {
+ return data.getCipherText();
+ }
+
+
+ public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
+ {
+ return new EncryptedData( getEncryptionType(), key.getKeyVersion(), plainText );
+ }
+
+
+ public byte[] encrypt( byte[] plainText, byte[] keyBytes )
+ {
+ return processCipher( true, plainText, keyBytes );
+ }
+
+
+ public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
+ {
+ return processCipher( false, cipherText, keyBytes );
+ }
+
+
+ public byte[] calculateIntegrity( byte[] data, byte[] key, KeyUsage usage )
+ {
+ try
+ {
+ Mac digester = Mac.getInstance( "HmacMD5" );
+ return digester.doFinal( data );
+ }
+ catch ( NoSuchAlgorithmException nsae )
+ {
+ return null;
+ }
+ }
+
+
+ private byte[] processCipher( boolean isEncrypt, byte[] data, byte[] keyBytes )
+ {
+ try
+ {
+ Cipher cipher = Cipher.getInstance( "ARCFOUR" );
+ SecretKey key = new SecretKeySpec( keyBytes, "ARCFOUR" );
+
+ if ( isEncrypt )
+ {
+ cipher.init( Cipher.ENCRYPT_MODE, key );
+ }
+ else
+ {
+ cipher.init( Cipher.DECRYPT_MODE, key );
+ }
+
+ return cipher.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/LockBox.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java
similarity index 80%
rename from kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/LockBox.java
rename to kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java
index 903ef9b..4878997 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/LockBox.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.java
@@ -18,7 +18,7 @@
*
*/
-package org.apache.directory.server.kerberos.shared.service;
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
import java.io.IOException;
@@ -26,13 +26,6 @@
import java.util.HashMap;
import java.util.Map;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.Des3CbcMd5Encryption;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.Des3CbcSha1Encryption;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.DesCbcCrcEncryption;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.DesCbcMd4Encryption;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.DesCbcMd5Encryption;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionEngine;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.io.decoder.AuthenticatorDecoder;
@@ -49,6 +42,7 @@
import org.apache.directory.server.kerberos.shared.io.encoder.EncTicketPartEncoder;
import org.apache.directory.server.kerberos.shared.io.encoder.Encoder;
import org.apache.directory.server.kerberos.shared.io.encoder.EncoderFactory;
+import org.apache.directory.server.kerberos.shared.io.encoder.EncryptedTimestampEncoder;
import org.apache.directory.server.kerberos.shared.messages.AuthenticationReply;
import org.apache.directory.server.kerberos.shared.messages.Encodable;
import org.apache.directory.server.kerberos.shared.messages.TicketGrantReply;
@@ -70,7 +64,7 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class LockBox
+public class CipherTextHandler
{
/** a map of the default encodable class names to the encoder class names */
private static final Map DEFAULT_ENCODERS;
@@ -81,8 +75,9 @@
static
{
- Map map = new HashMap();
+ Map<Class, Class> map = new HashMap<Class, Class>();
+ map.put( EncryptedTimeStamp.class, EncryptedTimestampEncoder.class );
map.put( EncTicketPart.class, EncTicketPartEncoder.class );
map.put( AuthenticationReply.class, EncAsRepPartEncoder.class );
map.put( TicketGrantReply.class, EncTgsRepPartEncoder.class );
@@ -94,7 +89,7 @@
static
{
- Map map = new HashMap();
+ Map<Class, Class> map = new HashMap<Class, Class>();
map.put( EncTicketPart.class, EncTicketPartDecoder.class );
map.put( Authenticator.class, AuthenticatorDecoder.class );
@@ -107,26 +102,36 @@
static
{
- Map map = new HashMap();
+ Map<EncryptionType, Class> map = new HashMap<EncryptionType, Class>();
- map.put( EncryptionType.DES_CBC_CRC, DesCbcCrcEncryption.class );
- map.put( EncryptionType.DES_CBC_MD4, DesCbcMd4Encryption.class );
map.put( EncryptionType.DES_CBC_MD5, DesCbcMd5Encryption.class );
- map.put( EncryptionType.DES3_CBC_MD5, Des3CbcMd5Encryption.class );
- map.put( EncryptionType.DES3_CBC_SHA1, Des3CbcSha1Encryption.class );
+ map.put( EncryptionType.DES3_CBC_SHA1_KD, Des3CbcSha1KdEncryption.class );
+ map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, Aes128CtsSha1Encryption.class );
+ map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, Aes256CtsSha1Encryption.class );
+ map.put( EncryptionType.RC4_HMAC, ArcFourHmacMd5Encryption.class );
DEFAULT_CIPHERS = Collections.unmodifiableMap( map );
}
- public EncryptedData seal( EncryptionKey key, Encodable encodable ) throws KerberosException
+ /**
+ * Performs an encode and an encrypt.
+ *
+ * @param key The key to use for encrypting.
+ * @param encodable The Kerberos object to encode.
+ * @param usage The key usage.
+ * @return The Kerberos EncryptedData.
+ * @throws KerberosException
+ */
+ public EncryptedData seal( EncryptionKey key, Encodable encodable, KeyUsage usage ) throws KerberosException
{
try
{
- return encrypt( key, encode( encodable ) );
+ return encrypt( key, encode( encodable ), usage );
}
catch ( IOException ioe )
{
+ ioe.printStackTrace();
throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
catch ( ClassCastException cce )
@@ -136,14 +141,26 @@
}
- public Encodable unseal( Class hint, EncryptionKey key, EncryptedData data ) throws KerberosException
+ /**
+ * Perform a decrypt and a decode.
+ *
+ * @param hint The class the encrypted data is expected to contain.
+ * @param key The key to use for decryption.
+ * @param data The data to decrypt.
+ * @param usage The key usage.
+ * @return The Kerberos object resulting from a successful decrypt and decode.
+ * @throws KerberosException
+ */
+ public Encodable unseal( Class hint, EncryptionKey key, EncryptedData data, KeyUsage usage )
+ throws KerberosException
{
try
{
- return decode( hint, decrypt( key, data ) );
+ return decode( hint, decrypt( key, data, usage ) );
}
catch ( IOException ioe )
{
+ ioe.printStackTrace();
throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
catch ( ClassCastException cce )
@@ -153,19 +170,19 @@
}
- private EncryptedData encrypt( EncryptionKey key, byte[] plainText ) throws KerberosException
+ private EncryptedData encrypt( EncryptionKey key, byte[] plainText, KeyUsage usage ) throws KerberosException
{
EncryptionEngine engine = getEngine( key );
- return engine.getEncryptedData( key, plainText );
+ return engine.getEncryptedData( key, plainText, usage );
}
- private byte[] decrypt( EncryptionKey key, EncryptedData data ) throws KerberosException
+ private byte[] decrypt( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
{
EncryptionEngine engine = getEngine( key );
- return engine.getDecryptedData( key, data );
+ return engine.getDecryptedData( key, data, usage );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java
index 11d0782..abd8df6 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherType.java
@@ -26,26 +26,47 @@
/**
+ * A type-safe enumeration of Kerberos cipher types.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public final class CipherType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * The null cipher type.
*/
public static final CipherType NULL = new CipherType( "NULL" );
- public static final CipherType DES = new CipherType( "DES" );
- public static final CipherType DES3 = new CipherType( "DES3" );
- public static final CipherType AES128 = new CipherType( "AES128" );
/**
- * These two lines are all that's necessary to export a List of VALUES.
+ * The DES cipher type.
+ */
+ public static final CipherType DES = new CipherType( "DES" );
+
+ /**
+ * The Triple-DES cipher type.
+ */
+ public static final CipherType DES3 = new CipherType( "DESede" );
+
+ /**
+ * The AES (both 128 and 256) cipher type.
+ */
+ public static final CipherType AES = new CipherType( "AES" );
+
+ /**
+ * The ARCFOUR cipher type.
+ */
+ public static final CipherType ARCFOUR = new CipherType( "ARCFOUR" );
+
+ /**
+ * Array for building a List of VALUES.
*/
private static final CipherType[] values =
- { NULL, DES, DES3, AES128 };
- // VALUES needs to be located here, otherwise illegal forward reference
+ { NULL, DES, DES3, AES, ARCFOUR };
+
+ /**
+ * A List of all the cipher type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
private final String name;
@@ -56,12 +77,18 @@
/**
* Private constructor prevents construction outside of this class.
*/
- private CipherType(String name)
+ private CipherType( String name )
{
this.name = name;
}
+ /**
+ * Returns the cipher type when specified by its ordinal.
+ *
+ * @param type
+ * @return The cipher type.
+ */
public CipherType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcEncryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcEncryption.java
deleted file mode 100644
index bf4c065..0000000
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcEncryption.java
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.kerberos.shared.crypto.encryption;
-
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-
-
-/**
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public abstract class Des3CbcEncryption extends EncryptionEngine
-{
- public BlockCipher getBlockCipher()
- {
- return new DESedeEngine();
- }
-
-
- public CipherType keyType()
- {
- return CipherType.DES3;
- }
-
-
- public int blockSize()
- {
- return 8;
- }
-
-
- public int keySize()
- {
- return 24;
- }
-}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcMd5Encryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcMd5Encryption.java
deleted file mode 100644
index 2c78ce5..0000000
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcMd5Encryption.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.kerberos.shared.crypto.encryption;
-
-
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.RsaMd5Checksum;
-
-
-/**
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public class Des3CbcMd5Encryption extends Des3CbcEncryption
-{
- public ChecksumEngine getChecksumEngine()
- {
- return new RsaMd5Checksum();
- }
-
-
- public EncryptionType encryptionType()
- {
- return EncryptionType.DES3_CBC_MD5;
- }
-
-
- public ChecksumType checksumType()
- {
- return ChecksumType.RSA_MD5;
- }
-
-
- public int confounderSize()
- {
- return 8;
- }
-
-
- public int checksumSize()
- {
- return 16;
- }
-
-
- public int minimumPadSize()
- {
- return 0;
- }
-}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1Encryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1Encryption.java
deleted file mode 100644
index 4417558..0000000
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1Encryption.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.kerberos.shared.crypto.encryption;
-
-
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.Sha1Checksum;
-
-
-/**
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public class Des3CbcSha1Encryption extends Des3CbcEncryption
-{
- public ChecksumEngine getChecksumEngine()
- {
- return new Sha1Checksum();
- }
-
-
- public EncryptionType encryptionType()
- {
- return EncryptionType.DES3_CBC_SHA1;
- }
-
-
- public ChecksumType checksumType()
- {
- return ChecksumType.SHA1;
- }
-
-
- public int confounderSize()
- {
- return 8;
- }
-
-
- public int checksumSize()
- {
- return 20;
- }
-
-
- public int minimumPadSize()
- {
- return 0;
- }
-}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryption.java
new file mode 100644
index 0000000..7142f16
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryption.java
@@ -0,0 +1,313 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.security.GeneralSecurityException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+
+import javax.crypto.Cipher;
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
+import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
+import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class Des3CbcSha1KdEncryption extends EncryptionEngine implements ChecksumEngine
+{
+ private static final byte[] iv = new byte[]
+ { ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00,
+ ( byte ) 0x00 };
+
+
+ public EncryptionType getEncryptionType()
+ {
+ return EncryptionType.DES3_CBC_SHA1_KD;
+ }
+
+
+ public int getConfounderLength()
+ {
+ return 8;
+ }
+
+
+ public int getChecksumLength()
+ {
+ return 20;
+ }
+
+
+ public ChecksumType checksumType()
+ {
+ return ChecksumType.HMAC_SHA1_DES3_KD;
+ }
+
+
+ public CipherType keyType()
+ {
+ return CipherType.DES3;
+ }
+
+
+ public byte[] calculateChecksum( byte[] data, byte[] key, KeyUsage usage )
+ {
+ byte[] Kc = deriveKey( key, getUsageKc( usage ), 64, 168 );
+
+ return processChecksum( data, Kc );
+ }
+
+
+ public byte[] calculateIntegrity( byte[] data, byte[] key, KeyUsage usage )
+ {
+ byte[] Ki = deriveKey( key, getUsageKi( usage ), 64, 168 );
+
+ return processChecksum( data, Ki );
+ }
+
+
+ public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
+ {
+ byte[] Ke = deriveKey( key.getKeyValue(), getUsageKe( usage ), 64, 168 );
+
+ byte[] encryptedData = data.getCipherText();
+
+ // extract the old checksum
+ byte[] oldChecksum = new byte[getChecksumLength()];
+ System
+ .arraycopy( encryptedData, encryptedData.length - getChecksumLength(), oldChecksum, 0, oldChecksum.length );
+
+ // remove trailing checksum
+ encryptedData = removeTrailingBytes( encryptedData, 0, getChecksumLength() );
+
+ // decrypt the data
+ byte[] decryptedData = decrypt( encryptedData, Ke );
+
+ // remove leading confounder
+ byte[] withoutConfounder = removeLeadingBytes( decryptedData, getConfounderLength(), 0 );
+
+ // calculate a new checksum
+ byte[] newChecksum = calculateIntegrity( decryptedData, key.getKeyValue(), usage );
+
+ // compare checksums
+ if ( !Arrays.equals( oldChecksum, newChecksum ) )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
+ }
+
+ return withoutConfounder;
+ }
+
+
+ public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
+ {
+ byte[] Ke = deriveKey( key.getKeyValue(), getUsageKe( usage ), 64, 168 );
+
+ // build the ciphertext structure
+ byte[] conFounder = getRandomBytes( getConfounderLength() );
+ byte[] paddedPlainText = padString( plainText );
+ byte[] dataBytes = concatenateBytes( conFounder, paddedPlainText );
+ byte[] checksumBytes = calculateIntegrity( dataBytes, key.getKeyValue(), usage );
+
+ //byte[] encryptedData = encrypt( paddedDataBytes, key.getKeyValue() );
+ byte[] encryptedData = encrypt( dataBytes, Ke );
+
+ byte[] cipherText = concatenateBytes( encryptedData, checksumBytes );
+
+ return new EncryptedData( getEncryptionType(), key.getKeyVersion(), cipherText );
+ }
+
+
+ public byte[] encrypt( byte[] plainText, byte[] keyBytes )
+ {
+ return processCipher( true, plainText, keyBytes );
+ }
+
+
+ public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
+ {
+ return processCipher( false, cipherText, keyBytes );
+ }
+
+
+ /**
+ * Derived Key = DK(Base Key, Well-Known Constant)
+ * DK(Key, Constant) = random-to-key(DR(Key, Constant))
+ * DR(Key, Constant) = k-truncate(E(Key, Constant, initial-cipher-state))
+ */
+ protected byte[] deriveKey( byte[] baseKey, byte[] usage, int n, int k )
+ {
+ byte[] result = deriveRandom( baseKey, usage, n, k );
+ result = randomToKey( result );
+
+ return result;
+ }
+
+
+ protected byte[] randomToKey( byte[] seed )
+ {
+ int kBytes = 24;
+ byte[] result = new byte[kBytes];
+
+ byte[] fillingKey = new byte[0];
+
+ int pos = 0;
+
+ for ( int i = 0; i < kBytes; i++ )
+ {
+ if ( pos < fillingKey.length )
+ {
+ result[i] = fillingKey[pos];
+ pos++;
+ }
+ else
+ {
+ fillingKey = getBitGroup( seed, i / 8 );
+ fillingKey = setParity( fillingKey );
+ pos = 0;
+ result[i] = fillingKey[pos];
+ pos++;
+ }
+ }
+
+ return result;
+ }
+
+
+ protected byte[] getBitGroup( byte[] seed, int group )
+ {
+ int srcPos = group * 7;
+
+ byte[] result = new byte[7];
+
+ System.arraycopy( seed, srcPos, result, 0, 7 );
+
+ return result;
+ }
+
+
+ protected byte[] setParity( byte[] in )
+ {
+ byte[] expandedIn = new byte[8];
+
+ System.arraycopy( in, 0, expandedIn, 0, in.length );
+
+ setBit( expandedIn, 62, getBit( in, 7 ) );
+ setBit( expandedIn, 61, getBit( in, 15 ) );
+ setBit( expandedIn, 60, getBit( in, 23 ) );
+ setBit( expandedIn, 59, getBit( in, 31 ) );
+ setBit( expandedIn, 58, getBit( in, 39 ) );
+ setBit( expandedIn, 57, getBit( in, 47 ) );
+ setBit( expandedIn, 56, getBit( in, 55 ) );
+
+ byte[] out = new byte[8];
+
+ int bitCount = 0;
+ int index = 0;
+
+ for ( int i = 0; i < 64; i++ )
+ {
+ if ( ( i + 1 ) % 8 == 0 )
+ {
+ if ( bitCount % 2 == 0 )
+ {
+ setBit( out, i, 1 );
+ }
+
+ index++;
+ bitCount = 0;
+ }
+ else
+ {
+ int val = getBit( expandedIn, index );
+ boolean bit = val > 0;
+
+ if ( bit )
+ {
+ setBit( out, i, val );
+ bitCount++;
+ }
+
+ index++;
+ }
+ }
+
+ return out;
+ }
+
+
+ private byte[] processCipher( boolean isEncrypt, byte[] data, byte[] keyBytes )
+ {
+ try
+ {
+ Cipher cipher = Cipher.getInstance( "DESede/CBC/NoPadding" );
+ SecretKey key = new SecretKeySpec( keyBytes, "DESede" );
+
+ AlgorithmParameterSpec paramSpec = new IvParameterSpec( iv );
+
+ if ( isEncrypt )
+ {
+ cipher.init( Cipher.ENCRYPT_MODE, key, paramSpec );
+ }
+ else
+ {
+ cipher.init( Cipher.DECRYPT_MODE, key, paramSpec );
+ }
+
+ return cipher.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
+ }
+
+
+ private byte[] processChecksum( byte[] data, byte[] key )
+ {
+ try
+ {
+ SecretKey sk = new SecretKeySpec( key, "DESede" );
+
+ Mac mac = Mac.getInstance( "HmacSHA1" );
+ mac.init( sk );
+
+ return mac.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java
index 66ac364..d2a1967 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcCrcEncryption.java
@@ -17,58 +17,165 @@
* under the License.
*
*/
+
package org.apache.directory.server.kerberos.shared.crypto.encryption;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.Crc32Checksum;
+import java.security.GeneralSecurityException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+import java.util.zip.CRC32;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class DesCbcCrcEncryption extends DesCbcEncryption
+public class DesCbcCrcEncryption extends EncryptionEngine
{
- public ChecksumEngine getChecksumEngine()
- {
- return new Crc32Checksum();
- }
+ private static final byte[] iv = new byte[]
+ { ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00,
+ ( byte ) 0x00 };
- public EncryptionType encryptionType()
+ public EncryptionType getEncryptionType()
{
return EncryptionType.DES_CBC_CRC;
}
- public ChecksumType checksumType()
- {
- return ChecksumType.CRC32;
- }
-
-
- public CipherType cipherType()
- {
- return CipherType.DES;
- }
-
-
- public int confounderSize()
+ public int getConfounderLength()
{
return 8;
}
- public int checksumSize()
+ public int getChecksumLength()
{
return 4;
}
- public int minimumPadSize()
+ public byte[] calculateIntegrity( byte[] data, byte[] key, KeyUsage usage )
{
- return 4;
+ CRC32 crc32 = new CRC32();
+ crc32.update( data );
+
+ return int2octet( ( int ) crc32.getValue() );
+ }
+
+
+ private byte[] int2octet( int value )
+ {
+ byte[] bytes = new byte[4];
+ int i, shift;
+
+ for ( i = 0, shift = 24; i < 4; i++, shift -= 8 )
+ {
+ bytes[i] = ( byte ) ( 0xFF & ( value >> shift ) );
+ }
+
+ return bytes;
+ }
+
+
+ public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
+ {
+ // decrypt the data
+ byte[] decryptedData = decrypt( data.getCipherText(), key.getKeyValue() );
+
+ // extract the old checksum
+ byte[] oldChecksum = new byte[getChecksumLength()];
+ System.arraycopy( decryptedData, getConfounderLength(), oldChecksum, 0, oldChecksum.length );
+
+ // zero out the old checksum in the cipher text
+ for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
+ {
+ decryptedData[i] = 0;
+ }
+
+ // calculate a new checksum
+ byte[] newChecksum = calculateIntegrity( decryptedData, key.getKeyValue(), usage );
+
+ // compare checksums
+ if ( !Arrays.equals( oldChecksum, newChecksum ) )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
+ }
+
+ // remove leading confounder and checksum
+ return removeLeadingBytes( decryptedData, getConfounderLength(), getChecksumLength() );
+ }
+
+
+ public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
+ {
+ // build the ciphertext structure
+ byte[] conFounder = getRandomBytes( getConfounderLength() );
+ byte[] zeroedChecksum = new byte[getChecksumLength()];
+ byte[] paddedPlainText = padString( plainText );
+ byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) );
+ byte[] checksumBytes = calculateIntegrity( dataBytes, null, usage );
+ byte[] paddedDataBytes = padString( dataBytes );
+
+ // lay the checksum into the ciphertext
+ for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
+ {
+ paddedDataBytes[i] = checksumBytes[i - getConfounderLength()];
+ }
+
+ byte[] encryptedData = encrypt( paddedDataBytes, key.getKeyValue() );
+
+ return new EncryptedData( getEncryptionType(), key.getKeyVersion(), encryptedData );
+ }
+
+
+ public byte[] encrypt( byte[] plainText, byte[] keyBytes )
+ {
+ return processCipher( true, plainText, keyBytes );
+ }
+
+
+ public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
+ {
+ return processCipher( false, cipherText, keyBytes );
+ }
+
+
+ private byte[] processCipher( boolean isEncrypt, byte[] data, byte[] keyBytes )
+ {
+ try
+ {
+ Cipher cipher = Cipher.getInstance( "DES/CBC/NoPadding" );
+ SecretKey key = new SecretKeySpec( keyBytes, "DES" );
+
+ AlgorithmParameterSpec paramSpec = new IvParameterSpec( iv );
+
+ if ( isEncrypt )
+ {
+ cipher.init( Cipher.ENCRYPT_MODE, key, paramSpec );
+ }
+ else
+ {
+ cipher.init( Cipher.DECRYPT_MODE, key, paramSpec );
+ }
+
+ return cipher.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd4Encryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd4Encryption.java
deleted file mode 100644
index e2f5fca..0000000
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd4Encryption.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.kerberos.shared.crypto.encryption;
-
-
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.RsaMd4Checksum;
-
-
-/**
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public class DesCbcMd4Encryption extends DesCbcEncryption
-{
- public ChecksumEngine getChecksumEngine()
- {
- return new RsaMd4Checksum();
- }
-
-
- public EncryptionType encryptionType()
- {
- return EncryptionType.DES_CBC_MD4;
- }
-
-
- public ChecksumType checksumType()
- {
- return ChecksumType.RSA_MD4;
- }
-
-
- public int confounderSize()
- {
- return 8;
- }
-
-
- public int checksumSize()
- {
- return 16;
- }
-
-
- public int minimumPadSize()
- {
- return 0;
- }
-}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java
index 0fa8d96..c856e9f 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesCbcMd5Encryption.java
@@ -20,49 +20,153 @@
package org.apache.directory.server.kerberos.shared.crypto.encryption;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.RsaMd5Checksum;
+import java.security.GeneralSecurityException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class DesCbcMd5Encryption extends DesCbcEncryption
+class DesCbcMd5Encryption extends EncryptionEngine
{
- public ChecksumEngine getChecksumEngine()
- {
- return new RsaMd5Checksum();
- }
+ private static final byte[] iv = new byte[]
+ { ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00,
+ ( byte ) 0x00 };
- public EncryptionType encryptionType()
+ public EncryptionType getEncryptionType()
{
return EncryptionType.DES_CBC_MD5;
}
- public ChecksumType checksumType()
- {
- return ChecksumType.RSA_MD5;
- }
-
-
- public int confounderSize()
+ public int getConfounderLength()
{
return 8;
}
- public int checksumSize()
+ public int getChecksumLength()
{
return 16;
}
- public int minimumPadSize()
+ public byte[] calculateIntegrity( byte[] data, byte[] key, KeyUsage usage )
{
- return 0;
+ try
+ {
+ MessageDigest digester = MessageDigest.getInstance( "MD5" );
+ return digester.digest( data );
+ }
+ catch ( NoSuchAlgorithmException nsae )
+ {
+ return null;
+ }
+ }
+
+
+ public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
+ {
+ // decrypt the data
+ byte[] decryptedData = decrypt( data.getCipherText(), key.getKeyValue() );
+
+ // extract the old checksum
+ byte[] oldChecksum = new byte[getChecksumLength()];
+ System.arraycopy( decryptedData, getConfounderLength(), oldChecksum, 0, oldChecksum.length );
+
+ // zero out the old checksum in the cipher text
+ for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
+ {
+ decryptedData[i] = 0;
+ }
+
+ // calculate a new checksum
+ byte[] newChecksum = calculateIntegrity( decryptedData, key.getKeyValue(), usage );
+
+ // compare checksums
+ if ( !Arrays.equals( oldChecksum, newChecksum ) )
+ {
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
+ }
+
+ // remove leading confounder and checksum
+ return removeLeadingBytes( decryptedData, getConfounderLength(), getChecksumLength() );
+ }
+
+
+ public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
+ {
+ // build the ciphertext structure
+ byte[] conFounder = getRandomBytes( getConfounderLength() );
+ byte[] zeroedChecksum = new byte[getChecksumLength()];
+ byte[] paddedPlainText = padString( plainText );
+ byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) );
+ byte[] checksumBytes = calculateIntegrity( dataBytes, null, usage );
+ byte[] paddedDataBytes = padString( dataBytes );
+
+ // lay the checksum into the ciphertext
+ for ( int i = getConfounderLength(); i < getConfounderLength() + getChecksumLength(); i++ )
+ {
+ paddedDataBytes[i] = checksumBytes[i - getConfounderLength()];
+ }
+
+ byte[] encryptedData = encrypt( paddedDataBytes, key.getKeyValue() );
+
+ return new EncryptedData( getEncryptionType(), key.getKeyVersion(), encryptedData );
+ }
+
+
+ public byte[] encrypt( byte[] plainText, byte[] keyBytes )
+ {
+ return processCipher( true, plainText, keyBytes );
+ }
+
+
+ public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
+ {
+ return processCipher( false, cipherText, keyBytes );
+ }
+
+
+ private byte[] processCipher( boolean isEncrypt, byte[] data, byte[] keyBytes )
+ {
+ try
+ {
+ Cipher cipher = Cipher.getInstance( "DES/CBC/NoPadding" );
+ SecretKey key = new SecretKeySpec( keyBytes, "DES" );
+
+ AlgorithmParameterSpec paramSpec = new IvParameterSpec( iv );
+
+ if ( isEncrypt )
+ {
+ cipher.init( Cipher.ENCRYPT_MODE, key, paramSpec );
+ }
+ else
+ {
+ cipher.init( Cipher.DECRYPT_MODE, key, paramSpec );
+ }
+
+ return cipher.doFinal( data );
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesStringToKey.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesStringToKey.java
new file mode 100644
index 0000000..e2fd28e
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesStringToKey.java
@@ -0,0 +1,371 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.io.UnsupportedEncodingException;
+import java.security.GeneralSecurityException;
+import java.security.InvalidKeyException;
+import java.security.spec.AlgorithmParameterSpec;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.DESKeySpec;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+
+/**
+ * An implementation of the DES string-to-key function as originally described
+ * in RFC 1510, "The Kerberos Network Authentication Service (V5)," and clarified
+ * in RFC 3961, "Encryption and Checksum Specifications for Kerberos 5."
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 502338 $, $Date: 2007-02-01 11:59:43 -0800 (Thu, 01 Feb 2007) $
+ */
+public class DesStringToKey
+{
+ /**
+ * Returns a DES symmetric key for the given passphrase.
+ *
+ * @param passPhrase The passphrase to derive a symmetric DES key from.
+ * @return The derived symmetric DES key.
+ */
+ public byte[] getKey( String passPhrase )
+ {
+ return generateKey( passPhrase );
+ }
+
+
+ /**
+ * Returns a DES symmetric key for the given input String components,
+ * which will be concatenated in the order described in RFC's 1510 and 3961,
+ * namely password+realm+username.
+ *
+ * @param password The password.
+ * @param realmName The name of the realm.
+ * @param userName The username.
+ * @return The derived symmetric DES key.
+ */
+ public byte[] getKey( String password, String realmName, String userName )
+ {
+ return generateKey( password + realmName + userName );
+ }
+
+
+ /**
+ * Returns a DES symmetric key for the given input String.
+ *
+ * @param passPhrase The passphrase.
+ * @return The DES key.
+ * @throws Exception
+ */
+ protected byte[] generateKey( String passPhrase )
+ {
+ byte encodedByteArray[] = characterEncodeString( passPhrase );
+
+ byte paddedByteArray[] = padString( encodedByteArray );
+
+ byte[] secretKey = fanFold( paddedByteArray );
+
+ secretKey = setParity( secretKey );
+ secretKey = getStrongKey( secretKey );
+ secretKey = calculateChecksum( paddedByteArray, secretKey );
+ secretKey = setParity( secretKey );
+ secretKey = getStrongKey( secretKey );
+
+ return secretKey;
+ }
+
+
+ /**
+ * Set odd parity on an eight-byte array.
+ *
+ * @param in The byte array to set parity on.
+ * @return The parity-adjusted byte array.
+ */
+ protected byte[] setParity( byte[] in )
+ {
+ byte[] out = new byte[8];
+
+ int bitCount = 0;
+ int index = 0;
+
+ for ( int i = 0; i < 64; i++ )
+ {
+ if ( ( i + 1 ) % 8 == 0 )
+ {
+ if ( bitCount % 2 == 0 )
+ {
+ setBit( out, i, 1 );
+ }
+
+ index++;
+ bitCount = 0;
+ }
+ else
+ {
+ int val = getBit( in, index );
+ boolean bit = val > 0;
+
+ if ( bit )
+ {
+ setBit( out, i, val );
+ bitCount++;
+ }
+
+ index++;
+ }
+ }
+
+ return out;
+ }
+
+
+ /**
+ * Gets a bit at a given position.
+ *
+ * @param data
+ * @param pos
+ * @return The value of the bit.
+ */
+ protected int getBit( byte[] data, int pos )
+ {
+ int posByte = pos / 8;
+ int posBit = pos % 8;
+
+ byte valByte = data[posByte];
+ int valInt = valByte >> ( 8 - ( posBit + 1 ) ) & 0x0001;
+ return valInt;
+ }
+
+
+ /**
+ * Sets a bit at a given position.
+ *
+ * @param data
+ * @param pos
+ * @param val
+ */
+ protected void setBit( byte[] data, int pos, int val )
+ {
+ int posByte = pos / 8;
+ int posBit = pos % 8;
+ byte oldByte = data[posByte];
+ oldByte = ( byte ) ( ( ( 0xFF7F >> posBit ) & oldByte ) & 0x00FF );
+ byte newByte = ( byte ) ( ( val << ( 8 - ( posBit + 1 ) ) ) | oldByte );
+ data[posByte] = newByte;
+ }
+
+
+ /**
+ * "The top bit of each octet (always zero if the password is plain
+ * ASCII, as was assumed when the original specification was written) is
+ * discarded, and the remaining seven bits of each octet form a
+ * bitstring. This is then fan-folded and eXclusive-ORed with itself to
+ * produce a 56-bit string. An eight-octet key is formed from this
+ * string, each octet using seven bits from the bitstring, leaving the
+ * least significant bit unassigned."
+ *
+ * @param paddedByteArray The padded byte array.
+ * @return The fan-folded intermediate DES key.
+ */
+ protected byte[] fanFold( byte[] paddedByteArray )
+ {
+ byte secretKey[] = new byte[8];
+
+ int div = paddedByteArray.length / 8;
+
+ for ( int ii = 0; ii < div; ii++ )
+ {
+ byte blockValue1[] = new byte[8];
+ System.arraycopy( paddedByteArray, ii * 8, blockValue1, 0, 8 );
+
+ if ( ii % 2 == 1 )
+ {
+ byte tempbyte1 = 0;
+ byte tempbyte2 = 0;
+ byte blockValue2[] = new byte[8];
+
+ for ( int jj = 0; jj < 8; jj++ )
+ {
+ tempbyte2 = 0;
+
+ for ( int kk = 0; kk < 4; kk++ )
+ {
+ tempbyte2 = ( byte ) ( ( 1 << ( 7 - kk ) ) & 0xff );
+ tempbyte1 |= ( blockValue1[jj] & tempbyte2 ) >>> ( 7 - 2 * kk );
+ tempbyte2 = 0;
+ }
+
+ for ( int kk = 4; kk < 8; kk++ )
+ {
+ tempbyte2 = ( byte ) ( ( 1 << ( 7 - kk ) ) & 0xff );
+ tempbyte1 |= ( blockValue1[jj] & tempbyte2 ) << ( 2 * kk - 7 );
+ tempbyte2 = 0;
+ }
+
+ blockValue2[7 - jj] = tempbyte1;
+ tempbyte1 = 0;
+ }
+
+ for ( int jj = 0; jj < 8; jj++ )
+ {
+ blockValue2[jj] = ( byte ) ( ( ( blockValue2[jj] & 0xff ) >>> 1 ) & 0xff );
+ }
+
+ System.arraycopy( blockValue2, 0, blockValue1, 0, blockValue2.length );
+ }
+
+ for ( int jj = 0; jj < 8; jj++ )
+ {
+ blockValue1[jj] = ( byte ) ( ( ( blockValue1[jj] & 0xff ) << 1 ) & 0xff );
+ }
+
+ // ... eXclusive-ORed with itself to form an 8-byte DES key
+ for ( int jj = 0; jj < 8; jj++ )
+ {
+ secretKey[jj] ^= blockValue1[jj];
+ }
+ }
+
+ return secretKey;
+ }
+
+
+ /**
+ * Calculates the checksum as described in "String or Random-Data to
+ * Key Transformation." An intermediate key is used to generate a DES CBC
+ * "checksum" on the initial passphrase+salt. The encryption key is also
+ * used as the IV. The final eight-byte block is returned as the "checksum."
+ *
+ * @param data The data to encrypt.
+ * @param keyBytes The bytes of the intermediate key.
+ * @return The final eight-byte block as the checksum.
+ */
+ protected byte[] calculateChecksum( byte[] data, byte[] keyBytes )
+ {
+ try
+ {
+ Cipher cipher = Cipher.getInstance( "DES/CBC/NoPadding" );
+ SecretKey key = new SecretKeySpec( keyBytes, "DES" );
+
+ AlgorithmParameterSpec paramSpec = new IvParameterSpec( keyBytes );
+
+ cipher.init( Cipher.ENCRYPT_MODE, key, paramSpec );
+
+ byte[] result = cipher.doFinal( data );
+
+ byte[] checksum = new byte[8];
+ System.arraycopy( result, result.length - 8, checksum, 0, 8 );
+
+ return checksum;
+ }
+ catch ( GeneralSecurityException nsae )
+ {
+ nsae.printStackTrace();
+ return null;
+ }
+ }
+
+
+ /**
+ * If the secret key is weak, correct by exclusive OR'ing
+ * with the constant 0xF0.
+ *
+ * @param keyValue The key to correct, if necessary.
+ * @return The corrected key.
+ */
+ protected byte[] getStrongKey( byte[] secretKey )
+ {
+ try
+ {
+ if ( DESKeySpec.isWeak( secretKey, 0 ) )
+ {
+ secretKey[7] ^= 0xf0;
+ }
+ }
+ catch ( InvalidKeyException ike )
+ {
+ return new byte[8];
+ }
+
+ return secretKey;
+ }
+
+
+ /**
+ * Encodes string with UTF-8 encoding.
+ *
+ * @param string The String to encode.
+ * @return The encoded String.
+ */
+ protected byte[] characterEncodeString( String string )
+ {
+ byte encodedByteArray[] = new byte[string.length()];
+
+ try
+ {
+ encodedByteArray = string.getBytes( "UTF-8" );
+ }
+ catch ( UnsupportedEncodingException ue )
+ {
+ }
+
+ return encodedByteArray;
+ }
+
+
+ /**
+ * Add padding to make an exact multiple of 8 bytes.
+ *
+ * @param encodedString
+ * @return The padded byte array.
+ */
+ protected byte[] padString( byte encodedString[] )
+ {
+ int length;
+
+ if ( encodedString.length < 8 )
+ {
+ length = encodedString.length;
+ }
+ else
+ {
+ length = encodedString.length % 8;
+ }
+
+ if ( length == 0 )
+ {
+ return encodedString;
+ }
+
+ byte paddedByteArray[] = new byte[( 8 - length ) + encodedString.length];
+
+ for ( int ii = paddedByteArray.length - 1; ii > encodedString.length - 1; ii-- )
+ {
+ paddedByteArray[ii] = 0;
+ }
+
+ System.arraycopy( encodedString, 0, paddedByteArray, 0, encodedString.length );
+
+ return paddedByteArray;
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java
index a7894a2..025436c 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.java
@@ -22,14 +22,9 @@
import java.security.SecureRandom;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
/**
@@ -41,78 +36,64 @@
private static final SecureRandom random = new SecureRandom();
- public abstract ChecksumEngine getChecksumEngine();
+ protected abstract byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage )
+ throws KerberosException;
- public abstract BlockCipher getBlockCipher();
+ protected abstract EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage );
- public abstract EncryptionType encryptionType();
+ protected abstract EncryptionType getEncryptionType();
- public abstract ChecksumType checksumType();
+ protected abstract int getConfounderLength();
- public abstract CipherType keyType();
+ protected abstract int getChecksumLength();
- public abstract int confounderSize();
+ protected abstract byte[] encrypt( byte[] plainText, byte[] key );
- public abstract int checksumSize();
+ protected abstract byte[] decrypt( byte[] cipherText, byte[] key );
- public abstract int blockSize();
+ protected abstract byte[] calculateIntegrity( byte[] plainText, byte[] key, KeyUsage usage );
- public abstract int minimumPadSize();
-
-
- public abstract int keySize();
-
-
- public byte[] getDecryptedData( EncryptionKey key, EncryptedData data )
+ protected byte[] deriveRandom( byte[] key, byte[] usage, int n, int k )
{
- byte[] decryptedData = decrypt( data.getCipherText(), key.getKeyValue() );
+ byte[] nFoldedUsage = NFold.nFold( n, usage );
- return removeBytes( decryptedData, confounderSize(), checksumSize() );
- }
+ int kBytes = k / 8;
+ byte[] result = new byte[kBytes];
+ byte[] fillingKey = encrypt( nFoldedUsage, key );
- public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText )
- {
- byte[] conFounder = getRandomBytes( confounderSize() );
- byte[] zeroedChecksum = new byte[checksumSize()];
- byte[] paddedPlainText = padString( plainText );
- byte[] dataBytes = concatenateBytes( conFounder, concatenateBytes( zeroedChecksum, paddedPlainText ) );
- byte[] checksumBytes = calculateChecksum( dataBytes );
- byte[] paddedDataBytes = padString( dataBytes );
+ int pos = 0;
- // lay the checksum into the ciphertext
- for ( int i = confounderSize(); i < confounderSize() + checksumSize(); i++ )
+ for ( int i = 0; i < kBytes; i++ )
{
- paddedDataBytes[i] = checksumBytes[i - confounderSize()];
+ if ( pos < fillingKey.length )
+ {
+ result[i] = fillingKey[pos];
+ pos++;
+ }
+ else
+ {
+ fillingKey = encrypt( fillingKey, key );
+ pos = 0;
+ result[i] = fillingKey[pos];
+ pos++;
+ }
}
- byte[] encryptedData = encrypt( paddedDataBytes, key.getKeyValue() );
-
- return new EncryptedData( encryptionType(), key.getKeyVersion(), encryptedData );
+ return result;
}
- private byte[] encrypt( byte[] data, byte[] key )
- {
- return processBlockCipher( true, data, key, null );
- }
-
-
- private byte[] decrypt( byte[] data, byte[] key )
- {
- return processBlockCipher( false, data, key, null );
- }
-
-
- private byte[] getRandomBytes( int size )
+ // Encryption
+ protected byte[] getRandomBytes( int size )
{
byte[] bytes = new byte[size];
@@ -123,7 +104,8 @@
}
- private byte[] padString( byte encodedString[] )
+ // Encryption
+ protected byte[] padString( byte encodedString[] )
{
int x;
if ( encodedString.length < 8 )
@@ -153,7 +135,8 @@
}
- private byte[] concatenateBytes( byte[] array1, byte[] array2 )
+ // Encryption
+ protected byte[] concatenateBytes( byte[] array1, byte[] array2 )
{
byte concatenatedBytes[] = new byte[array1.length + array2.length];
@@ -171,15 +154,8 @@
}
- private byte[] calculateChecksum( byte[] data )
- {
- ChecksumEngine digester = getChecksumEngine();
-
- return digester.calculateChecksum( data );
- }
-
-
- private byte[] removeBytes( byte[] array, int confounder, int checksum )
+ // Decryption
+ protected byte[] removeLeadingBytes( byte[] array, int confounder, int checksum )
{
byte lessBytes[] = new byte[array.length - confounder - checksum];
@@ -194,39 +170,91 @@
}
- private byte[] processBlockCipher( boolean encrypt, byte[] data, byte[] key, byte[] ivec )
+ protected byte[] removeTrailingBytes( byte[] array, int confounder, int checksum )
{
- byte[] returnData = new byte[data.length];
- CBCBlockCipher cbcCipher = new CBCBlockCipher( getBlockCipher() );
- KeyParameter keyParameter = new KeyParameter( key );
+ byte lessBytes[] = new byte[array.length - confounder - checksum];
- if ( ivec != null )
+ int j = 0;
+ for ( int i = 0; i < array.length - confounder - checksum; i++ )
{
- ParametersWithIV kpWithIV = new ParametersWithIV( keyParameter, ivec );
- cbcCipher.init( encrypt, kpWithIV );
- }
- else
- {
- cbcCipher.init( encrypt, keyParameter );
+ lessBytes[j] = array[i];
+ j++;
}
- int offset = 0;
- int processedBytesLength = 0;
+ return lessBytes;
+ }
- while ( offset < returnData.length )
- {
- try
- {
- processedBytesLength = cbcCipher.processBlock( data, offset, returnData, offset );
- offset += processedBytesLength;
- }
- catch ( Exception e )
- {
- e.printStackTrace();
- break;
- }
- }
- return returnData;
+ protected int getBit( byte[] data, int pos )
+ {
+ int posByte = pos / 8;
+ int posBit = pos % 8;
+
+ byte valByte = data[posByte];
+ int valInt = valByte >> ( 8 - ( posBit + 1 ) ) & 0x0001;
+ return valInt;
+ }
+
+
+ protected void setBit( byte[] data, int pos, int val )
+ {
+ int posByte = pos / 8;
+ int posBit = pos % 8;
+ byte oldByte = data[posByte];
+ oldByte = ( byte ) ( ( ( 0xFF7F >> posBit ) & oldByte ) & 0x00FF );
+ byte newByte = ( byte ) ( ( val << ( 8 - ( posBit + 1 ) ) ) | oldByte );
+ data[posByte] = newByte;
+ }
+
+
+ /**
+ * The "well-known constant" used for the DK function is the key
+ * usage number, expressed as four octets in big-endian order,
+ * followed by one octet indicated below.
+ *
+ * Kc = DK(base-key, usage | 0x99);
+ */
+ protected byte[] getUsageKc( KeyUsage usage )
+ {
+ return getUsage( usage.getOrdinal(), ( byte ) 0x99 );
+ }
+
+
+ /**
+ * The "well-known constant" used for the DK function is the key
+ * usage number, expressed as four octets in big-endian order,
+ * followed by one octet indicated below.
+ *
+ * Ke = DK(base-key, usage | 0xAA);
+ */
+ protected byte[] getUsageKe( KeyUsage usage )
+ {
+ return getUsage( usage.getOrdinal(), ( byte ) 0xAA );
+ }
+
+
+ /**
+ * The "well-known constant" used for the DK function is the key
+ * usage number, expressed as four octets in big-endian order,
+ * followed by one octet indicated below.
+ *
+ * Ki = DK(base-key, usage | 0x55);
+ */
+ protected byte[] getUsageKi( KeyUsage usage )
+ {
+ return getUsage( usage.getOrdinal(), ( byte ) 0x55 );
+ }
+
+
+ private byte[] getUsage( int usage, byte constant )
+ {
+ byte[] bytes = new byte[5];
+ bytes[0] = ( byte ) ( ( usage >>> 24 ) & 0x000000FF );
+ bytes[1] = ( byte ) ( ( usage >> 16 ) & 0x000000FF );
+ bytes[2] = ( byte ) ( ( usage >> 8 ) & 0x000000FF );
+ bytes[3] = ( byte ) ( usage & 0x00FF );
+ bytes[4] = constant;
+
+ return bytes;
}
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngineFactory.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngineFactory.java
deleted file mode 100644
index a628749..0000000
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngineFactory.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.kerberos.shared.crypto.encryption;
-
-
-import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
-import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
-import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-
-
-/**
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public class EncryptionEngineFactory
-{
- public static EncryptionEngine getEncryptionEngineFor( EncryptionKey key ) throws KerberosException
- {
- int type = key.getKeyType().getOrdinal();
-
- switch ( type )
- {
- case 0:
- return new NullEncryption();
- case 1:
- return new DesCbcCrcEncryption();
- case 2:
- return new DesCbcMd4Encryption();
- case 3:
- return new DesCbcMd5Encryption();
- case 5:
- return new Des3CbcMd5Encryption();
- case 7:
- return new Des3CbcSha1Encryption();
- }
-
- throw new KerberosException( ErrorType.KDC_ERR_ETYPE_NOSUPP );
- }
-}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java
index 1be820e..310ac3b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionType.java
@@ -26,45 +26,142 @@
/**
+ * A type-safe enumeration of Kerberos encryption types.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public final class EncryptionType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * The "unknown" encryption type.
*/
public static final EncryptionType UNKNOWN = new EncryptionType( -1, "UNKNOWN" );
+
+ /**
+ * The "null" encryption type.
+ */
public static final EncryptionType NULL = new EncryptionType( 0, "NULL" );
+
+ /**
+ * The des-cbc-crc encryption type.
+ */
public static final EncryptionType DES_CBC_CRC = new EncryptionType( 1, "des-cbc-crc" );
+
+ /**
+ * The des-cbc-md4 encryption type.
+ */
public static final EncryptionType DES_CBC_MD4 = new EncryptionType( 2, "des-cbc-md4" );
+
+ /**
+ * The des-cbc-md5 encryption type.
+ */
public static final EncryptionType DES_CBC_MD5 = new EncryptionType( 3, "des-cbc-md5" );
+
+ /**
+ * The reserved (4) encryption type.
+ */
public static final EncryptionType RESERVED4 = new EncryptionType( 4, "[reserved]" );
+
+ /**
+ * The des3-cbc-md5 encryption type.
+ */
public static final EncryptionType DES3_CBC_MD5 = new EncryptionType( 5, "des3-cbc-md5" );
+
+ /**
+ * The reserved (6) encryption type.
+ */
public static final EncryptionType RESERVED6 = new EncryptionType( 6, "[reserved]" );
+
+ /**
+ * The des3-cbc-sha1 encryption type.
+ */
public static final EncryptionType DES3_CBC_SHA1 = new EncryptionType( 7, "des3-cbc-sha1" );
+
+ /**
+ * The dsaWithSHA1-CmsOID encryption type.
+ */
public static final EncryptionType DSAWITHSHA1_CMSOID = new EncryptionType( 9, "dsaWithSHA1-CmsOID" );
+
+ /**
+ * The md5WithRSAEncryption-CmsOID encryption type.
+ */
public static final EncryptionType MD5WITHRSAENCRYPTION_CMSOID = new EncryptionType( 10,
"md5WithRSAEncryption-CmsOID" );
+
+ /**
+ * The sha1WithRSAEncryption-CmsOID encryption type.
+ */
public static final EncryptionType SHA1WITHRSAENCRYPTION_CMSOID = new EncryptionType( 11,
"sha1WithRSAEncryption-CmsOID" );
+
+ /**
+ * The rc2CBC-EnvOID encryption type.
+ */
public static final EncryptionType RC2CBC_ENVOID = new EncryptionType( 12, "rc2CBC-EnvOID" );
+
+ /**
+ * The rsaEncryption-EnvOID encryption type.
+ */
public static final EncryptionType RSAENCRYPTION_ENVOID = new EncryptionType( 13, "rsaEncryption-EnvOID" );
+
+ /**
+ * The rsaES-OAEP-ENV-OID encryption type.
+ */
public static final EncryptionType RSAES_OAEP_ENV_OID = new EncryptionType( 14, "rsaES-OAEP-ENV-OID" );
+
+ /**
+ * The des-ede3-cbc-Env-OID encryption type.
+ */
public static final EncryptionType DES_EDE3_CBC_ENV_OID = new EncryptionType( 15, "des-ede3-cbc-Env-OID" );
+
+ /**
+ * The des3-cbc-sha1-kd encryption type.
+ */
public static final EncryptionType DES3_CBC_SHA1_KD = new EncryptionType( 16, "des3-cbc-sha1-kd" );
+
+ /**
+ * The aes128-cts-hmac-sha1-96 encryption type.
+ */
public static final EncryptionType AES128_CTS_HMAC_SHA1_96 = new EncryptionType( 17, "aes128-cts-hmac-sha1-96" );
+
+ /**
+ * The aes256-cts-hmac-sha1-96 encryption type.
+ */
public static final EncryptionType AES256_CTS_HMAC_SHA1_96 = new EncryptionType( 18, "aes256-cts-hmac-sha1-96" );
+
+ /**
+ * The rc4-hmac encryption type.
+ */
public static final EncryptionType RC4_HMAC = new EncryptionType( 23, "rc4-hmac" );
+
+ /**
+ * The rc4-hmac-exp encryption type.
+ */
public static final EncryptionType RC4_HMAC_EXP = new EncryptionType( 24, "rc4-hmac-exp" );
+
+ /**
+ * The subkey-keymaterial encryption type.
+ */
public static final EncryptionType SUBKEY_KEYMATERIAL = new EncryptionType( 65, "subkey-keymaterial" );
+
+ /**
+ * The rc4-md4 encryption type.
+ */
public static final EncryptionType RC4_MD4 = new EncryptionType( -128, "rc4-md4" );
+
+ /**
+ * The c4-hmac-old encryption type.
+ */
public static final EncryptionType RC4_HMAC_OLD = new EncryptionType( -133, "rc4-hmac-old" );
+
+ /**
+ * The rc4-hmac-old-exp encryption type.
+ */
public static final EncryptionType RC4_HMAC_OLD_EXP = new EncryptionType( -135, "rc4-hmac-old-exp" );
/**
- * These two lines are all that's necessary to export a List of VALUES.
+ * Array for building a List of VALUES.
*/
private static final EncryptionType[] values =
{ UNKNOWN, NULL, DES_CBC_CRC, DES_CBC_MD4, DES_CBC_MD5, RESERVED4, DES3_CBC_MD5, RESERVED6, DES3_CBC_SHA1,
@@ -73,22 +170,38 @@
AES256_CTS_HMAC_SHA1_96, RC4_HMAC, RC4_HMAC_EXP, SUBKEY_KEYMATERIAL, RC4_MD4, RC4_HMAC_OLD,
RC4_HMAC_OLD_EXP };
+ /**
+ * A List of all the encryption type constants.
+ */
public static final List<EncryptionType> VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+ /**
+ * The name of the encryption type.
+ */
private final String name;
+
+ /**
+ * The value/code for the encryption type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private EncryptionType(int ordinal, String name)
+ private EncryptionType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
}
+ /**
+ * Returns the encryption type when specified by its ordinal.
+ *
+ * @param type
+ * @return The encryption type.
+ */
public static EncryptionType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -103,12 +216,28 @@
}
+ /**
+ * Returns the number associated with this encryption type.
+ *
+ * @return The encryption type number.
+ */
public int getOrdinal()
{
return ordinal;
}
+ /**
+ * Returns the name associated with this encryption type.
+ *
+ * @return The name.
+ */
+ public String getName()
+ {
+ return name;
+ }
+
+
public int compareTo( Object that )
{
return ordinal - ( ( EncryptionType ) that ).ordinal;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
new file mode 100644
index 0000000..c50dbd5
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactory.java
@@ -0,0 +1,114 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * A factory class for producing {@link KerberosKey}'s. For a list of desired cipher
+ * types, Kerberos string-to-key functions are used to derive keys for DES-, DES3-, AES-,
+ * and RC4-based encryption types.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class KerberosKeyFactory
+{
+ /** A map of default encryption types mapped to cipher names. */
+ private static final Map<EncryptionType, String> DEFAULT_CIPHERS;
+
+ static
+ {
+ Map<EncryptionType, String> map = new HashMap<EncryptionType, String>();
+
+ map.put( EncryptionType.DES_CBC_MD5, "DES" );
+ map.put( EncryptionType.DES3_CBC_SHA1_KD, "DESede" );
+ map.put( EncryptionType.RC4_HMAC, "ArcFourHmac" );
+ map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, "AES128" );
+ map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, "AES256" );
+
+ DEFAULT_CIPHERS = Collections.unmodifiableMap( map );
+ }
+
+
+ /**
+ * Get a map of KerberosKey's for a given principal name and passphrase. The default set
+ * of encryption types is used.
+ *
+ * @param principalName The principal name to use for key derivation.
+ * @param passPhrase The passphrase to use for key derivation.
+ * @return The map of KerberosKey's.
+ */
+ public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase )
+ {
+ return getKerberosKeys( principalName, passPhrase, DEFAULT_CIPHERS.keySet() );
+ }
+
+
+ /**
+ * Get a list of KerberosKey's for a given principal name and passphrase and list of cipher
+ * types to derive keys for.
+ *
+ * @param principalName The principal name to use for key derivation.
+ * @param passPhrase The passphrase to use for key derivation.
+ * @param ciphers The set of ciphers to derive keys for.
+ * @return The list of KerberosKey's.
+ */
+ public static Map<EncryptionType, EncryptionKey> getKerberosKeys( String principalName, String passPhrase,
+ Set<EncryptionType> ciphers )
+ {
+ KerberosPrincipal principal = new KerberosPrincipal( principalName );
+ Map<EncryptionType, EncryptionKey> kerberosKeys = new HashMap<EncryptionType, EncryptionKey>();
+
+ Iterator<EncryptionType> it = ciphers.iterator();
+ while ( it.hasNext() )
+ {
+ EncryptionType encryptionType = it.next();
+ String algorithm = DEFAULT_CIPHERS.get( encryptionType );
+
+ try
+ {
+ KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(), algorithm );
+ EncryptionKey encryptionKey = new EncryptionKey( encryptionType, kerberosKey.getEncoded(), kerberosKey
+ .getVersionNumber() );
+
+ kerberosKeys.put( encryptionType, encryptionKey );
+ }
+ catch ( IllegalArgumentException iae )
+ {
+ // Algorithm AES256 not enabled
+ }
+ }
+
+ return kerberosKeys;
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyUsage.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyUsage.java
new file mode 100644
index 0000000..14768e0
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyUsage.java
@@ -0,0 +1,191 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+
+/**
+ * From RFC 4120, "The Kerberos Network Authentication Service (V5)":
+ *
+ * 7.5.1. Key Usage Numbers
+ *
+ * The encryption and checksum specifications in [RFC3961] require as
+ * input a "key usage number", to alter the encryption key used in any
+ * specific message in order to make certain types of cryptographic
+ * attack more difficult. These are the key usage values assigned in
+ * [RFC 4120]:
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public final class KeyUsage implements Comparable
+{
+ /**
+ * AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the client key (Section 5.2.7.2)
+ */
+ public static final KeyUsage NUMBER1 = new KeyUsage( 1,
+ "AS-REQ PA-ENC-TIMESTAMP padata timestamp, encrypted with the client key" );
+
+ /**
+ * AS-REP Ticket and TGS-REP Ticket (includes TGS session key or application session key), encrypted with the service key (Section 5.3)
+ */
+ public static final KeyUsage NUMBER2 = new KeyUsage(
+ 2,
+ "AS-REP Ticket and TGS-REP Ticket (includes TGS session key or application session key), encrypted with the service key" );
+
+ /**
+ * AS-REP encrypted part (includes TGS session key or application session key), encrypted with the client key (Section 5.4.2)
+ */
+ public static final KeyUsage NUMBER3 = new KeyUsage( 3,
+ "AS-REP encrypted part (includes TGS session key or application session key), encrypted with the client key" );
+
+ /**
+ * TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS session key (Section 5.4.1)
+ */
+ public static final KeyUsage NUMBER4 = new KeyUsage( 4,
+ "TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS session key" );
+
+ /**
+ * TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS authenticator subkey (Section 5.4.1)
+ */
+ public static final KeyUsage NUMBER5 = new KeyUsage( 5,
+ "TGS-REQ KDC-REQ-BODY AuthorizationData, encrypted with the TGS authenticator subkey" );
+
+ /**
+ * TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the TGS session key (Section 5.5.1)
+ */
+ public static final KeyUsage NUMBER6 = new KeyUsage( 6,
+ "TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator cksum, keyed with the TGS session key" );
+
+ /**
+ * TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS authenticator subkey), encrypted with the TGS session key (Section 5.5.1)
+ */
+ public static final KeyUsage NUMBER7 = new KeyUsage(
+ 7,
+ "TGS-REQ PA-TGS-REQ padata AP-REQ Authenticator (includes TGS authenticator subkey), encrypted with the TGS session key" );
+
+ /**
+ * TGS-REP encrypted part (includes application session key), encrypted with the TGS session key (Section 5.4.2)
+ */
+ public static final KeyUsage NUMBER8 = new KeyUsage( 8,
+ "TGS-REP encrypted part (includes application session key), encrypted with the TGS session key" );
+
+ /**
+ * TGS-REP encrypted part (includes application session key), encrypted with the TGS authenticator subkey (Section 5.4.2)
+ */
+ public static final KeyUsage NUMBER9 = new KeyUsage( 9,
+ "TGS-REP encrypted part (includes application session key), encrypted with the TGS authenticator subkey" );
+
+ /**
+ * AP-REQ Authenticator cksum, keyed with the application session key (Section 5.5.1)
+ */
+ public static final KeyUsage NUMBER10 = new KeyUsage( 10,
+ "AP-REQ Authenticator cksum, keyed with the application session key" );
+
+ /**
+ * AP-REQ Authenticator (includes application authenticator subkey), encrypted with the application session key (Section 5.5.1)
+ */
+ public static final KeyUsage NUMBER11 = new KeyUsage( 11,
+ "AP-REQ Authenticator (includes application authenticator subkey), encrypted with the application session key" );
+
+ /**
+ * AP-REP encrypted part (includes application session subkey), encrypted with the application session key (Section 5.5.2)
+ */
+ public static final KeyUsage NUMBER12 = new KeyUsage( 12,
+ "AP-REP encrypted part (includes application session subkey), encrypted with the application session key" );
+
+ /**
+ * KRB-PRIV encrypted part, encrypted with a key chosen by the application (Section 5.7.1)
+ */
+ public static final KeyUsage NUMBER13 = new KeyUsage( 13,
+ "KRB-PRIV encrypted part, encrypted with a key chosen by the application" );
+
+ /**
+ * These two lines are all that's necessary to export a List of VALUES.
+ */
+ private static final KeyUsage[] values =
+ { NUMBER1, NUMBER2, NUMBER3, NUMBER4, NUMBER5, NUMBER6, NUMBER7, NUMBER8, NUMBER9, NUMBER10, NUMBER11,
+ NUMBER12, NUMBER13 };
+
+ /**
+ * VALUES needs to be located here, otherwise illegal forward reference.
+ */
+ public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ private final int ordinal;
+ private final String name;
+
+
+ /**
+ * Private constructor prevents construction outside of this class.
+ */
+ private KeyUsage( int ordinal, String name )
+ {
+ this.ordinal = ordinal;
+ this.name = name;
+ }
+
+
+ /**
+ * Returns the key usage number type when specified by its ordinal.
+ *
+ * @param type
+ * @return The key usage number type.
+ */
+ public static KeyUsage getTypeByOrdinal( int type )
+ {
+ for ( int ii = 0; ii < values.length; ii++ )
+ {
+ if ( values[ii].ordinal == type )
+ {
+ return values[ii];
+ }
+ }
+
+ return NUMBER1;
+ }
+
+
+ /**
+ * Returns the number associated with this key usage number.
+ *
+ * @return The key usage number
+ */
+ public int getOrdinal()
+ {
+ return ordinal;
+ }
+
+
+ public int compareTo( Object that )
+ {
+ return ordinal - ( ( KeyUsage ) that ).ordinal;
+ }
+
+
+ public String toString()
+ {
+ return name + " (" + ordinal + ")";
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NFold.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NFold.java
new file mode 100644
index 0000000..1c4d397
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NFold.java
@@ -0,0 +1,219 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+/**
+ * An implementation of the n-fold algorithm, as required by RFC 3961,
+ * "Encryption and Checksum Specifications for Kerberos 5."
+ *
+ * "To n-fold a number X, replicate the input value to a length that
+ * is the least common multiple of n and the length of X. Before
+ * each repetition, the input is rotated to the right by 13 bit
+ * positions. The successive n-bit chunks are added together using
+ * 1's-complement addition (that is, with end-around carry) to yield
+ * a n-bit result."
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class NFold
+{
+ /**
+ * N-fold the data n times.
+ *
+ * @param n The number of times to n-fold the data.
+ * @param data The data to n-fold.
+ * @return The n-folded data.
+ */
+ public static byte[] nFold( int n, byte[] data )
+ {
+ int k = data.length * 8;
+ int lcm = getLcm( n, k );
+ int replicate = lcm / k;
+ byte[] sumBytes = new byte[lcm / 8];
+
+ for ( int i = 0; i < replicate; i++ )
+ {
+ int rotation = 13 * i;
+
+ byte[] temp = rotateRight( data, data.length * 8, rotation );
+
+ for ( int j = 0; j < temp.length; j++ )
+ {
+ sumBytes[j + i * temp.length] = temp[j];
+ }
+ }
+
+ byte[] sum = new byte[n / 8];
+ byte[] nfold = new byte[n / 8];
+
+ for ( int m = 0; m < lcm / n; m++ )
+ {
+ for ( int o = 0; o < n / 8; o++ )
+ {
+ sum[o] = sumBytes[o + ( m * n / 8 )];
+ }
+
+ nfold = sum( nfold, sum, nfold.length * 8 );
+
+ }
+
+ return nfold;
+ }
+
+
+ /**
+ * For 2 numbers, return the least-common multiple.
+ *
+ * @param n1 The first number.
+ * @param n2 The second number.
+ * @return The least-common multiple.
+ */
+ protected static int getLcm( int n1, int n2 )
+ {
+ int temp;
+ int product;
+
+ product = n1 * n2;
+
+ do
+ {
+ if ( n1 < n2 )
+ {
+ temp = n1;
+ n1 = n2;
+ n2 = temp;
+ }
+ n1 = n1 % n2;
+ }
+ while ( n1 != 0 );
+
+ return product / n2;
+ }
+
+
+ /**
+ * Right-rotate the given byte array.
+ *
+ * @param in The byte array to right-rotate.
+ * @param len The length of the byte array to rotate.
+ * @param step The number of positions to rotate the byte array.
+ * @return The right-rotated byte array.
+ */
+ private static byte[] rotateRight( byte[] in, int len, int step )
+ {
+ int numOfBytes = ( len - 1 ) / 8 + 1;
+ byte[] out = new byte[numOfBytes];
+
+ for ( int i = 0; i < len; i++ )
+ {
+ int val = getBit( in, i );
+ setBit( out, ( i + step ) % len, val );
+ }
+ return out;
+ }
+
+
+ /**
+ * Perform one's complement addition (addition with end-around carry). Note
+ * that for purposes of n-folding, we do not actually complement the
+ * result of the addition.
+ *
+ * @param n1 The first number.
+ * @param n2 The second number.
+ * @param len The length of the byte arrays to sum.
+ * @return The sum with end-around carry.
+ */
+ protected static byte[] sum( byte[] n1, byte[] n2, int len )
+ {
+ int numOfBytes = ( len - 1 ) / 8 + 1;
+ byte[] out = new byte[numOfBytes];
+ int carry = 0;
+
+ for ( int i = len - 1; i > -1; i-- )
+ {
+ int n1b = getBit( n1, i );
+ int n2b = getBit( n2, i );
+
+ int sum = n1b + n2b + carry;
+
+ if ( sum == 0 || sum == 1 )
+ {
+ setBit( out, i, sum );
+ carry = 0;
+ }
+ else if ( sum == 2 )
+ {
+ carry = 1;
+ }
+ else if ( sum == 3 )
+ {
+ setBit( out, i, 1 );
+ carry = 1;
+ }
+ }
+
+ if ( carry == 1 )
+ {
+ byte[] carryArray = new byte[n1.length];
+ carryArray[carryArray.length - 1] = 1;
+ out = sum( out, carryArray, n1.length * 8 );
+ }
+
+ return out;
+ }
+
+
+ /**
+ * Get a bit from a byte array at a given position.
+ *
+ * @param data The data to get the bit from.
+ * @param pos The position to get the bit at.
+ * @return The value of the bit.
+ */
+ private static int getBit( byte[] data, int pos )
+ {
+ int posByte = pos / 8;
+ int posBit = pos % 8;
+
+ byte valByte = data[posByte];
+ int valInt = valByte >> ( 8 - ( posBit + 1 ) ) & 0x0001;
+ return valInt;
+ }
+
+
+ /**
+ * Set a bit in a byte array at a given position.
+ *
+ * @param data The data to set the bit in.
+ * @param pos The position of the bit to set.
+ * @param The value to set the bit to.
+ */
+ private static void setBit( byte[] data, int pos, int val )
+ {
+ int posByte = pos / 8;
+ int posBit = pos % 8;
+ byte oldByte = data[posByte];
+ oldByte = ( byte ) ( ( ( 0xFF7F >> posBit ) & oldByte ) & 0x00FF );
+ byte newByte = ( byte ) ( ( val << ( 8 - ( posBit + 1 ) ) ) | oldByte );
+ data[posByte] = newByte;
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java
index fdbe1ff..5992dca 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NullEncryption.java
@@ -20,85 +20,67 @@
package org.apache.directory.server.kerberos.shared.crypto.encryption;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.bouncycastle.crypto.BlockCipher;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class NullEncryption extends EncryptionEngine
+class NullEncryption extends EncryptionEngine
{
- public BlockCipher getBlockCipher()
- {
- return null;
- }
-
-
- public ChecksumEngine getChecksumEngine()
- {
- return null;
- }
-
-
- public EncryptionType encryptionType()
+ public EncryptionType getEncryptionType()
{
return EncryptionType.NULL;
}
- public CipherType keyType()
- {
- return CipherType.NULL;
- }
-
-
- public ChecksumType checksumType()
- {
- return ChecksumType.NULL;
- }
-
-
- public int blockSize()
- {
- return 1;
- }
-
-
- public int keySize()
+ public int getChecksumLength()
{
return 0;
}
- public int checksumSize()
+ public int getConfounderLength()
{
return 0;
}
- public int confounderSize()
+ public byte[] getDecryptedData( EncryptionKey key, EncryptedData data, KeyUsage usage ) throws KerberosException
{
- return 0;
+ return data.getCipherText();
}
- public int minimumPadSize()
+ public EncryptedData getEncryptedData( EncryptionKey key, byte[] plainText, KeyUsage usage )
{
- return 0;
+ return new EncryptedData( getEncryptionType(), key.getKeyVersion(), plainText );
}
- protected byte[] processBlockCipher( boolean encrypt, byte[] data, byte[] key, byte[] ivec )
+ public byte[] encrypt( byte[] plainText, byte[] keyBytes )
{
- return data;
+ return processCipher( true, plainText, keyBytes );
}
- public byte[] calculateChecksum( byte[] plainText )
+ public byte[] decrypt( byte[] cipherText, byte[] keyBytes )
+ {
+ return processCipher( false, cipherText, keyBytes );
+ }
+
+
+ public byte[] calculateIntegrity( byte[] plainText, byte[] key, KeyUsage usage )
{
return null;
}
+
+
+ private byte[] processCipher( boolean encrypt, byte[] data, byte[] key )
+ {
+ return data;
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactory.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactory.java
new file mode 100644
index 0000000..a90d9b9
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactory.java
@@ -0,0 +1,142 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.security.NoSuchAlgorithmException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+
+import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * A factory class for producing random keys, suitable for use as session keys. For a
+ * list of desired cipher types, Kerberos random-to-key functions are used to derive
+ * keys for DES-, DES3-, AES-, and RC4-based encryption types.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class RandomKeyFactory
+{
+ /** A map of default encryption types mapped to cipher names. */
+ private static final Map<EncryptionType, String> DEFAULT_CIPHERS;
+
+ static
+ {
+ Map<EncryptionType, String> map = new HashMap<EncryptionType, String>();
+
+ map.put( EncryptionType.DES_CBC_MD5, "DES" );
+ map.put( EncryptionType.DES3_CBC_SHA1_KD, "DESede" );
+ map.put( EncryptionType.RC4_HMAC, "RC4" );
+ map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, "AES" );
+ map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, "AES" );
+
+ DEFAULT_CIPHERS = Collections.unmodifiableMap( map );
+ }
+
+
+ /**
+ * Get a map of random keys. The default set of encryption types is used.
+ *
+ * @return The map of random keys.
+ * @throws KerberosException
+ */
+ public static Map<EncryptionType, EncryptionKey> getRandomKeys() throws KerberosException
+ {
+ return getRandomKeys( DEFAULT_CIPHERS.keySet() );
+ }
+
+
+ /**
+ * Get a map of random keys for a list of cipher types to derive keys for.
+ *
+ * @param ciphers The list of ciphers to derive keys for.
+ * @return The list of KerberosKey's.
+ * @throws KerberosException
+ */
+ public static Map<EncryptionType, EncryptionKey> getRandomKeys( Set<EncryptionType> ciphers ) throws KerberosException
+ {
+ Map<EncryptionType, EncryptionKey> map = new HashMap<EncryptionType, EncryptionKey>();
+
+ Iterator<EncryptionType> it = ciphers.iterator();
+ while ( it.hasNext() )
+ {
+ EncryptionType type = it.next();
+ map.put( type, getRandomKey( type ) );
+ }
+
+ return map;
+ }
+
+
+ /**
+ * Get a new random key for a given {@link EncryptionType}.
+ *
+ * @param encryptionType
+ *
+ * @return The new random key.
+ * @throws KerberosException
+ */
+ public static EncryptionKey getRandomKey( EncryptionType encryptionType ) throws KerberosException
+ {
+ String algorithm = DEFAULT_CIPHERS.get( encryptionType );
+
+ if ( algorithm == null )
+ {
+ throw new KerberosException( ErrorType.KDC_ERR_ETYPE_NOSUPP, encryptionType.getName()
+ + " is not a supported encryption type." );
+ }
+
+ try
+ {
+ KeyGenerator keyGenerator = KeyGenerator.getInstance( algorithm );
+
+ if ( encryptionType.equals( EncryptionType.AES128_CTS_HMAC_SHA1_96 ) )
+ {
+ keyGenerator.init( 128 );
+ }
+
+ if ( encryptionType.equals( EncryptionType.AES256_CTS_HMAC_SHA1_96 ) )
+ {
+ keyGenerator.init( 256 );
+ }
+
+ SecretKey key = keyGenerator.generateKey();
+
+ byte[] keyBytes = key.getEncoded();
+
+ return new EncryptionKey( encryptionType, keyBytes );
+ }
+ catch ( NoSuchAlgorithmException nsae )
+ {
+ throw new KerberosException( ErrorType.KDC_ERR_ETYPE_NOSUPP, nsae.getMessage() );
+ }
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java
index da0755c..f7cf2d0 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/exceptions/ErrorType.java
@@ -26,103 +26,364 @@
/**
- * Type safe enumeration of Kerberos error types
+ * A type-safe enumeration of Kerberos error types.
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public final class ErrorType implements Comparable
{
- /*
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ /**
+ * No error.
*/
public static final ErrorType KDC_ERR_NONE = new ErrorType( 0, "No error" );
+
+ /**
+ * Client's entry in database expired.
+ */
public static final ErrorType KDC_ERR_NAME_EXP = new ErrorType( 1, "Client's entry in database expired" );
+
+ /**
+ * Server's entry in database has expired.
+ */
public static final ErrorType KDC_ERR_SERVICE_EXP = new ErrorType( 2, "Server's entry in database has expired" );
+
+ /**
+ * Requested protocol version number not supported.
+ */
public static final ErrorType KDC_ERR_BAD_PVNO = new ErrorType( 3,
"Requested protocol version number not supported" );
+
+ /**
+ * Client's key encrypted in old master key.
+ */
public static final ErrorType KDC_ERR_C_OLD_MAST_KVNO = new ErrorType( 4,
"Client's key encrypted in old master key" );
+
+ /**
+ * Server's key encrypted in old master key.
+ */
public static final ErrorType KDC_ERR_S_OLD_MAST_KVNO = new ErrorType( 5,
"Server's key encrypted in old master key" );
+
+ /**
+ * Client not found in Kerberos database.
+ */
public static final ErrorType KDC_ERR_C_PRINCIPAL_UNKNOWN = new ErrorType( 6,
"Client not found in Kerberos database" );
+
+ /**
+ * Server not found in Kerberos database.
+ */
public static final ErrorType KDC_ERR_S_PRINCIPAL_UNKNOWN = new ErrorType( 7,
"Server not found in Kerberos database" );
+
+ /**
+ * Multiple principal entries in database.
+ */
public static final ErrorType KDC_ERR_PRINCIPAL_NOT_UNIQUE = new ErrorType( 8,
"Multiple principal entries in database" );
+
+ /**
+ * The client or server has a null key.
+ */
public static final ErrorType KDC_ERR_NULL_KEY = new ErrorType( 9, "The client or server has a null key" );
+
+ /**
+ * Ticket not eligible for postdating.
+ */
public static final ErrorType KDC_ERR_CANNOT_POSTDATE = new ErrorType( 10, "Ticket not eligible for postdating" );
+
+ /**
+ * Requested start time is later than end time.
+ */
public static final ErrorType KDC_ERR_NEVER_VALID = new ErrorType( 11,
"Requested start time is later than end time" );
+
+ /**
+ * KDC policy rejects request.
+ */
public static final ErrorType KDC_ERR_POLICY = new ErrorType( 12, "KDC policy rejects request" );
+
+ /**
+ * KDC cannot accommodate requested option.
+ */
public static final ErrorType KDC_ERR_BADOPTION = new ErrorType( 13, "KDC cannot accommodate requested option" );
+
+ /**
+ * KDC has no support for encryption type.
+ */
public static final ErrorType KDC_ERR_ETYPE_NOSUPP = new ErrorType( 14, "KDC has no support for encryption type" );
+
+ /**
+ * KDC has no support for checksum type.
+ */
public static final ErrorType KDC_ERR_SUMTYPE_NOSUPP = new ErrorType( 15, "KDC has no support for checksum type" );
+
+ /**
+ * KDC has no support for padata type.
+ */
public static final ErrorType KDC_ERR_PADATA_TYPE_NOSUPP = new ErrorType( 16, "KDC has no support for padata type" );
+
+ /**
+ * KDC has no support for transitedEncoding type.
+ */
public static final ErrorType KDC_ERR_TRTYPE_NOSUPP = new ErrorType( 17,
"KDC has no support for transitedEncoding type" );
+
+ /**
+ * Clients credentials have been revoked.
+ */
public static final ErrorType KDC_ERR_CLIENT_REVOKED = new ErrorType( 18, "Clients credentials have been revoked" );
+
+ /**
+ * Credentials for server have been revoked.
+ */
public static final ErrorType KDC_ERR_SERVICE_REVOKED = new ErrorType( 19,
"Credentials for server have been revoked" );
+
+ /**
+ * TGT has been revoked.
+ */
public static final ErrorType KDC_ERR_TGT_REVOKED = new ErrorType( 20, "TGT has been revoked" );
+
+ /**
+ * Client not yet valid - try again later.
+ */
public static final ErrorType KDC_ERR_CLIENT_NOTYET = new ErrorType( 21, "Client not yet valid - try again later" );
+
+ /**
+ * Server not yet valid - try again later.
+ */
public static final ErrorType KDC_ERR_SERVICE_NOTYET = new ErrorType( 22, "Server not yet valid - try again later" );
+
+ /**
+ * Password has expired - change password to reset.
+ */
public static final ErrorType KDC_ERR_KEY_EXPIRED = new ErrorType( 23,
"Password has expired - change password to reset" );
+
+ /**
+ * Pre-authentication information was invalid.
+ */
public static final ErrorType KDC_ERR_PREAUTH_FAILED = new ErrorType( 24,
"Pre-authentication information was invalid" );
+
+ /**
+ * Additional pre-authentication required.
+ */
public static final ErrorType KDC_ERR_PREAUTH_REQUIRED = new ErrorType( 25,
"Additional pre-authentication required" );
+
+ /**
+ * Requested server and ticket don't match.
+ */
public static final ErrorType KDC_ERR_SERVER_NOMATCH = new ErrorType( 26, "Requested server and ticket don't match" );
+
+ /**
+ * Server valid for user2user only.
+ */
public static final ErrorType KDC_ERR_MUST_USE_USER2USER = new ErrorType( 27, "Server valid for user2user only" );
+
+ /**
+ * KDC Policy rejects transitedEncoding path.
+ */
public static final ErrorType KDC_ERR_PATH_NOT_ACCEPTED = new ErrorType( 28,
"KDC Policy rejects transitedEncoding path" );
+
+ /**
+ * A service is not available.
+ */
public static final ErrorType KDC_ERR_SVC_UNAVAILABLE = new ErrorType( 29, "A service is not available" );
+
+ /**
+ * Integrity check on decrypted field failed.
+ */
public static final ErrorType KRB_AP_ERR_BAD_INTEGRITY = new ErrorType( 31,
"Integrity check on decrypted field failed" );
+
+ /**
+ * Ticket expired.
+ */
public static final ErrorType KRB_AP_ERR_TKT_EXPIRED = new ErrorType( 32, "Ticket expired" );
+
+ /**
+ * Ticket not yet valid.
+ */
public static final ErrorType KRB_AP_ERR_TKT_NYV = new ErrorType( 33, "Ticket not yet valid" );
+
+ /**
+ * Request is a replay.
+ */
public static final ErrorType KRB_AP_ERR_REPEAT = new ErrorType( 34, "Request is a replay" );
+
+ /**
+ * The ticket isn't for us.
+ */
public static final ErrorType KRB_AP_ERR_NOT_US = new ErrorType( 35, "The ticket isn't for us" );
+
+ /**
+ * Ticket and authenticator don't match.
+ */
public static final ErrorType KRB_AP_ERR_BADMATCH = new ErrorType( 36, "Ticket and authenticator don't match" );
+
+ /**
+ * Clock skew too great.
+ */
public static final ErrorType KRB_AP_ERR_SKEW = new ErrorType( 37, "Clock skew too great" );
+
+ /**
+ * Incorrect net address.
+ */
public static final ErrorType KRB_AP_ERR_BADADDR = new ErrorType( 38, "Incorrect net address" );
+
+ /**
+ * Protocol version mismatch.
+ */
public static final ErrorType KRB_AP_ERR_BADVERSION = new ErrorType( 39, "Protocol version mismatch" );
+
+ /**
+ * Invalid msg type.
+ */
public static final ErrorType KRB_AP_ERR_MSG_TYPE = new ErrorType( 40, "Invalid msg type" );
+
+ /**
+ * Message stream modified.
+ */
public static final ErrorType KRB_AP_ERR_MODIFIED = new ErrorType( 41, "Message stream modified" );
+
+ /**
+ * Message out of order.
+ */
public static final ErrorType KRB_AP_ERR_BADORDER = new ErrorType( 42, "Message out of order" );
+
+ /**
+ * Specified version of key is not available.
+ */
public static final ErrorType KRB_AP_ERR_BADKEYVER = new ErrorType( 44, "Specified version of key is not available" );
+
+ /**
+ * Service key not available.
+ */
public static final ErrorType KRB_AP_ERR_NOKEY = new ErrorType( 45, "Service key not available" );
+
+ /**
+ * Mutual authentication failed.
+ */
public static final ErrorType KRB_AP_ERR_MUT_FAIL = new ErrorType( 46, "Mutual authentication failed" );
+
+ /**
+ * Incorrect message direction.
+ */
public static final ErrorType KRB_AP_ERR_BADDIRECTION = new ErrorType( 47, "Incorrect message direction" );
+
+ /**
+ * Alternative authentication method required.
+ */
public static final ErrorType KRB_AP_ERR_METHOD = new ErrorType( 48, "Alternative authentication method required" );
+
+ /**
+ * Incorrect sequence number in message.
+ */
public static final ErrorType KRB_AP_ERR_BADSEQ = new ErrorType( 49, "Incorrect sequence number in message" );
+
+ /**
+ * Inappropriate type of checksum in message.
+ */
public static final ErrorType KRB_AP_ERR_INAPP_CKSUM = new ErrorType( 50,
"Inappropriate type of checksum in message" );
+
+ /**
+ * Generic error (description in e-text).
+ */
public static final ErrorType KRB_ERR_GENERIC = new ErrorType( 60, "Generic error (description in e-text)" );
+
+ /**
+ * Field is too long for this implementation.
+ */
public static final ErrorType KRB_ERR_FIELD_TOOLONG = new ErrorType( 61,
"Field is too long for this implementation" );
+
+ /**
+ * Client is not trusted.
+ */
public static final ErrorType KRB_ERR_CLIENT_NOT_TRUSTED = new ErrorType( 62, "Client is not trusted" );
+
+ /**
+ * KDC is not trusted.
+ */
public static final ErrorType KRB_ERR_KDC_NOT_TRUSTED = new ErrorType( 63, "KDC is not trusted" );
+
+ /**
+ * Signature is invalid.
+ */
public static final ErrorType KRB_ERR_INVALID_SIG = new ErrorType( 64, "Signature is invalid" );
+
+ /**
+ * Key too weak.
+ */
public static final ErrorType KRB_ERR_KEY_TOO_WEAK = new ErrorType( 65, "Key too weak" );
+
+ /**
+ * Certificates do not match.
+ */
public static final ErrorType KRB_ERR_CERTIFICATE_MISMATCH = new ErrorType( 66, "Certificates do not match" );
+
+ /**
+ * No tgt for user-to-user authentication.
+ */
public static final ErrorType KRB_AP_ERR_NO_TGT = new ErrorType( 67, "No tgt for user-to-user authentication" );
+
+ /**
+ * Wrong realm.
+ */
public static final ErrorType KRB_ERR_WRONG_REALM = new ErrorType( 68, "Wrong realm" );
+
+ /**
+ * User-to-user authentication required.
+ */
public static final ErrorType KRB_AP_ERR_USER_TO_USER_REQUIRED = new ErrorType( 69,
"User-to-user authentication required" );
+
+ /**
+ * Can't verify certificate.
+ */
public static final ErrorType KRB_ERR_CANT_VERIFY_CERTIFICATE = new ErrorType( 70, "Can't verify certificate" );
+
+ /**
+ * Invalid certificate.
+ */
public static final ErrorType KRB_ERR_INVALID_CERTIFICATE = new ErrorType( 71, "Invalid certificate" );
+
+ /**
+ * Revoked certificate.
+ */
public static final ErrorType KRB_ERR_REVOKED_CERTIFICATE = new ErrorType( 72, "Revoked certificate" );
+
+ /**
+ * Revocation status unknown.
+ */
public static final ErrorType KRB_ERR_REVOCATION_STATUS_UNKNOWN = new ErrorType( 73, "Revocation status unknown" );
+
+ /**
+ * Revocation status unavailable.
+ */
public static final ErrorType KRB_ERR_REVOCATION_STATUS_UNAVAILABLE = new ErrorType( 74,
"Revocation status unavailable" );
+
+ /**
+ * Client names do not match.
+ */
public static final ErrorType KRB_ERR_CLIENT_NAME_MISMATCH = new ErrorType( 75, "Client names do not match" );
+
+ /**
+ * KDC names do not match.
+ */
public static final ErrorType KRB_ERR_KDC_NAME_MISMATCH = new ErrorType( 76, "KDC names do not match" );
- /** Array for building a List of VALUES. */
+ /**
+ * Array for building a List of VALUES.
+ */
private static final ErrorType[] values =
{ KDC_ERR_NONE, KDC_ERR_NAME_EXP, KDC_ERR_SERVICE_EXP, KDC_ERR_BAD_PVNO, KDC_ERR_C_OLD_MAST_KVNO,
KDC_ERR_S_OLD_MAST_KVNO, KDC_ERR_C_PRINCIPAL_UNKNOWN, KDC_ERR_S_PRINCIPAL_UNKNOWN,
@@ -142,20 +403,26 @@
KRB_ERR_REVOCATION_STATUS_UNKNOWN, KRB_ERR_REVOCATION_STATUS_UNAVAILABLE, KRB_ERR_CLIENT_NAME_MISMATCH,
KRB_ERR_KDC_NAME_MISMATCH };
- /** a list of all the error type constants */
+ /**
+ * A List of all the error type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
- /** the name of the error type */
+ /**
+ * The name of the error type.
+ */
private final String name;
- /** the value/code for the error type */
+ /**
+ * The value/code for the error type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private ErrorType(int ordinal, String name)
+ private ErrorType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java
index 1663311..0329661 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ApplicationRequestDecoder.java
@@ -41,6 +41,13 @@
*/
public class ApplicationRequestDecoder
{
+ /**
+ * Decodes a byte array into an {@link ApplicationRequest}.
+ *
+ * @param encodedAuthHeader
+ * @return The {@link ApplicationRequest}.
+ * @throws IOException
+ */
public ApplicationRequest decode( byte[] encodedAuthHeader ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( encodedAuthHeader );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java
index 308e733..52f9775 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/ChecksumDecoder.java
@@ -42,6 +42,8 @@
* cksumtype[0] INTEGER,
* checksum[1] OCTET STRING
* }
+ * @param sequence
+ * @return The {@link Checksum}.
*/
public static Checksum decode( DERSequence sequence )
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java
index eafd0e3..70ae53b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/Decoder.java
@@ -32,5 +32,12 @@
*/
public interface Decoder
{
+ /**
+ * Decodes the byte array into an {@link Encodable} object.
+ *
+ * @param object
+ * @return The {@link Encodable} object.
+ * @throws IOException
+ */
public Encodable decode( byte[] object ) throws IOException;
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java
index 3e6b417..e7d7ceb 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/DecoderFactory.java
@@ -27,5 +27,10 @@
*/
public interface DecoderFactory
{
+ /**
+ * Returns the {@link Decoder}.
+ *
+ * @return The {@link Decoder}.
+ */
public Decoder getDecoder();
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java
index f13d378..6094b0e 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptedDataDecoder.java
@@ -40,6 +40,13 @@
*/
public class EncryptedDataDecoder
{
+ /**
+ * Decodes a byte array into an {@link EncryptedData}.
+ *
+ * @param encodedEncryptedData
+ * @return The {@link EncryptedData}.
+ * @throws IOException
+ */
public static EncryptedData decode( byte[] encodedEncryptedData ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( encodedEncryptedData );
@@ -51,11 +58,16 @@
/**
+ * Decodes a {@link DERSequence} into an {@link EncryptedData}.
+ *
* EncryptedData ::= SEQUENCE {
* etype[0] INTEGER, -- EncryptionEngine
* kvno[1] INTEGER OPTIONAL,
* cipher[2] OCTET STRING -- ciphertext
* }
+ *
+ * @param sequence
+ * @return The {@link EncryptedData}.
*/
public static EncryptedData decode( DERSequence sequence )
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java
index b2d2d5e..319410f 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/EncryptionKeyDecoder.java
@@ -20,10 +20,12 @@
package org.apache.directory.server.kerberos.shared.io.decoder;
+import java.io.IOException;
import java.util.Enumeration;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.shared.asn1.der.ASN1InputStream;
import org.apache.directory.shared.asn1.der.DEREncodable;
import org.apache.directory.shared.asn1.der.DERInteger;
import org.apache.directory.shared.asn1.der.DEROctetString;
@@ -38,6 +40,23 @@
public class EncryptionKeyDecoder
{
/**
+ * Decodes a byte array into an {@link EncryptionKey}.
+ *
+ * @param encodedEncryptionKey
+ * @return The {@link EncryptionKey}.
+ * @throws IOException
+ */
+ public static EncryptionKey decode( byte[] encodedEncryptionKey ) throws IOException
+ {
+ ASN1InputStream ais = new ASN1InputStream( encodedEncryptionKey );
+
+ DERSequence sequence = ( DERSequence ) ais.readObject();
+
+ return decode( sequence );
+ }
+
+
+ /**
* EncryptionKey ::= SEQUENCE {
* keytype[0] INTEGER,
* keyvalue[1] OCTET STRING
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java
index a5e761d..de8dda1 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/KdcRequestDecoder.java
@@ -47,6 +47,13 @@
*/
public class KdcRequestDecoder
{
+ /**
+ * Decodes a {@link ByteBuffer} into a {@link KdcRequest}.
+ *
+ * @param in
+ * @return The {@link KdcRequest}.
+ * @throws IOException
+ */
public KdcRequest decode( ByteBuffer in ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( in );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java
index d1bd609..9d4e723 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PreAuthenticationDataDecoder.java
@@ -40,6 +40,13 @@
*/
public class PreAuthenticationDataDecoder
{
+ /**
+ * Decodes a byte array into {@link PreAuthenticationData}.
+ *
+ * @param encodedPreAuthData
+ * @return The {@link PreAuthenticationData}.
+ * @throws IOException
+ */
public PreAuthenticationData decode( byte[] encodedPreAuthData ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( encodedPreAuthData );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PrincipalNameDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PrincipalNameDecoder.java
index cb66bd5..8ed1332 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PrincipalNameDecoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PrincipalNameDecoder.java
@@ -38,10 +38,15 @@
public class PrincipalNameDecoder
{
/**
+ * Decodes a {@link DERSequence} into a {@link PrincipalName}.
+ *
* PrincipalName ::= SEQUENCE {
* name-type[0] INTEGER,
* name-string[1] SEQUENCE OF GeneralString
* }
+ *
+ * @param sequence
+ * @return The {@link PrincipalName}.
*/
public static PrincipalName decode( DERSequence sequence )
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PrivateMessageDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PrivateMessageDecoder.java
index 70b46e3..fb7377e 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PrivateMessageDecoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/PrivateMessageDecoder.java
@@ -39,6 +39,13 @@
*/
public class PrivateMessageDecoder
{
+ /**
+ * Decodes a byte array into a {@link PrivateMessage}.
+ *
+ * @param encodedPrivateMessage
+ * @return The {@link PrivateMessage}.
+ * @throws IOException
+ */
public PrivateMessage decode( byte[] encodedPrivateMessage ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( encodedPrivateMessage );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/TicketDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/TicketDecoder.java
index 72de049..54c3aac 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/TicketDecoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/decoder/TicketDecoder.java
@@ -39,6 +39,13 @@
*/
public class TicketDecoder
{
+ /**
+ * Decodes a {@link DERSequence} into an array of {@link Ticket}s.
+ *
+ * @param sequence
+ * @return The array of {@link Ticket}s.
+ * @throws IOException
+ */
public static Ticket[] decodeSequence( DERSequence sequence ) throws IOException
{
Ticket[] tickets = new Ticket[sequence.size()];
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ApplicationReplyEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ApplicationReplyEncoder.java
index 60cfe11..06917e6 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ApplicationReplyEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ApplicationReplyEncoder.java
@@ -37,9 +37,19 @@
*/
public class ApplicationReplyEncoder
{
+ /**
+ * Application code constant for the {@link ApplicationReply} (15).
+ */
public static final int APPLICATION_CODE = 15;
+ /**
+ * Encodes an {@link ApplicationReply} into a byte array.
+ *
+ * @param reply
+ * @return The byte array.
+ * @throws IOException
+ */
public byte[] encode( ApplicationReply reply ) throws IOException
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ChecksumEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ChecksumEncoder.java
index 3b610b5..18c7457 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ChecksumEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ChecksumEncoder.java
@@ -34,10 +34,15 @@
public class ChecksumEncoder
{
/**
+ * Encodes a {@link Checksum} into a {@link DERSequence}.
+ *
* Checksum ::= SEQUENCE {
* cksumtype[0] INTEGER,
* checksum[1] OCTET STRING
* }
+ *
+ * @param checksum
+ * @return The {@link DERSequence}.
*/
public static DERSequence encode( Checksum checksum )
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncApRepPartEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncApRepPartEncoder.java
index 7091458..cfa56f1 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncApRepPartEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncApRepPartEncoder.java
@@ -38,6 +38,9 @@
*/
public class EncApRepPartEncoder implements Encoder, EncoderFactory
{
+ /**
+ * The application code constant for the {@link EncApRepPart} (27).
+ */
public static final int APPLICATION_CODE = 27;
@@ -69,7 +72,7 @@
if ( message.getSubSessionKey() != null )
{
- sequence.add( new DERTaggedObject( 2, EncryptionKeyEncoder.encode( message.getSubSessionKey() ) ) );
+ sequence.add( new DERTaggedObject( 2, EncryptionKeyEncoder.encodeSequence( message.getSubSessionKey() ) ) );
}
if ( message.getSequenceNumber() != null )
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncAsRepPartEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncAsRepPartEncoder.java
index 8725b03..1abc24b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncAsRepPartEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncAsRepPartEncoder.java
@@ -20,18 +20,26 @@
package org.apache.directory.server.kerberos.shared.io.encoder;
+import org.apache.directory.server.kerberos.shared.messages.components.EncAsRepPart;
+
+
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
public class EncAsRepPartEncoder extends EncKdcRepPartEncoder implements EncoderFactory
{
- /*
+ /**
+ * The application code constant for an {@link EncAsRepPart}.
+ *
* EncASRepPart ::= [APPLICATION 25[25]] EncKDCRepPart
*/
public static final int APPLICATION_CODE = 25;
+ /**
+ * Creates a new instance of EncAsRepPartEncoder.
+ */
public EncAsRepPartEncoder()
{
super( APPLICATION_CODE );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncKdcRepPartEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncKdcRepPartEncoder.java
index fdf3be3..2572e7b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncKdcRepPartEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncKdcRepPartEncoder.java
@@ -82,7 +82,7 @@
{
DERSequence sequence = new DERSequence();
- sequence.add( new DERTaggedObject( 0, EncryptionKeyEncoder.encode( reply.getKey() ) ) );
+ sequence.add( new DERTaggedObject( 0, EncryptionKeyEncoder.encodeSequence( reply.getKey() ) ) );
sequence.add( new DERTaggedObject( 1, LastRequestEncoder.encode( reply.getLastRequest() ) ) );
sequence.add( new DERTaggedObject( 2, DERInteger.valueOf( reply.getNonce() ) ) );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncTgsRepPartEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncTgsRepPartEncoder.java
index 9f5527a..911a297 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncTgsRepPartEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncTgsRepPartEncoder.java
@@ -32,6 +32,9 @@
public static final int APPLICATION_CODE = 26;
+ /**
+ * Creates a new instance of EncTgsRepPartEncoder.
+ */
public EncTgsRepPartEncoder()
{
super( APPLICATION_CODE );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncTicketPartEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncTicketPartEncoder.java
index 1b10f9d..24ca17d 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncTicketPartEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncTicketPartEncoder.java
@@ -62,6 +62,8 @@
/**
+ * Encodes an {@link EncTicketPart} into a {@link DERSequence}.
+ *
* -- Encrypted part of ticket
* EncTicketPart ::= [APPLICATION 3] SEQUENCE {
* flags[0] TicketFlags,
@@ -76,13 +78,16 @@
* caddr[9] HostAddresses OPTIONAL,
* authorization-data[10] AuthorizationData OPTIONAL
* }
+ *
+ * @param ticketPart
+ * @return The {@link DERSequence}.
*/
public DERSequence encodeInitialSequence( EncTicketPart ticketPart )
{
DERSequence sequence = new DERSequence();
sequence.add( new DERTaggedObject( 0, new DERBitString( ticketPart.getFlags().getBytes() ) ) );
- sequence.add( new DERTaggedObject( 1, EncryptionKeyEncoder.encode( ticketPart.getSessionKey() ) ) );
+ sequence.add( new DERTaggedObject( 1, EncryptionKeyEncoder.encodeSequence( ticketPart.getSessionKey() ) ) );
sequence.add( new DERTaggedObject( 2, DERGeneralString.valueOf( ticketPart.getClientRealm().toString() ) ) );
sequence.add( new DERTaggedObject( 3, PrincipalNameEncoder.encode( ticketPart.getClientPrincipal() ) ) );
sequence.add( new DERTaggedObject( 4, TransitedEncodingEncoder.encode( ticketPart.getTransitedEncoding() ) ) );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/Encoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/Encoder.java
index 456ab3f..01b385c 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/Encoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/Encoder.java
@@ -32,5 +32,12 @@
*/
public interface Encoder
{
+ /**
+ * Encodes an ASN.1 {@link Encodable} object into a byte array.
+ *
+ * @param object
+ * @return The byte array.
+ * @throws IOException
+ */
public byte[] encode( Encodable object ) throws IOException;
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncoderFactory.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncoderFactory.java
index 8b5a1b8..22389e2 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncoderFactory.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncoderFactory.java
@@ -27,5 +27,10 @@
*/
public interface EncoderFactory
{
+ /**
+ * Returns an {@link Encoder}.
+ *
+ * @return The {@link Encoder}.
+ */
public Encoder getEncoder();
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptedDataEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptedDataEncoder.java
index 9c793e3..8165ad3 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptedDataEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptedDataEncoder.java
@@ -37,6 +37,13 @@
*/
public class EncryptedDataEncoder
{
+ /**
+ * Encodes an {@link EncryptedData} into a byte array.
+ *
+ * @param encryptedData
+ * @return The byte array.
+ * @throws IOException
+ */
public static byte[] encode( EncryptedData encryptedData ) throws IOException
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
@@ -50,11 +57,16 @@
/**
+ * Encodes an {@link EncryptedData} into a {@link DERSequence}.
+ *
* EncryptedData ::= SEQUENCE {
* etype[0] INTEGER, -- EncryptionEngine
* kvno[1] INTEGER OPTIONAL,
* cipher[2] OCTET STRING -- ciphertext
* }
+ *
+ * @param encryptedData
+ * @return The {@link DERSequence}.
*/
public static DERSequence encodeSequence( EncryptedData encryptedData )
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptedTimestampEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptedTimestampEncoder.java
index 152795a..035b0f1 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptedTimestampEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptedTimestampEncoder.java
@@ -23,6 +23,7 @@
import java.io.ByteArrayOutputStream;
import java.io.IOException;
+import org.apache.directory.server.kerberos.shared.messages.Encodable;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedTimeStamp;
import org.apache.directory.shared.asn1.der.ASN1OutputStream;
import org.apache.directory.shared.asn1.der.DERInteger;
@@ -34,20 +35,26 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class EncryptedTimestampEncoder
+public class EncryptedTimestampEncoder implements Encoder, EncoderFactory
{
- public byte[] encode( EncryptedTimeStamp encryptedTimestamp ) throws IOException
+ public byte[] encode( Encodable encryptedTimestamp ) throws IOException
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ASN1OutputStream aos = new ASN1OutputStream( baos );
- aos.writeObject( encodeTimestamp( encryptedTimestamp ) );
+ aos.writeObject( encodeTimestamp( ( EncryptedTimeStamp ) encryptedTimestamp ) );
aos.close();
return baos.toByteArray();
}
+ public Encoder getEncoder()
+ {
+ return new EncryptedTimestampEncoder();
+ }
+
+
/**
* PA-ENC-TS-ENC ::= SEQUENCE {
* patimestamp[0] KerberosTime, -- client's time
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionKeyEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionKeyEncoder.java
index 0073eb7..48d5ad0 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionKeyEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionKeyEncoder.java
@@ -20,7 +20,11 @@
package org.apache.directory.server.kerberos.shared.io.encoder;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.shared.asn1.der.ASN1OutputStream;
import org.apache.directory.shared.asn1.der.DERInteger;
import org.apache.directory.shared.asn1.der.DEROctetString;
import org.apache.directory.shared.asn1.der.DERSequence;
@@ -33,7 +37,26 @@
*/
public class EncryptionKeyEncoder
{
- protected static DERSequence encode( EncryptionKey key )
+ /**
+ * Encodes an {@link EncryptionKey} into a byte array.
+ *
+ * @param key
+ * @return The byte array.
+ * @throws IOException
+ */
+ public static byte[] encode( EncryptionKey key ) throws IOException
+ {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ ASN1OutputStream aos = new ASN1OutputStream( baos );
+
+ aos.writeObject( encodeSequence( key ) );
+ aos.close();
+
+ return baos.toByteArray();
+ }
+
+
+ protected static DERSequence encodeSequence( EncryptionKey key )
{
DERSequence vector = new DERSequence();
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionTypeInfoEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionTypeInfoEncoder.java
index dac9732..976fb5c 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionTypeInfoEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/EncryptionTypeInfoEncoder.java
@@ -37,6 +37,13 @@
*/
public class EncryptionTypeInfoEncoder
{
+ /**
+ * Encodes an array of {@link EncryptionTypeInfoEntry}s into a byte array.
+ *
+ * @param entries
+ * @return The byte array.
+ * @throws IOException
+ */
public static byte[] encode( EncryptionTypeInfoEntry[] entries ) throws IOException
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ErrorMessageEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ErrorMessageEncoder.java
index bbcf09a..f958835 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ErrorMessageEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/ErrorMessageEncoder.java
@@ -40,6 +40,13 @@
*/
public class ErrorMessageEncoder
{
+ /**
+ * Encodes an {@link ErrorMessage} into a {@link ByteBuffer}.
+ *
+ * @param message
+ * @param out
+ * @throws IOException
+ */
public void encode( ErrorMessage message, ByteBuffer out ) throws IOException
{
ASN1OutputStream aos = new ASN1OutputStream( out );
@@ -51,6 +58,13 @@
}
+ /**
+ * Encodes an {@link ErrorMessage} into a byte array.
+ *
+ * @param message
+ * @return The byte array.
+ * @throws IOException
+ */
public byte[] encode( ErrorMessage message ) throws IOException
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/KdcReplyEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/KdcReplyEncoder.java
index 2c23c12..8169edc 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/KdcReplyEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/KdcReplyEncoder.java
@@ -40,9 +40,15 @@
*/
public class KdcReplyEncoder
{
- /*
- AS-REP ::= [APPLICATION 11] KDC-REP
- TGS-REP ::= [APPLICATION 13] KDC-REP
+ /**
+ * Encodes a {@link KdcReply} into a {@link ByteBuffer}.
+ *
+ * AS-REP ::= [APPLICATION 11] KDC-REP
+ * TGS-REP ::= [APPLICATION 13] KDC-REP
+ *
+ * @param app
+ * @param out
+ * @throws IOException
*/
public void encode( KdcReply app, ByteBuffer out ) throws IOException
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/KdcReqBodyEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/KdcReqBodyEncoder.java
index 0709b2c..dfb6a85 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/KdcReqBodyEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/KdcReqBodyEncoder.java
@@ -38,6 +38,13 @@
*/
public class KdcReqBodyEncoder
{
+ /**
+ * Encodes a {@link KdcRequest} into a byte array.
+ *
+ * @param request
+ * @return The byte array.
+ * @throws IOException
+ */
public byte[] encode( KdcRequest request ) throws IOException
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/PreAuthenticationDataEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/PreAuthenticationDataEncoder.java
index f502141..fc93fb0 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/PreAuthenticationDataEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/PreAuthenticationDataEncoder.java
@@ -37,6 +37,13 @@
*/
public class PreAuthenticationDataEncoder
{
+ /**
+ * Encodes an array of {@link PreAuthenticationData}s into a byte array.
+ *
+ * @param preAuth
+ * @return The byte array.
+ * @throws IOException
+ */
public static byte[] encode( PreAuthenticationData[] preAuth ) throws IOException
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/PrivateMessageEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/PrivateMessageEncoder.java
index 89a330d..e3038e0 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/PrivateMessageEncoder.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/io/encoder/PrivateMessageEncoder.java
@@ -37,6 +37,13 @@
*/
public class PrivateMessageEncoder
{
+ /**
+ * Encodes a {@link PrivateMessage} into a byte array.
+ *
+ * @param message
+ * @return The byte array.
+ * @throws IOException
+ */
public byte[] encode( PrivateMessage message ) throws IOException
{
ByteArrayOutputStream baos = new ByteArrayOutputStream();
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/jaas/CallbackHandlerBean.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/jaas/CallbackHandlerBean.java
index 34f2563..4f6768f 100755
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/jaas/CallbackHandlerBean.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/jaas/CallbackHandlerBean.java
@@ -39,7 +39,13 @@
private String password;
- public CallbackHandlerBean(String name, String password)
+ /**
+ * Creates a new instance of CallbackHandlerBean.
+ *
+ * @param name
+ * @param password
+ */
+ public CallbackHandlerBean( String name, String password )
{
this.name = name;
this.password = password;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/jaas/Krb5LoginConfiguration.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/jaas/Krb5LoginConfiguration.java
index b803d6d..3d85ac6 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/jaas/Krb5LoginConfiguration.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/jaas/Krb5LoginConfiguration.java
@@ -36,11 +36,14 @@
private static AppConfigurationEntry[] configList = new AppConfigurationEntry[1];
+ /**
+ * Creates a new instance of Krb5LoginConfiguration.
+ */
public Krb5LoginConfiguration()
{
String loginModule = "com.sun.security.auth.module.Krb5LoginModule";
LoginModuleControlFlag flag = LoginModuleControlFlag.REQUIRED;
- configList[0] = new AppConfigurationEntry( loginModule, flag, new HashMap() );
+ configList[0] = new AppConfigurationEntry( loginModule, flag, new HashMap<String, Object>() );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/Keytab.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/Keytab.java
new file mode 100644
index 0000000..616f72f
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/Keytab.java
@@ -0,0 +1,240 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.keytab;
+
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.channels.FileChannel;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.mina.common.ByteBuffer;
+
+
+/**
+ * Keytab file.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class Keytab
+{
+ /**
+ * Byte array constant for keytab file format 5.1.
+ */
+ public static final byte[] VERSION_51 = new byte[]
+ { ( byte ) 0x05, ( byte ) 0x01 };
+
+ /**
+ * Byte array constant for keytab file format 5.2.
+ */
+ public static final byte[] VERSION_52 = new byte[]
+ { ( byte ) 0x05, ( byte ) 0x02 };
+
+ private byte[] keytabVersion = VERSION_52;
+ private List<KeytabEntry> entries = new ArrayList<KeytabEntry>();
+
+
+ /**
+ * Read a keytab file.
+ *
+ * @param file
+ * @return The keytab.
+ * @throws IOException
+ */
+ public static Keytab read( File file ) throws IOException
+ {
+ ByteBuffer buffer = ByteBuffer.wrap( getBytesFromFile( file ) );
+ return readKeytab( buffer );
+ }
+
+
+ /**
+ * Returns a new instance of a keytab with the version
+ * defaulted to 5.2.
+ *
+ * @return The keytab.
+ */
+ public static Keytab getInstance()
+ {
+ return new Keytab();
+ }
+
+
+ /**
+ * Write the keytab to a {@link File}.
+ *
+ * @param file
+ * @throws IOException
+ */
+ public void write( File file ) throws IOException
+ {
+ KeytabEncoder writer = new KeytabEncoder();
+ ByteBuffer buffer = writer.write( keytabVersion, entries );
+ writeFile( buffer, file );
+ }
+
+
+ /**
+ * @param entries The entries to set.
+ */
+ public void setEntries( List<KeytabEntry> entries )
+ {
+ this.entries = entries;
+ }
+
+
+ /**
+ * @param keytabVersion The keytabVersion to set.
+ */
+ public void setKeytabVersion( byte[] keytabVersion )
+ {
+ this.keytabVersion = keytabVersion;
+ }
+
+
+ /**
+ * @return The entries.
+ */
+ public List<KeytabEntry> getEntries()
+ {
+ return Collections.unmodifiableList( entries );
+ }
+
+
+ /**
+ * @return The keytabVersion.
+ */
+ public byte[] getKeytabVersion()
+ {
+ return keytabVersion;
+ }
+
+
+ /**
+ * Read bytes into a keytab.
+ *
+ * @param bytes
+ * @return The keytab.
+ */
+ static Keytab read( byte[] bytes )
+ {
+ ByteBuffer buffer = ByteBuffer.wrap( bytes );
+ return readKeytab( buffer );
+ }
+
+
+ /**
+ * Write the keytab to a {@link ByteBuffer}.
+ * @return The buffer.
+ */
+ ByteBuffer write()
+ {
+ KeytabEncoder writer = new KeytabEncoder();
+ return writer.write( keytabVersion, entries );
+ }
+
+
+ /**
+ * Read the contents of the buffer into a keytab.
+ *
+ * @param buffer
+ * @return The keytab.
+ */
+ private static Keytab readKeytab( ByteBuffer buffer )
+ {
+ KeytabDecoder reader = new KeytabDecoder();
+ byte[] keytabVersion = reader.getKeytabVersion( buffer );
+ List<KeytabEntry> entries = reader.getKeytabEntries( buffer );
+
+ Keytab keytab = new Keytab();
+
+ keytab.setKeytabVersion( keytabVersion );
+ keytab.setEntries( entries );
+
+ return keytab;
+ }
+
+
+ /**
+ * Returns the contents of the {@link File} in a byte array.
+ *
+ * @param file
+ * @return The byte array of the file contents.
+ * @throws IOException
+ */
+ protected static byte[] getBytesFromFile( File file ) throws IOException
+ {
+ InputStream is = new FileInputStream( file );
+
+ long length = file.length();
+
+ // Check to ensure that file is not larger than Integer.MAX_VALUE.
+ if ( length > Integer.MAX_VALUE )
+ {
+ throw new IOException( "File is too large " + file.getName() );
+ }
+
+ // Create the byte array to hold the data.
+ byte[] bytes = new byte[( int ) length];
+
+ // Read in the bytes
+ int offset = 0;
+ int numRead = 0;
+ while ( offset < bytes.length && ( numRead = is.read( bytes, offset, bytes.length - offset ) ) >= 0 )
+ {
+ offset += numRead;
+ }
+
+ // Ensure all the bytes have been read in.
+ if ( offset < bytes.length )
+ {
+ throw new IOException( "Could not completely read file " + file.getName() );
+ }
+
+ // Close the input stream and return bytes.
+ is.close();
+ return bytes;
+ }
+
+
+ /**
+ * Write the contents of the {@link ByteBuffer} to a {@link File}.
+ *
+ * @param buffer
+ * @param file
+ * @throws IOException
+ */
+ protected void writeFile( ByteBuffer buffer, File file ) throws IOException
+ {
+ // Set append false to replace existing.
+ FileChannel wChannel = new FileOutputStream( file, false ).getChannel();
+
+ // Write the bytes between the position and limit.
+ wChannel.write( buffer.buf() );
+
+ wChannel.close();
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/KeytabDecoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/KeytabDecoder.java
new file mode 100644
index 0000000..d7645e0
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/KeytabDecoder.java
@@ -0,0 +1,180 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.keytab;
+
+
+import java.io.UnsupportedEncodingException;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
+import org.apache.mina.common.ByteBuffer;
+
+
+/**
+ * Decode a {@link ByteBuffer} into keytab fields.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+class KeytabDecoder
+{
+ /**
+ * Read the keytab 16-bit file format version. This
+ * keytab reader currently only supports version 5.2.
+ */
+ byte[] getKeytabVersion( ByteBuffer buffer )
+ {
+ byte[] version = new byte[2];
+ buffer.get( version );
+
+ return version;
+ }
+
+
+ /**
+ * Read keytab entries until there is no remaining data
+ * in the buffer.
+ *
+ * @param buffer
+ * @return The keytab entries.
+ */
+ List<KeytabEntry> getKeytabEntries( ByteBuffer buffer )
+ {
+ List<KeytabEntry> entries = new ArrayList<KeytabEntry>();
+
+ while ( buffer.remaining() > 0 )
+ {
+ int size = buffer.getInt();
+ byte[] entry = new byte[size];
+
+ buffer.get( entry );
+ entries.add( getKeytabEntry( ByteBuffer.wrap( entry ) ) );
+ }
+
+ return entries;
+ }
+
+
+ /**
+ * Reads off a "keytab entry," which consists of a principal name,
+ * principal type, key version number, and key material.
+ */
+ private KeytabEntry getKeytabEntry( ByteBuffer buffer )
+ {
+ String principalName = getPrincipalName( buffer );
+
+ long principalType = buffer.getUnsignedInt();
+
+ long time = buffer.getUnsignedInt();
+ KerberosTime timeStamp = new KerberosTime( time * 1000 );
+
+ byte keyVersion = buffer.get();
+
+ EncryptionKey key = getKeyBlock( buffer, keyVersion );
+
+ return new KeytabEntry( principalName, principalType, timeStamp, keyVersion, key );
+ }
+
+
+ /**
+ * Reads off a principal name.
+ *
+ * @param buffer
+ * @return The principal name.
+ */
+ private String getPrincipalName( ByteBuffer buffer )
+ {
+ int count = buffer.getUnsignedShort();
+
+ // decrement for v1
+ String realm = getCountedString( buffer );
+
+ StringBuffer principalNameBuffer = new StringBuffer();
+
+ for ( int ii = 0; ii < count; ii++ )
+ {
+ String nameComponent = getCountedString( buffer );
+
+ principalNameBuffer.append( nameComponent );
+
+ if ( ii < count - 1 )
+ {
+ principalNameBuffer.append( "\\" );
+ }
+ }
+
+ principalNameBuffer.append( "@" + realm );
+
+ return principalNameBuffer.toString();
+ }
+
+
+ /**
+ * Read off a 16-bit encryption type and symmetric key material.
+ */
+ private EncryptionKey getKeyBlock( ByteBuffer buffer, int keyVersion )
+ {
+ int type = buffer.getUnsignedShort();
+ byte[] keyblock = getCountedBytes( buffer );
+
+ EncryptionType encryptionType = EncryptionType.getTypeByOrdinal( type );
+ EncryptionKey key = new EncryptionKey( encryptionType, keyblock, keyVersion );
+
+ return key;
+ }
+
+
+ /**
+ * Use a prefixed 16-bit length to read off a String. Realm and name
+ * components are ASCII encoded text with no zero terminator.
+ */
+ private String getCountedString( ByteBuffer buffer )
+ {
+ int length = buffer.getUnsignedShort();
+ byte[] data = new byte[length];
+ buffer.get( data );
+
+ try
+ {
+ return new String( data, "ASCII" );
+ }
+ catch ( UnsupportedEncodingException uee )
+ {
+ // Should never happen for ASCII
+ return "";
+ }
+ }
+
+
+ /**
+ * Use a prefixed 16-bit length to read off raw bytes.
+ */
+ private byte[] getCountedBytes( ByteBuffer buffer )
+ {
+ int length = buffer.getUnsignedShort();
+ byte[] data = new byte[length];
+ buffer.get( data );
+
+ return data;
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/KeytabEncoder.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/KeytabEncoder.java
new file mode 100644
index 0000000..cd22eca
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/KeytabEncoder.java
@@ -0,0 +1,168 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.keytab;
+
+
+import java.util.Iterator;
+import java.util.List;
+
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.mina.common.ByteBuffer;
+
+
+/**
+ * Encode keytab fields into a {@link ByteBuffer}.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+class KeytabEncoder
+{
+ /**
+ * Write the keytab version and entries into a {@link ByteBuffer}.
+ *
+ * @param keytabVersion
+ * @param entries
+ * @return The ByteBuffer.
+ */
+ ByteBuffer write( byte[] keytabVersion, List<KeytabEntry> entries )
+ {
+ ByteBuffer buffer = ByteBuffer.allocate( 512 );
+ putKeytabVersion( buffer, keytabVersion );
+ putKeytabEntries( buffer, entries );
+ buffer.flip();
+
+ return buffer;
+ }
+
+
+ /**
+ * Encode the 16-bit file format version. This
+ * keytab reader currently only support verision 5.2.
+ */
+ private void putKeytabVersion( ByteBuffer buffer, byte[] version )
+ {
+ buffer.put( version );
+ }
+
+
+ /**
+ * Encode the keytab entries.
+ *
+ * @param buffer
+ * @param entries
+ */
+ private void putKeytabEntries( ByteBuffer buffer, List<KeytabEntry> entries )
+ {
+ Iterator<KeytabEntry> iterator = entries.iterator();
+
+ while ( iterator.hasNext() )
+ {
+ ByteBuffer entryBuffer = putKeytabEntry( iterator.next() );
+ int size = entryBuffer.position();
+
+ entryBuffer.flip();
+
+ buffer.putInt( size );
+ buffer.put( entryBuffer );
+ }
+ }
+
+
+ /**
+ * Encode a "keytab entry," which consists of a principal name,
+ * principal type, key version number, and key material.
+ */
+ private ByteBuffer putKeytabEntry( KeytabEntry entry )
+ {
+ ByteBuffer buffer = ByteBuffer.allocate( 100 );
+
+ putPrincipalName( buffer, entry.getPrincipalName() );
+
+ buffer.putInt( ( int ) entry.getPrincipalType() );
+
+ buffer.putInt( ( int ) ( entry.getTimeStamp().getTime() / 1000 ) );
+
+ buffer.put( entry.getKeyVersion() );
+
+ putKeyBlock( buffer, entry.getKey() );
+
+ return buffer;
+ }
+
+
+ /**
+ * Encode a principal name.
+ *
+ * @param buffer
+ * @param principalName
+ */
+ private void putPrincipalName( ByteBuffer buffer, String principalName )
+ {
+ String[] split = principalName.split( "@" );
+ String nameComponent = split[0];
+ String realm = split[1];
+
+ String[] nameComponents = nameComponent.split( "/" );
+
+ // increment for v1
+ buffer.putShort( ( short ) nameComponents.length );
+
+ putCountedString( buffer, realm );
+ // write components
+
+ for ( int ii = 0; ii < nameComponents.length; ii++ )
+ {
+ putCountedString( buffer, nameComponents[ii] );
+ }
+ }
+
+
+ /**
+ * Encode a 16-bit encryption type and symmetric key material.
+ */
+ private void putKeyBlock( ByteBuffer buffer, EncryptionKey key )
+ {
+ buffer.putShort( ( short ) key.getKeyType().getOrdinal() );
+ putCountedBytes( buffer, key.getKeyValue() );
+ }
+
+
+ /**
+ * Use a prefixed 16-bit length to encode a String. Realm and name
+ * components are ASCII encoded text with no zero terminator.
+ */
+ private void putCountedString( ByteBuffer buffer, String string )
+ {
+ byte[] data = string.getBytes();
+ buffer.putShort( ( short ) data.length );
+ buffer.put( data );
+ }
+
+
+ /**
+ * Use a prefixed 16-bit length to encode raw bytes.
+ */
+ private void putCountedBytes( ByteBuffer buffer, byte[] data )
+ {
+ buffer.putShort( ( short ) data.length );
+ buffer.put( data );
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/KeytabEntry.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/KeytabEntry.java
new file mode 100644
index 0000000..ec2cdb4
--- /dev/null
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/keytab/KeytabEntry.java
@@ -0,0 +1,109 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.keytab;
+
+
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
+
+
+/**
+ * An entry within a keytab file.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class KeytabEntry
+{
+ private String principalName;
+
+ private long principalType;
+
+ private KerberosTime timeStamp;
+
+ private byte keyVersion;
+
+ private EncryptionKey key;
+
+
+ /**
+ * Creates a new instance of Entry.
+ *
+ * @param principalName
+ * @param principalType
+ * @param timeStamp
+ * @param keyVersion
+ * @param key
+ */
+ public KeytabEntry( String principalName, long principalType, KerberosTime timeStamp, byte keyVersion,
+ EncryptionKey key )
+ {
+ this.principalName = principalName;
+ this.principalType = principalType;
+ this.timeStamp = timeStamp;
+ this.keyVersion = keyVersion;
+ this.key = key;
+ }
+
+
+ /**
+ * @return The key.
+ */
+ public EncryptionKey getKey()
+ {
+ return key;
+ }
+
+
+ /**
+ * @return The keyVersion.
+ */
+ public byte getKeyVersion()
+ {
+ return keyVersion;
+ }
+
+
+ /**
+ * @return The principalName.
+ */
+ public String getPrincipalName()
+ {
+ return principalName;
+ }
+
+
+ /**
+ * @return The principalType.
+ */
+ public long getPrincipalType()
+ {
+ return principalType;
+ }
+
+
+ /**
+ * @return The timeStamp.
+ */
+ public KerberosTime getTimeStamp()
+ {
+ return timeStamp;
+ }
+}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ApplicationRequest.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ApplicationRequest.java
index d2c442d..4c528ab 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ApplicationRequest.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ApplicationRequest.java
@@ -39,7 +39,7 @@
/**
- * Class constructors
+ * Creates a new instance of ApplicationRequest.
*/
public ApplicationRequest()
{
@@ -48,7 +48,14 @@
}
- public ApplicationRequest(ApOptions apOptions, Ticket ticket, EncryptedData encPart)
+ /**
+ * Creates a new instance of ApplicationRequest.
+ *
+ * @param apOptions
+ * @param ticket
+ * @param encPart
+ */
+ public ApplicationRequest( ApOptions apOptions, Ticket ticket, EncryptedData encPart )
{
super( MessageType.KRB_AP_REQ );
this.apOptions = apOptions;
@@ -57,67 +64,122 @@
}
+ /**
+ * Returns the {@link ApOptions}.
+ *
+ * @return The {@link ApOptions}.
+ */
public ApOptions getApOptions()
{
return apOptions;
}
+ /**
+ * Returns the {@link Authenticator}.
+ *
+ * @return The {@link Authenticator}.
+ */
public Authenticator getAuthenticator()
{
return authenticator;
}
+ /**
+ * Returns the {@link Ticket}.
+ *
+ * @return The {@link Ticket}.
+ */
public Ticket getTicket()
{
return ticket;
}
- // delegate ApOptions methods
+ /**
+ * Returns the option at a specified index.
+ *
+ * @param option
+ * @return The option.
+ */
public boolean getOption( int option )
{
return apOptions.get( option );
}
+ /**
+ * Sets the option at a specified index.
+ *
+ * @param option
+ */
public void setOption( int option )
{
apOptions.set( option );
}
+ /**
+ * Clears the option at a specified index.
+ *
+ * @param option
+ */
public void clearOption( int option )
{
apOptions.clear( option );
}
+ /**
+ * Returns the {@link EncryptedData}.
+ *
+ * @return The {@link EncryptedData}.
+ */
public EncryptedData getEncPart()
{
return encPart;
}
+ /**
+ * Sets the {@link EncryptedData}.
+ *
+ * @param data
+ */
public void setEncPart( EncryptedData data )
{
encPart = data;
}
+ /**
+ * Sets the {@link ApOptions}.
+ *
+ * @param options
+ */
public void setApOptions( ApOptions options )
{
apOptions = options;
}
+ /**
+ * Sets the {@link Authenticator}.
+ *
+ * @param authenticator
+ */
public void setAuthenticator( Authenticator authenticator )
{
this.authenticator = authenticator;
}
+ /**
+ * Sets the {@link Ticket}.
+ *
+ * @param ticket
+ */
public void setTicket( Ticket ticket )
{
this.ticket = ticket;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthenticationReply.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthenticationReply.java
index ac1bfea..fb86cb4 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthenticationReply.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/AuthenticationReply.java
@@ -34,7 +34,7 @@
public class AuthenticationReply extends KdcReply
{
/**
- * Class constructors
+ * Creates a new instance of AuthenticationReply.
*/
public AuthenticationReply()
{
@@ -42,8 +42,16 @@
}
- public AuthenticationReply(PreAuthenticationData[] paData, KerberosPrincipal clientPrincipal, Ticket ticket,
- EncryptedData encPart)
+ /**
+ * Creates a new instance of AuthenticationReply.
+ *
+ * @param paData
+ * @param clientPrincipal
+ * @param ticket
+ * @param encPart
+ */
+ public AuthenticationReply( PreAuthenticationData[] paData, KerberosPrincipal clientPrincipal, Ticket ticket,
+ EncryptedData encPart )
{
super( paData, clientPrincipal, ticket, encPart, MessageType.KRB_AS_REP );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ErrorMessage.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ErrorMessage.java
index a7c4663..9551c3d 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ErrorMessage.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ErrorMessage.java
@@ -42,9 +42,22 @@
private byte[] explanatoryData; //optional
- public ErrorMessage(KerberosTime clientTime, Integer clientMicroSecond, KerberosTime serverTime,
+ /**
+ * Creates a new instance of ErrorMessage.
+ *
+ * @param clientTime
+ * @param clientMicroSecond
+ * @param serverTime
+ * @param serverMicroSecond
+ * @param errorCode
+ * @param clientPrincipal
+ * @param serverPrincipal
+ * @param explanatoryText
+ * @param explanatoryData
+ */
+ public ErrorMessage( KerberosTime clientTime, Integer clientMicroSecond, KerberosTime serverTime,
int serverMicroSecond, int errorCode, KerberosPrincipal clientPrincipal, KerberosPrincipal serverPrincipal,
- String explanatoryText, byte[] explanatoryData)
+ String explanatoryText, byte[] explanatoryData )
{
super( MessageType.KRB_ERROR );
@@ -60,54 +73,99 @@
}
+ /**
+ * Returns the client {@link KerberosPrincipal}.
+ *
+ * @return The client {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getClientPrincipal()
{
return clientPrincipal;
}
+ /**
+ * Returns the client {@link KerberosTime}.
+ *
+ * @return The client {@link KerberosTime}.
+ */
public KerberosTime getClientTime()
{
return clientTime;
}
+ /**
+ * Returns the client microsecond.
+ *
+ * @return The client microsecond.
+ */
public Integer getClientMicroSecond()
{
return clientMicroSecond;
}
+ /**
+ * Returns the explanatory data.
+ *
+ * @return The explanatory data.
+ */
public byte[] getExplanatoryData()
{
return explanatoryData;
}
+ /**
+ * Returns the error code.
+ *
+ * @return The error code.
+ */
public int getErrorCode()
{
return errorCode;
}
+ /**
+ * Returns the explanatory text.
+ *
+ * @return The explanatory text.
+ */
public String getExplanatoryText()
{
return explanatoryText;
}
+ /**
+ * Returns the server {@link KerberosPrincipal}.
+ *
+ * @return The server {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getServerPrincipal()
{
return serverPrincipal;
}
+ /**
+ * Returns the server {@link KerberosTime}.
+ *
+ * @return The server {@link KerberosTime}.
+ */
public KerberosTime getServerTime()
{
return serverTime;
}
+ /**
+ * Returns the server microsecond.
+ *
+ * @return The server microsecond.
+ */
public int getServerMicroSecond()
{
return serverMicroSecond;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ErrorMessageModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ErrorMessageModifier.java
index 12ee8cc..1b3fba6 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ErrorMessageModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/ErrorMessageModifier.java
@@ -42,6 +42,11 @@
private byte[] explanatoryData; //optional
+ /**
+ * Returns the {@link ErrorMessage}.
+ *
+ * @return The {@link ErrorMessage}.
+ */
public ErrorMessage getErrorMessage()
{
return new ErrorMessage( clientTime, clientMicroSecond, serverTime, serverMicroSecond, errorCode,
@@ -49,54 +54,99 @@
}
+ /**
+ * Sets the client {@link KerberosPrincipal}.
+ *
+ * @param principal
+ */
public void setClientPrincipal( KerberosPrincipal principal )
{
this.clientPrincipal = principal;
}
+ /**
+ * Sets the client {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setClientTime( KerberosTime time )
{
this.clientTime = time;
}
+ /**
+ * Sets the client microsecond.
+ *
+ * @param clientMicroSecond
+ */
public void setClientMicroSecond( Integer clientMicroSecond )
{
this.clientMicroSecond = clientMicroSecond;
}
+ /**
+ * Sets the explanatory data.
+ *
+ * @param data
+ */
public void setExplanatoryData( byte[] data )
{
this.explanatoryData = data;
}
+ /**
+ * Sets the error code.
+ *
+ * @param code
+ */
public void setErrorCode( int code )
{
this.errorCode = code;
}
+ /**
+ * Sets the explanatory text.
+ *
+ * @param text
+ */
public void setExplanatoryText( String text )
{
this.explanatoryText = text;
}
+ /**
+ * Sets the server {@link KerberosPrincipal}.
+ *
+ * @param principal
+ */
public void setServerPrincipal( KerberosPrincipal principal )
{
this.serverPrincipal = principal;
}
+ /**
+ * Sets the server {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setServerTime( KerberosTime time )
{
this.serverTime = time;
}
+ /**
+ * Sets the server microsecond.
+ *
+ * @param serverMicroSecond
+ */
public void setServerMicroSecond( int serverMicroSecond )
{
this.serverMicroSecond = serverMicroSecond;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcReply.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcReply.java
index 5f4f7ee..8f199a2 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcReply.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcReply.java
@@ -47,14 +47,28 @@
private EncryptedData encPart;
- public KdcReply(MessageType msgType)
+ /**
+ * Creates a new instance of KdcReply.
+ *
+ * @param msgType
+ */
+ public KdcReply( MessageType msgType )
{
super( msgType );
}
- public KdcReply(PreAuthenticationData[] paData, KerberosPrincipal clientPrincipal, Ticket ticket,
- EncryptedData encPart, MessageType msgType)
+ /**
+ * Creates a new instance of KdcReply.
+ *
+ * @param paData
+ * @param clientPrincipal
+ * @param ticket
+ * @param encPart
+ * @param msgType
+ */
+ public KdcReply( PreAuthenticationData[] paData, KerberosPrincipal clientPrincipal, Ticket ticket,
+ EncryptedData encPart, MessageType msgType )
{
this( msgType );
this.paData = paData;
@@ -64,62 +78,110 @@
}
- // getters
+ /**
+ * Returns the client {@link KerberosPrincipal}.
+ *
+ * @return The client {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getClientPrincipal()
{
return clientPrincipal;
}
+ /**
+ * Returns the client realm.
+ *
+ * @return The client realm.
+ */
public String getClientRealm()
{
return clientPrincipal.getRealm();
}
+ /**
+ * Returns the {@link EncryptedData}.
+ *
+ * @return The {@link EncryptedData}.
+ */
public EncryptedData getEncPart()
{
return encPart;
}
+ /**
+ * Returns an array of {@link PreAuthenticationData}s.
+ *
+ * @return The array of {@link PreAuthenticationData}s.
+ */
public PreAuthenticationData[] getPaData()
{
return paData;
}
+ /**
+ * Returns the {@link Ticket}.
+ *
+ * @return The {@link Ticket}.
+ */
public Ticket getTicket()
{
return ticket;
}
- // setters
+ /**
+ * Sets the client {@link KerberosPrincipal}.
+ *
+ * @param clientPrincipal
+ */
public void setClientPrincipal( KerberosPrincipal clientPrincipal )
{
this.clientPrincipal = clientPrincipal;
}
+ /**
+ * Sets the {@link EncKdcRepPart}.
+ *
+ * @param repPart
+ */
public void setEncKDCRepPart( EncKdcRepPart repPart )
{
encKDCRepPart = repPart;
}
+ /**
+ * Sets the {@link EncryptedData}.
+ *
+ * @param part
+ */
public void setEncPart( EncryptedData part )
{
encPart = part;
}
+ /**
+ * Sets the array of {@link PreAuthenticationData}s.
+ *
+ * @param data
+ */
public void setPaData( PreAuthenticationData[] data )
{
paData = data;
}
+ /**
+ * Sets the {@link Ticket}.
+ *
+ * @param ticket
+ */
public void setTicket( Ticket ticket )
{
this.ticket = ticket;
@@ -127,72 +189,133 @@
// EncKdcRepPart delegate getters
+
+ /**
+ * Returns the auth {@link KerberosTime}.
+ *
+ * @return The auth {@link KerberosTime}.
+ */
public KerberosTime getAuthTime()
{
return encKDCRepPart.getAuthTime();
}
+ /**
+ * Returns the client {@link HostAddresses}.
+ *
+ * @return The client {@link HostAddresses}.
+ */
public HostAddresses getClientAddresses()
{
return encKDCRepPart.getClientAddresses();
}
+ /**
+ * Return the end {@link KerberosTime}.
+ *
+ * @return The end {@link KerberosTime}.
+ */
public KerberosTime getEndTime()
{
return encKDCRepPart.getEndTime();
}
+ /**
+ * Returns the {@link TicketFlags}.
+ *
+ * @return The {@link TicketFlags}.
+ */
public TicketFlags getFlags()
{
return encKDCRepPart.getFlags();
}
+ /**
+ * Returns the {@link EncryptionKey}.
+ *
+ * @return The {@link EncryptionKey}.
+ */
public EncryptionKey getKey()
{
return encKDCRepPart.getKey();
}
+ /**
+ * Returns the key expiration {@link KerberosTime}.
+ *
+ * @return The key expiration {@link KerberosTime}.
+ */
public KerberosTime getKeyExpiration()
{
return encKDCRepPart.getKeyExpiration();
}
+ /**
+ * Returns the {@link LastRequest}.
+ *
+ * @return The {@link LastRequest}.
+ */
public LastRequest getLastRequest()
{
return encKDCRepPart.getLastRequest();
}
+ /**
+ * Returns the nonce.
+ *
+ * @return The nonce.
+ */
public int getNonce()
{
return encKDCRepPart.getNonce();
}
+ /**
+ * Returns the renew till {@link KerberosTime}.
+ *
+ * @return The renew till {@link KerberosTime}.
+ */
public KerberosTime getRenewTill()
{
return encKDCRepPart.getRenewTill();
}
+ /**
+ * Returns the server {@link KerberosPrincipal}.
+ *
+ * @return The server {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getServerPrincipal()
{
return encKDCRepPart.getServerPrincipal();
}
+ /**
+ * Return the server realm.
+ *
+ * @return The server realm.
+ */
public String getServerRealm()
{
return encKDCRepPart.getServerRealm();
}
+ /**
+ * Returns the start {@link KerberosTime}.
+ *
+ * @return The start {@link KerberosTime}.
+ */
public KerberosTime getStartTime()
{
return encKDCRepPart.getStartTime();
@@ -200,66 +323,122 @@
// EncKdcRepPart delegate setters
+
+ /**
+ * Sets the auth {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setAuthTime( KerberosTime time )
{
encKDCRepPart.setAuthTime( time );
}
+ /**
+ * Sets the client {@link HostAddresses}.
+ *
+ * @param addresses
+ */
public void setClientAddresses( HostAddresses addresses )
{
encKDCRepPart.setClientAddresses( addresses );
}
+ /**
+ * Sets the end {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setEndTime( KerberosTime time )
{
encKDCRepPart.setEndTime( time );
}
+ /**
+ * Sets the {@link TicketFlags}.
+ *
+ * @param flags
+ */
public void setFlags( TicketFlags flags )
{
encKDCRepPart.setFlags( flags );
}
+ /**
+ * Sets the {@link EncryptionKey}.
+ *
+ * @param key
+ */
public void setKey( EncryptionKey key )
{
encKDCRepPart.setKey( key );
}
+ /**
+ * Sets the key expiration {@link KerberosTime}.
+ *
+ * @param expiration
+ */
public void setKeyExpiration( KerberosTime expiration )
{
encKDCRepPart.setKeyExpiration( expiration );
}
+ /**
+ * Sets the {@link LastRequest}.
+ *
+ * @param request
+ */
public void setLastRequest( LastRequest request )
{
encKDCRepPart.setLastRequest( request );
}
+ /**
+ * Sets the nonce.
+ *
+ * @param nonce
+ */
public void setNonce( int nonce )
{
encKDCRepPart.setNonce( nonce );
}
+ /**
+ * Sets the renew till {@link KerberosTime}.
+ *
+ * @param till
+ */
public void setRenewTill( KerberosTime till )
{
encKDCRepPart.setRenewTill( till );
}
+ /**
+ * Sets the server {@link KerberosPrincipal}.
+ *
+ * @param principal
+ */
public void setServerPrincipal( KerberosPrincipal principal )
{
encKDCRepPart.setServerPrincipal( principal );
}
+ /**
+ * Sets the start {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setStartTime( KerberosTime time )
{
encKDCRepPart.setStartTime( time );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java
index f7d8299..859ec66 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KdcRequest.java
@@ -43,7 +43,15 @@
private byte[] bodyBytes;
- public KdcRequest(int pvno, MessageType messageType, PreAuthenticationData[] preAuthData, RequestBody requestBody)
+ /**
+ * Creates a new instance of KdcRequest.
+ *
+ * @param pvno
+ * @param messageType
+ * @param preAuthData
+ * @param requestBody
+ */
+ public KdcRequest( int pvno, MessageType messageType, PreAuthenticationData[] preAuthData, RequestBody requestBody )
{
super( pvno, messageType );
this.preAuthData = preAuthData;
@@ -51,20 +59,40 @@
}
- public KdcRequest(int pvno, MessageType messageType, PreAuthenticationData[] preAuthData, RequestBody requestBody,
- byte[] bodyBytes)
+ /**
+ * Creates a new instance of KdcRequest.
+ *
+ * @param pvno
+ * @param messageType
+ * @param preAuthData
+ * @param requestBody
+ * @param bodyBytes
+ */
+ public KdcRequest( int pvno, MessageType messageType, PreAuthenticationData[] preAuthData, RequestBody requestBody,
+ byte[] bodyBytes )
{
this( pvno, messageType, preAuthData, requestBody );
this.bodyBytes = bodyBytes;
}
+ /**
+ * Returns an array of {@link PreAuthenticationData}s.
+ *
+ * @return The array of {@link PreAuthenticationData}s.
+ */
public PreAuthenticationData[] getPreAuthData()
{
return preAuthData;
}
+ /**
+ * Returns the bytes of the body. This is used for verifying checksums in
+ * the Ticket-Granting Service (TGS).
+ *
+ * @return The bytes of the body.
+ */
public byte[] getBodyBytes()
{
return bodyBytes;
@@ -72,72 +100,133 @@
// RequestBody delegate methods
+
+ /**
+ * Returns additional {@link Ticket}s.
+ *
+ * @return The {@link Ticket}s.
+ */
public Ticket[] getAdditionalTickets()
{
return requestBody.getAdditionalTickets();
}
+ /**
+ * Returns the {@link HostAddresses}.
+ *
+ * @return The {@link HostAddresses}.
+ */
public HostAddresses getAddresses()
{
return requestBody.getAddresses();
}
+ /**
+ * Returns the client {@link KerberosPrincipal}.
+ *
+ * @return The client {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getClientPrincipal()
{
return requestBody.getClientPrincipal();
}
+ /**
+ * Returns the realm of the server principal.
+ *
+ * @return The realm.
+ */
public String getRealm()
{
return requestBody.getServerPrincipal().getRealm();
}
+ /**
+ * Returns the {@link EncryptedData}.
+ *
+ * @return The {@link EncryptedData}.
+ */
public EncryptedData getEncAuthorizationData()
{
return requestBody.getEncAuthorizationData();
}
+ /**
+ * Returns an array of requested {@link EncryptionType}s.
+ *
+ * @return The array of {@link EncryptionType}s.
+ */
public EncryptionType[] getEType()
{
return requestBody.getEType();
}
+ /**
+ * Returns the from {@link KerberosTime}.
+ *
+ * @return The from {@link KerberosTime}.
+ */
public KerberosTime getFrom()
{
return requestBody.getFrom();
}
+ /**
+ * Returns the {@link KdcOptions}.
+ *
+ * @return The {@link KdcOptions}.
+ */
public KdcOptions getKdcOptions()
{
return requestBody.getKdcOptions();
}
+ /**
+ * Returns the nonce.
+ *
+ * @return The nonce.
+ */
public int getNonce()
{
return requestBody.getNonce();
}
+ /**
+ * Returns the "R" {@link KerberosTime}.
+ *
+ * @return The "R" {@link KerberosTime}.
+ */
public KerberosTime getRtime()
{
return requestBody.getRtime();
}
+ /**
+ * Returns the server {@link KerberosPrincipal}.
+ *
+ * @return The server {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getServerPrincipal()
{
return requestBody.getServerPrincipal();
}
+ /**
+ * Returns the till {@link KerberosTime}.
+ *
+ * @return The till {@link KerberosTime}.
+ */
public KerberosTime getTill()
{
return requestBody.getTill();
@@ -145,18 +234,35 @@
// RequestBody KdcOptions delegate accesors
+
+ /**
+ * Returns the option at the specified index.
+ *
+ * @param option
+ * @return The option.
+ */
public boolean getOption( int option )
{
return requestBody.getKdcOptions().get( option );
}
+ /**
+ * Sets the option at the specified index.
+ *
+ * @param option
+ */
public void setOption( int option )
{
requestBody.getKdcOptions().set( option );
}
+ /**
+ * Clears the option at the specified index.
+ *
+ * @param option
+ */
public void clearOption( int option )
{
requestBody.getKdcOptions().clear( option );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosMessage.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosMessage.java
index 87c32af..a4891c8 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosMessage.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/KerberosMessage.java
@@ -26,44 +26,77 @@
*/
public class KerberosMessage
{
- // Kerberos protocol version number
+ /**
+ * The Kerberos protocol version number (5).
+ */
public static final int PVNO = 5;
private int protocolVersionNumber;
private MessageType messageType;
- public KerberosMessage(MessageType type)
+ /**
+ * Creates a new instance of KerberosMessage.
+ *
+ * @param type
+ */
+ public KerberosMessage( MessageType type )
{
this( PVNO, type );
}
- public KerberosMessage(int versionNumber, MessageType type)
+ /**
+ * Creates a new instance of KerberosMessage.
+ *
+ * @param versionNumber
+ * @param type
+ */
+ public KerberosMessage( int versionNumber, MessageType type )
{
protocolVersionNumber = versionNumber;
messageType = type;
}
+ /**
+ * Returns the {@link MessageType}.
+ *
+ * @return The {@link MessageType}.
+ */
public MessageType getMessageType()
{
return messageType;
}
+ /**
+ * Sets the {@link MessageType}.
+ *
+ * @param type
+ */
public void setMessageType( MessageType type )
{
messageType = type;
}
+ /**
+ * Returns the protocol version number.
+ *
+ * @return The protocol version number.
+ */
public int getProtocolVersionNumber()
{
return protocolVersionNumber;
}
+ /**
+ * Sets the protocol version number.
+ *
+ * @param versionNumber
+ */
public void setProtocolVersionNumber( int versionNumber )
{
protocolVersionNumber = versionNumber;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/MessageType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/MessageType.java
index 38998d9..f9cdafa 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/MessageType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/MessageType.java
@@ -32,61 +32,110 @@
public final class MessageType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * Constant for the "null" message type.
*/
public static final MessageType NULL = new MessageType( 0, "null" );
+
+ /**
+ * Constant for the "initial authentication request" message type.
+ */
public static final MessageType KRB_AS_REQ = new MessageType( 10, "initial authentication request" );
+
+ /**
+ * Constant for the "initial authentication response" message type.
+ */
public static final MessageType KRB_AS_REP = new MessageType( 11, "initial authentication response" );
+
+ /**
+ * Constant for the "request for authentication based on TGT" message type.
+ */
public static final MessageType KRB_TGS_REQ = new MessageType( 12, "request for authentication based on TGT" );
+
+ /**
+ * Constant for the "response to authentication based on TGT" message type.
+ */
public static final MessageType KRB_TGS_REP = new MessageType( 13, "response to authentication based on TGT" );
+
+ /**
+ * Constant for the "application request" message type.
+ */
public static final MessageType KRB_AP_REQ = new MessageType( 14, "application request" );
+
+ /**
+ * Constant for the "application response" message type.
+ */
public static final MessageType KRB_AP_REP = new MessageType( 15, "application response" );
+
+ /**
+ * Constant for the "safe (checksummed) application message" message type.
+ */
public static final MessageType KRB_SAFE = new MessageType( 20, "safe (checksummed) application message" );
+
+ /**
+ * Constant for the "private (encrypted) application message" message type.
+ */
public static final MessageType KRB_PRIV = new MessageType( 21, "private (encrypted) application message" );
+
+ /**
+ * Constant for the "private (encrypted) message to forward credentials" message type.
+ */
public static final MessageType KRB_CRED = new MessageType( 22,
"private (encrypted) message to forward credentials" );
+
+ /**
+ * Constant for the "encrypted application reply part" message type.
+ */
public static final MessageType ENC_AP_REP_PART = new MessageType( 27, "encrypted application reply part" );
+
+ /**
+ * Constant for the "encrypted private message part" message type.
+ */
public static final MessageType ENC_PRIV_PART = new MessageType( 28, "encrypted private message part" );
+
+ /**
+ * Constant for the "error response" message type.
+ */
public static final MessageType KRB_ERROR = new MessageType( 30, "error response" );
- /** Array for building a List of VALUES. */
+ /**
+ * Array for building a List of VALUES.
+ */
private static final MessageType[] values =
{ NULL, KRB_AS_REQ, KRB_AS_REP, KRB_TGS_REQ, KRB_TGS_REP, KRB_AP_REQ, KRB_AP_REP, KRB_SAFE, KRB_PRIV, KRB_CRED,
ENC_AP_REP_PART, ENC_PRIV_PART, KRB_ERROR };
- /** A list of all the message type constants. */
+ /**
+ * A list of all the message type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
- /** the name of the message type */
+ /**
+ * The name of the message type.
+ */
private final String name;
- /** the value/code for the message type */
+ /**
+ * The value/code for the message type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private MessageType(int ordinal, String name)
+ private MessageType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
}
- public String toString()
- {
- return name + " (" + ordinal + ")";
- }
-
-
- public int compareTo( Object that )
- {
- return ordinal - ( ( MessageType ) that ).ordinal;
- }
-
-
+ /**
+ * Returns the message type when specified by its ordinal.
+ *
+ * @param type
+ * @return The message type.
+ */
public static MessageType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -101,8 +150,25 @@
}
+ /**
+ * Returns the number associated with this message type.
+ *
+ * @return The message type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
}
+
+
+ public int compareTo( Object that )
+ {
+ return ordinal - ( ( MessageType ) that ).ordinal;
+ }
+
+
+ public String toString()
+ {
+ return name + " (" + ordinal + ")";
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantReply.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantReply.java
index 40cd0c5..42fcb51 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantReply.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/TicketGrantReply.java
@@ -34,7 +34,7 @@
public class TicketGrantReply extends KdcReply
{
/**
- * Class constructors
+ * Creates a new instance of TicketGrantReply.
*/
public TicketGrantReply()
{
@@ -42,8 +42,16 @@
}
- public TicketGrantReply(PreAuthenticationData[] pAData, KerberosPrincipal clientPrincipal, Ticket ticket,
- EncryptedData encPart)
+ /**
+ * Creates a new instance of TicketGrantReply.
+ *
+ * @param pAData
+ * @param clientPrincipal
+ * @param ticket
+ * @param encPart
+ */
+ public TicketGrantReply( PreAuthenticationData[] pAData, KerberosPrincipal clientPrincipal, Ticket ticket,
+ EncryptedData encPart )
{
super( pAData, clientPrincipal, ticket, encPart, MessageType.KRB_TGS_REP );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/ApplicationReply.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/ApplicationReply.java
index 46704ce..83ddb08 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/ApplicationReply.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/ApplicationReply.java
@@ -34,13 +34,23 @@
private EncryptedData encryptedPart;
- public ApplicationReply(EncryptedData encPart)
+ /**
+ * Creates a new instance of ApplicationReply.
+ *
+ * @param encPart
+ */
+ public ApplicationReply( EncryptedData encPart )
{
super( MessageType.KRB_AP_REP );
encryptedPart = encPart;
}
+ /**
+ * Returns the {@link EncryptedData}.
+ *
+ * @return The {@link EncryptedData}.
+ */
public EncryptedData getEncPart()
{
return encryptedPart;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/CredentialMessage.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/CredentialMessage.java
index 3e5f065..3dfd26f 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/CredentialMessage.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/CredentialMessage.java
@@ -36,7 +36,13 @@
private Ticket[] tickets;
- public CredentialMessage(EncryptedData encPart, Ticket[] tickets)
+ /**
+ * Creates a new instance of CredentialMessage.
+ *
+ * @param encPart
+ * @param tickets
+ */
+ public CredentialMessage( EncryptedData encPart, Ticket[] tickets )
{
super( MessageType.KRB_CRED );
this.encPart = encPart;
@@ -44,12 +50,22 @@
}
+ /**
+ * Returns the {@link EncryptedData}.
+ *
+ * @return The {@link EncryptedData}.
+ */
public EncryptedData getEncPart()
{
return encPart;
}
+ /**
+ * Returns an array of {@link Ticket}s.
+ *
+ * @return The array of {@link Ticket}s.
+ */
public Ticket[] getTickets()
{
return tickets;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/PrivateMessage.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/PrivateMessage.java
index 7d32d44..91a8257 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/PrivateMessage.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/PrivateMessage.java
@@ -34,6 +34,9 @@
private EncryptedData encryptedPart;
+ /**
+ * Creates a new instance of PrivateMessage.
+ */
public PrivateMessage()
{
super( MessageType.KRB_PRIV );
@@ -41,19 +44,34 @@
}
- public PrivateMessage(EncryptedData encryptedPart)
+ /**
+ * Creates a new instance of PrivateMessage.
+ *
+ * @param encryptedPart
+ */
+ public PrivateMessage( EncryptedData encryptedPart )
{
super( MessageType.KRB_PRIV );
this.encryptedPart = encryptedPart;
}
+ /**
+ * Returns the {@link EncryptedData}.
+ *
+ * @return The {@link EncryptedData}.
+ */
public EncryptedData getEncryptedPart()
{
return encryptedPart;
}
+ /**
+ * Sets the {@link EncryptedData}.
+ *
+ * @param encryptedData
+ */
public void setEncryptedPart( EncryptedData encryptedData )
{
encryptedPart = encryptedData;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/SafeBody.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/SafeBody.java
index 571ac98..39a5711 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/SafeBody.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/SafeBody.java
@@ -39,10 +39,17 @@
/**
- * Class constructor
+ * Creates a new instance of SafeBody.
+ *
+ * @param userData
+ * @param timestamp
+ * @param usec
+ * @param seqNumber
+ * @param sAddress
+ * @param rAddress
*/
- public SafeBody(byte[] userData, KerberosTime timestamp, Integer usec, Integer seqNumber, HostAddress sAddress,
- HostAddress rAddress)
+ public SafeBody( byte[] userData, KerberosTime timestamp, Integer usec, Integer seqNumber, HostAddress sAddress,
+ HostAddress rAddress )
{
this.userData = userData;
this.timestamp = timestamp;
@@ -53,36 +60,66 @@
}
+ /**
+ * Returns the "R" {@link HostAddress}.
+ *
+ * @return The "R" {@link HostAddress}.
+ */
public HostAddress getRAddress()
{
return rAddress;
}
+ /**
+ * Returns the "S" {@link HostAddress}.
+ *
+ * @return The "S" {@link HostAddress}.
+ */
public HostAddress getSAddress()
{
return sAddress;
}
+ /**
+ * Returns the sequence number.
+ *
+ * @return The sequence number.
+ */
public Integer getSeqNumber()
{
return seqNumber;
}
+ /**
+ * Returns the {@link KerberosTime} timestamp.
+ *
+ * @return The {@link KerberosTime} timestamp.
+ */
public KerberosTime getTimestamp()
{
return timestamp;
}
+ /**
+ * Returns the microsecond.
+ *
+ * @return The microsecond.
+ */
public Integer getUsec()
{
return usec;
}
+ /**
+ * Returns the user data.
+ *
+ * @return The user data.
+ */
public byte[] getUserData()
{
return userData;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/SafeMessage.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/SafeMessage.java
index 155da5b..deee09b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/SafeMessage.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/application/SafeMessage.java
@@ -37,7 +37,13 @@
private Checksum cksum;
- public SafeMessage(SafeBody safeBody, Checksum cksum)
+ /**
+ * Creates a new instance of SafeMessage.
+ *
+ * @param safeBody
+ * @param cksum
+ */
+ public SafeMessage( SafeBody safeBody, Checksum cksum )
{
super( MessageType.KRB_SAFE );
this.safeBody = safeBody;
@@ -45,6 +51,11 @@
}
+ /**
+ * Returns the {@link Checksum}.
+ *
+ * @return The {@link Checksum}.
+ */
public Checksum getCksum()
{
return cksum;
@@ -52,36 +63,67 @@
// SafeBody delegate methods
+
+ /**
+ * Returns the "R" {@link HostAddress}.
+ *
+ * @return The "R" {@link HostAddress}.
+ */
public HostAddress getRAddress()
{
return safeBody.getRAddress();
}
+ /**
+ * Returns the "S" {@link HostAddress}.
+ *
+ * @return The "S" {@link HostAddress}.
+ */
public HostAddress getSAddress()
{
return safeBody.getSAddress();
}
+ /**
+ * Returns the sequence number.
+ *
+ * @return The sequence number.
+ */
public Integer getSeqNumber()
{
return safeBody.getSeqNumber();
}
+ /**
+ * Returns the {@link KerberosTime} timestamp.
+ *
+ * @return The {@link KerberosTime} timestamp.
+ */
public KerberosTime getTimestamp()
{
return safeBody.getTimestamp();
}
+ /**
+ * Returns the microsecond.
+ *
+ * @return The microsecond.
+ */
public Integer getUsec()
{
return safeBody.getUsec();
}
+ /**
+ * Returns the user data.
+ *
+ * @return The user data.
+ */
public byte[] getUserData()
{
return safeBody.getUserData();
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/Authenticator.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/Authenticator.java
index c1a28c5..93b1159 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/Authenticator.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/Authenticator.java
@@ -35,6 +35,9 @@
*/
public class Authenticator implements Encodable
{
+ /**
+ * Constant for the authenticator version number.
+ */
public static final int AUTHENTICATOR_VNO = 5;
private int versionNumber;
@@ -47,17 +50,40 @@
private AuthorizationData authorizationData;
- public Authenticator(KerberosPrincipal clientPrincipal, Checksum checksum, int clientMicroSecond,
- KerberosTime clientTime, EncryptionKey subSessionKey, int sequenceNumber, AuthorizationData authorizationData)
+ /**
+ * Creates a new instance of Authenticator.
+ *
+ * @param clientPrincipal
+ * @param checksum
+ * @param clientMicroSecond
+ * @param clientTime
+ * @param subSessionKey
+ * @param sequenceNumber
+ * @param authorizationData
+ */
+ public Authenticator( KerberosPrincipal clientPrincipal, Checksum checksum, int clientMicroSecond,
+ KerberosTime clientTime, EncryptionKey subSessionKey, int sequenceNumber, AuthorizationData authorizationData )
{
this( AUTHENTICATOR_VNO, clientPrincipal, checksum, clientMicroSecond, clientTime, subSessionKey,
sequenceNumber, authorizationData );
}
- public Authenticator(int versionNumber, KerberosPrincipal clientPrincipal, Checksum checksum,
+ /**
+ * Creates a new instance of Authenticator.
+ *
+ * @param versionNumber
+ * @param clientPrincipal
+ * @param checksum
+ * @param clientMicroSecond
+ * @param clientTime
+ * @param subSessionKey
+ * @param sequenceNumber
+ * @param authorizationData
+ */
+ public Authenticator( int versionNumber, KerberosPrincipal clientPrincipal, Checksum checksum,
int clientMicroSecond, KerberosTime clientTime, EncryptionKey subSessionKey, int sequenceNumber,
- AuthorizationData authorizationData)
+ AuthorizationData authorizationData )
{
this.versionNumber = versionNumber;
this.clientPrincipal = clientPrincipal;
@@ -70,48 +96,88 @@
}
+ /**
+ * Returns the client {@link KerberosPrincipal}.
+ *
+ * @return The client {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getClientPrincipal()
{
return clientPrincipal;
}
+ /**
+ * Returns the client {@link KerberosTime}.
+ *
+ * @return The client {@link KerberosTime}.
+ */
public KerberosTime getClientTime()
{
return clientTime;
}
+ /**
+ * Returns the client microsecond.
+ *
+ * @return The client microsecond.
+ */
public int getClientMicroSecond()
{
return clientMicroSecond;
}
+ /**
+ * Returns the {@link AuthorizationData}.
+ *
+ * @return The {@link AuthorizationData}.
+ */
public AuthorizationData getAuthorizationData()
{
return authorizationData;
}
+ /**
+ * Returns the {@link Checksum}.
+ *
+ * @return The {@link Checksum}.
+ */
public Checksum getChecksum()
{
return checksum;
}
+ /**
+ * Returns the sequence number.
+ *
+ * @return The sequence number.
+ */
public int getSequenceNumber()
{
return sequenceNumber;
}
+ /**
+ * Returns the sub-session key.
+ *
+ * @return The sub-session key.
+ */
public EncryptionKey getSubSessionKey()
{
return subSessionKey;
}
+ /**
+ * Returns the version number of the {@link Authenticator}.
+ *
+ * @return The version number of the {@link Authenticator}.
+ */
public int getVersionNumber()
{
return versionNumber;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/AuthenticatorModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/AuthenticatorModifier.java
index 9fec562..ff1c946 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/AuthenticatorModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/AuthenticatorModifier.java
@@ -46,9 +46,13 @@
private AuthorizationData authorizationData;
+ /**
+ * Returns the {@link Authenticator}.
+ *
+ * @return The {@link Authenticator}.
+ */
public Authenticator getAuthenticator()
{
-
KerberosPrincipal clientPrincipal = clientModifier.getKerberosPrincipal();
return new Authenticator( versionNumber, clientPrincipal, checksum, clientMicroSecond, clientTime,
@@ -56,54 +60,99 @@
}
+ /**
+ * Sets the version number.
+ *
+ * @param versionNumber
+ */
public void setVersionNumber( int versionNumber )
{
this.versionNumber = versionNumber;
}
+ /**
+ * Sets the client {@link PrincipalName}.
+ *
+ * @param name
+ */
public void setClientName( PrincipalName name )
{
clientModifier.setPrincipalName( name );
}
+ /**
+ * Sets the client realm.
+ *
+ * @param realm
+ */
public void setClientRealm( String realm )
{
clientModifier.setRealm( realm );
}
+ /**
+ * Sets the {@link AuthorizationData}.
+ *
+ * @param data
+ */
public void setAuthorizationData( AuthorizationData data )
{
authorizationData = data;
}
+ /**
+ * Sets the {@link Checksum}.
+ *
+ * @param checksum
+ */
public void setChecksum( Checksum checksum )
{
this.checksum = checksum;
}
+ /**
+ * Sets the client microsecond.
+ *
+ * @param microSecond
+ */
public void setClientMicroSecond( int microSecond )
{
clientMicroSecond = microSecond;
}
+ /**
+ * Sets the client {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setClientTime( KerberosTime time )
{
clientTime = time;
}
+ /**
+ * Sets the sequence number.
+ *
+ * @param number
+ */
public void setSequenceNumber( int number )
{
sequenceNumber = number;
}
+ /**
+ * Sets the sub-session {@link EncryptionKey}.
+ *
+ * @param sessionKey
+ */
public void setSubSessionKey( EncryptionKey sessionKey )
{
subSessionKey = sessionKey;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncApRepPart.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncApRepPart.java
index c874494..9091498 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncApRepPart.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncApRepPart.java
@@ -41,7 +41,15 @@
private Integer sequenceNumber; //optional
- public EncApRepPart(KerberosTime clientTime, int cusec, EncryptionKey subSessionKey, Integer sequenceNumber)
+ /**
+ * Creates a new instance of EncApRepPart.
+ *
+ * @param clientTime
+ * @param cusec
+ * @param subSessionKey
+ * @param sequenceNumber
+ */
+ public EncApRepPart( KerberosTime clientTime, int cusec, EncryptionKey subSessionKey, Integer sequenceNumber )
{
super( MessageType.ENC_AP_REP_PART );
@@ -52,24 +60,44 @@
}
+ /**
+ * Returns the client {@link KerberosTime}.
+ *
+ * @return The client {@link KerberosTime}.
+ */
public KerberosTime getClientTime()
{
return clientTime;
}
+ /**
+ * Returns the client microsecond.
+ *
+ * @return The client microsecond.
+ */
public int getClientMicroSecond()
{
return cusec;
}
+ /**
+ * Returns the sequence number.
+ *
+ * @return The sequence number.
+ */
public Integer getSequenceNumber()
{
return sequenceNumber;
}
+ /**
+ * Returns the sub-session {@link EncryptionKey}.
+ *
+ * @return The sub-session {@link EncryptionKey}.
+ */
public EncryptionKey getSubSessionKey()
{
return subSessionKey;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncApRepPartModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncApRepPartModifier.java
index c412a71..9e0fbd6 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncApRepPartModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncApRepPartModifier.java
@@ -36,30 +36,55 @@
private Integer sequenceNumber; //optional
+ /**
+ * Returns the {@link EncApRepPart}.
+ *
+ * @return The {@link EncApRepPart}.
+ */
public EncApRepPart getEncApRepPart()
{
return new EncApRepPart( clientTime, cusec, subSessionKey, sequenceNumber );
}
+ /**
+ * Sets the client {@link KerberosTime}.
+ *
+ * @param clientTime
+ */
public void setClientTime( KerberosTime clientTime )
{
this.clientTime = clientTime;
}
+ /**
+ * Sets the client microsecond.
+ *
+ * @param cusec
+ */
public void setClientMicroSecond( int cusec )
{
this.cusec = cusec;
}
+ /**
+ * Sets the sub-session {@link EncryptionKey}.
+ *
+ * @param subSessionKey
+ */
public void setSubSessionKey( EncryptionKey subSessionKey )
{
this.subSessionKey = subSessionKey;
}
+ /**
+ * Sets the sequence number.
+ *
+ * @param sequenceNumber
+ */
public void setSequenceNumber( Integer sequenceNumber )
{
this.sequenceNumber = sequenceNumber;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncAsRepPart.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncAsRepPart.java
index ae0cdd8..38469ca 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncAsRepPart.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncAsRepPart.java
@@ -38,7 +38,19 @@
public class EncAsRepPart extends EncKdcRepPart
{
/**
- * Class constructor
+ * Creates a new instance of EncAsRepPart.
+ *
+ * @param key
+ * @param lastReq
+ * @param nonce
+ * @param keyExpiration
+ * @param flags
+ * @param authTime
+ * @param startTime
+ * @param endTime
+ * @param renewTill
+ * @param serverPrincipal
+ * @param caddr
*/
public EncAsRepPart(EncryptionKey key, LastRequest lastReq, int nonce, KerberosTime keyExpiration,
TicketFlags flags, KerberosTime authTime, KerberosTime startTime, KerberosTime endTime, KerberosTime renewTill,
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKdcRepPart.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKdcRepPart.java
index 5798b58..dd3d597 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKdcRepPart.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKdcRepPart.java
@@ -52,7 +52,7 @@
/**
- * Class constructors
+ * Creates a new instance of EncKdcRepPart.
*/
public EncKdcRepPart()
{
@@ -60,9 +60,25 @@
}
- public EncKdcRepPart(EncryptionKey key, LastRequest lastReq, int nonce, KerberosTime keyExpiration,
+ /**
+ * Creates a new instance of EncKdcRepPart.
+ *
+ * @param key
+ * @param lastReq
+ * @param nonce
+ * @param keyExpiration
+ * @param flags
+ * @param authtime
+ * @param starttime
+ * @param endtime
+ * @param renewTill
+ * @param serverPrincipal
+ * @param caddr
+ * @param componentType
+ */
+ public EncKdcRepPart( EncryptionKey key, LastRequest lastReq, int nonce, KerberosTime keyExpiration,
TicketFlags flags, KerberosTime authtime, KerberosTime starttime, KerberosTime endtime, KerberosTime renewTill,
- KerberosPrincipal serverPrincipal, HostAddresses caddr, MessageComponentType componentType)
+ KerberosPrincipal serverPrincipal, HostAddresses caddr, MessageComponentType componentType )
{
this.key = key;
this.lastRequest = lastReq;
@@ -79,146 +95,264 @@
}
- // getters
+ /**
+ * Returns the auth {@link KerberosTime}.
+ *
+ * @return The auth {@link KerberosTime}.
+ */
public KerberosTime getAuthTime()
{
return authTime;
}
+ /**
+ * Returns the client {@link HostAddresses}.
+ *
+ * @return The client {@link HostAddresses}.
+ */
public HostAddresses getClientAddresses()
{
return clientAddresses;
}
+ /**
+ * Returns the end {@link KerberosTime}.
+ *
+ * @return The end {@link KerberosTime}.
+ */
public KerberosTime getEndTime()
{
return endTime;
}
+ /**
+ * Returns the {@link TicketFlags}.
+ *
+ * @return The {@link TicketFlags}.
+ */
public TicketFlags getFlags()
{
return flags;
}
+ /**
+ * Returns the {@link EncryptionKey}.
+ *
+ * @return The {@link EncryptionKey}.
+ */
public EncryptionKey getKey()
{
return key;
}
+ /**
+ * Returns the key expiration {@link KerberosTime}.
+ *
+ * @return The key expiration {@link KerberosTime}.
+ */
public KerberosTime getKeyExpiration()
{
return keyExpiration;
}
+ /**
+ * Returns the {@link LastRequest}.
+ *
+ * @return The {@link LastRequest}.
+ */
public LastRequest getLastRequest()
{
return lastRequest;
}
+ /**
+ * Returns the nonce.
+ *
+ * @return The nonce.
+ */
public int getNonce()
{
return nonce;
}
+ /**
+ * Returns the renew till {@link KerberosTime}.
+ *
+ * @return The renew till {@link KerberosTime}.
+ */
public KerberosTime getRenewTill()
{
return renewTill;
}
+ /**
+ * Returns the server {@link KerberosPrincipal}.
+ *
+ * @return The server {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getServerPrincipal()
{
return serverPrincipal;
}
+ /**
+ * Returns the server realm.
+ *
+ * @return The server realm.
+ */
public String getServerRealm()
{
return serverPrincipal.getRealm();
}
+ /**
+ * Returns the start {@link KerberosTime}.
+ *
+ * @return The start {@link KerberosTime}.
+ */
public KerberosTime getStartTime()
{
return startTime;
}
+ /**
+ * Returns the {@link MessageComponentType}.
+ *
+ * @return The {@link MessageComponentType}.
+ */
public MessageComponentType getComponentType()
{
return componentType;
}
- // setters
+ /**
+ * Sets the auth {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setAuthTime( KerberosTime time )
{
authTime = time;
}
+ /**
+ * Sets the client {@link HostAddresses}.
+ *
+ * @param addresses
+ */
public void setClientAddresses( HostAddresses addresses )
{
clientAddresses = addresses;
}
+ /**
+ * Sets the end {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setEndTime( KerberosTime time )
{
endTime = time;
}
+ /**
+ * Sets the {@link TicketFlags}.
+ *
+ * @param flags
+ */
public void setFlags( TicketFlags flags )
{
this.flags = flags;
}
+ /**
+ * Sets the {@link EncryptionKey}.
+ *
+ * @param key
+ */
public void setKey( EncryptionKey key )
{
this.key = key;
}
+ /**
+ * Sets the key expiration {@link KerberosTime}.
+ *
+ * @param expiration
+ */
public void setKeyExpiration( KerberosTime expiration )
{
keyExpiration = expiration;
}
+ /**
+ * Sets the {@link LastRequest}.
+ *
+ * @param request
+ */
public void setLastRequest( LastRequest request )
{
lastRequest = request;
}
+ /**
+ * Sets the nonce.
+ *
+ * @param nonce
+ */
public void setNonce( int nonce )
{
this.nonce = nonce;
}
+ /**
+ * Sets the renew till {@link KerberosTime}.
+ *
+ * @param till
+ */
public void setRenewTill( KerberosTime till )
{
renewTill = till;
}
+ /**
+ * Sets the server {@link KerberosPrincipal}.
+ *
+ * @param principal
+ */
public void setServerPrincipal( KerberosPrincipal principal )
{
serverPrincipal = principal;
}
+ /**
+ * Sets the start {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setStartTime( KerberosTime time )
{
startTime = time;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbCredPart.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbCredPart.java
index 48f416b..cdeae48 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbCredPart.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbCredPart.java
@@ -34,19 +34,26 @@
*/
public class EncKrbCredPart
{
- public KrbCredInfo[] ticketInfo;
- public Integer nonce; //optional
- public KerberosTime timeStamp; //optional
- public Integer usec; //optional
- public HostAddress sAddress; //optional
- public HostAddresses rAddress; //optional
+ private KrbCredInfo[] ticketInfo;
+ private Integer nonce; //optional
+ private KerberosTime timeStamp; //optional
+ private Integer usec; //optional
+ private HostAddress sAddress; //optional
+ private HostAddresses rAddress; //optional
/**
- * Class constructor
+ * Creates a new instance of EncKrbCredPart.
+ *
+ * @param ticketInfo
+ * @param timeStamp
+ * @param usec
+ * @param nonce
+ * @param sAddress
+ * @param rAddress
*/
- public EncKrbCredPart(KrbCredInfo[] ticketInfo, KerberosTime timeStamp, Integer usec, Integer nonce,
- HostAddress sAddress, HostAddresses rAddress)
+ public EncKrbCredPart( KrbCredInfo[] ticketInfo, KerberosTime timeStamp, Integer usec, Integer nonce,
+ HostAddress sAddress, HostAddresses rAddress )
{
this.ticketInfo = ticketInfo;
this.nonce = nonce;
@@ -55,4 +62,70 @@
this.sAddress = sAddress;
this.rAddress = rAddress;
}
+
+
+ /**
+ * Returns the nonce.
+ *
+ * @return The nonce.
+ */
+ public Integer getNonce()
+ {
+ return nonce;
+ }
+
+
+ /**
+ * Returns the "R" {@link HostAddresses}.
+ *
+ * @return The "R" {@link HostAddresses}.
+ */
+ public HostAddresses getRAddress()
+ {
+ return rAddress;
+ }
+
+
+ /**
+ * Returns the "S" {@link HostAddresses}.
+ *
+ * @return The "S" {@link HostAddresses}.
+ */
+ public HostAddress getSAddress()
+ {
+ return sAddress;
+ }
+
+
+ /**
+ * Returns the {@link KrbCredInfo}s.
+ *
+ * @return The {@link KrbCredInfo}s.
+ */
+ public KrbCredInfo[] getTicketInfo()
+ {
+ return ticketInfo;
+ }
+
+
+ /**
+ * Returns the timestamp.
+ *
+ * @return The timeStamp.
+ */
+ public KerberosTime getTimeStamp()
+ {
+ return timeStamp;
+ }
+
+
+ /**
+ * Returns the microseconds.
+ *
+ * @return The microseconds.
+ */
+ public Integer getUsec()
+ {
+ return usec;
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbPrivPart.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbPrivPart.java
index 70c0a22..77b579b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbPrivPart.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbPrivPart.java
@@ -43,8 +43,18 @@
private HostAddress recipientAddress; //optional
- public EncKrbPrivPart(byte[] userData, KerberosTime timestamp, Integer usec, Integer sequenceNumber,
- HostAddress senderAddress, HostAddress recipientAddress)
+ /**
+ * Creates a new instance of EncKrbPrivPart.
+ *
+ * @param userData
+ * @param timestamp
+ * @param usec
+ * @param sequenceNumber
+ * @param senderAddress
+ * @param recipientAddress
+ */
+ public EncKrbPrivPart( byte[] userData, KerberosTime timestamp, Integer usec, Integer sequenceNumber,
+ HostAddress senderAddress, HostAddress recipientAddress )
{
super( MessageType.ENC_PRIV_PART );
@@ -57,36 +67,66 @@
}
+ /**
+ * Returns the recipient {@link HostAddress}.
+ *
+ * @return The recipient {@link HostAddress}.
+ */
public HostAddress getRecipientAddress()
{
return recipientAddress;
}
+ /**
+ * Returns the sender {@link HostAddress}.
+ *
+ * @return The sender {@link HostAddress}.
+ */
public HostAddress getSenderAddress()
{
return senderAddress;
}
+ /**
+ * Returns the sequence number.
+ *
+ * @return The sequence number.
+ */
public Integer getSequenceNumber()
{
return sequenceNumber;
}
+ /**
+ * Returns the {@link KerberosTime} timestamp.
+ *
+ * @return The {@link KerberosTime} timestamp.
+ */
public KerberosTime getTimestamp()
{
return timestamp;
}
+ /**
+ * Returns the microsecond.
+ *
+ * @return The microsecond.
+ */
public Integer getMicroSecond()
{
return usec;
}
+ /**
+ * Returns the user data.
+ *
+ * @return The user data.
+ */
public byte[] getUserData()
{
return userData;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbPrivPartModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbPrivPartModifier.java
index d4a9287..57e7611 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbPrivPartModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncKrbPrivPartModifier.java
@@ -38,42 +38,77 @@
private HostAddress recipientAddress; //optional
+ /**
+ * Returns the {@link EncKrbPrivPart}.
+ *
+ * @return The {@link EncKrbPrivPart}.
+ */
public EncKrbPrivPart getEncKrbPrivPart()
{
return new EncKrbPrivPart( userData, timestamp, usec, sequenceNumber, senderAddress, recipientAddress );
}
+ /**
+ * Sets the recipient {@link HostAddress}.
+ *
+ * @param address
+ */
public void setRecipientAddress( HostAddress address )
{
recipientAddress = address;
}
+ /**
+ * Sets the sender {@link HostAddress}.
+ *
+ * @param address
+ */
public void setSenderAddress( HostAddress address )
{
senderAddress = address;
}
+ /**
+ * Sets the sequence number.
+ *
+ * @param number
+ */
public void setSequenceNumber( Integer number )
{
sequenceNumber = number;
}
+ /**
+ * Sets the {@link KerberosTime} timestamp.
+ *
+ * @param timestamp
+ */
public void setTimestamp( KerberosTime timestamp )
{
this.timestamp = timestamp;
}
+ /**
+ * Sets the microsecond.
+ *
+ * @param usec
+ */
public void setMicroSecond( Integer usec )
{
this.usec = usec;
}
+ /**
+ * Sets the user data.
+ *
+ * @param data
+ */
public void setUserData( byte[] data )
{
userData = data;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTgsRepPart.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTgsRepPart.java
index 37f941c..6c4c383 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTgsRepPart.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTgsRepPart.java
@@ -38,13 +38,24 @@
public class EncTgsRepPart extends EncKdcRepPart
{
/**
- * Class constructor
+ * Creates a new instance of EncTgsRepPart.
+ *
+ * @param key
+ * @param lastReq
+ * @param nonce
+ * @param keyExpiration
+ * @param flags
+ * @param authtime
+ * @param starttime
+ * @param endtime
+ * @param renewTill
+ * @param serverPrincipal
+ * @param caddr
*/
public EncTgsRepPart(EncryptionKey key, LastRequest lastReq, int nonce, KerberosTime keyExpiration,
TicketFlags flags, KerberosTime authtime, KerberosTime starttime, KerberosTime endtime, KerberosTime renewTill,
KerberosPrincipal serverPrincipal, HostAddresses caddr)
{
-
super( key, lastReq, nonce, keyExpiration, flags, authtime, starttime, endtime, renewTill, serverPrincipal,
caddr, MessageComponentType.KRB_ENC_TGS_REP_PART );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTicketPart.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTicketPart.java
index da8d32d..cefae6b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTicketPart.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTicketPart.java
@@ -51,11 +51,24 @@
private AuthorizationData authorizationData; //optional
- public EncTicketPart(TicketFlags flags, EncryptionKey key, KerberosPrincipal clientPrincipal,
+ /**
+ * Creates a new instance of EncTicketPart.
+ *
+ * @param flags
+ * @param key
+ * @param clientPrincipal
+ * @param transited
+ * @param authtime
+ * @param starttime
+ * @param endtime
+ * @param renewTill
+ * @param caddr
+ * @param authorizationData
+ */
+ public EncTicketPart( TicketFlags flags, EncryptionKey key, KerberosPrincipal clientPrincipal,
TransitedEncoding transited, KerberosTime authtime, KerberosTime starttime, KerberosTime endtime,
- KerberosTime renewTill, HostAddresses caddr, AuthorizationData authorizationData)
+ KerberosTime renewTill, HostAddresses caddr, AuthorizationData authorizationData )
{
-
this.flags = flags;
this.sessionKey = key;
this.clientPrincipal = clientPrincipal;
@@ -69,66 +82,121 @@
}
+ /**
+ * Returns the {@link AuthorizationData}.
+ *
+ * @return The {@link AuthorizationData}.
+ */
public AuthorizationData getAuthorizationData()
{
return authorizationData;
}
+ /**
+ * Returns the auth {@link KerberosTime}
+ *
+ * @return The auth {@link KerberosTime}
+ */
public KerberosTime getAuthTime()
{
return authtime;
}
+ /**
+ * Returns the client {@link HostAddresses}.
+ *
+ * @return The client {@link HostAddresses}.
+ */
public HostAddresses getClientAddresses()
{
return clientAddresses;
}
+ /**
+ * Returns the client {@link KerberosPrincipal}.
+ *
+ * @return The client {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getClientPrincipal()
{
return clientPrincipal;
}
+ /**
+ * Returns the client realm.
+ *
+ * @return The client realm.
+ */
public String getClientRealm()
{
return clientPrincipal.getRealm();
}
+ /**
+ * Returns the end {@link KerberosTime}
+ *
+ * @return The end {@link KerberosTime}
+ */
public KerberosTime getEndTime()
{
return endTime;
}
+ /**
+ * Returns the {@link TicketFlags}.
+ *
+ * @return The {@link TicketFlags}.
+ */
public TicketFlags getFlags()
{
return flags;
}
+ /**
+ * Returns the session {@link EncryptionKey}.
+ *
+ * @return The session {@link EncryptionKey}.
+ */
public EncryptionKey getSessionKey()
{
return sessionKey;
}
+ /**
+ * Returns the renew till {@link KerberosTime}
+ *
+ * @return The renew till {@link KerberosTime}
+ */
public KerberosTime getRenewTill()
{
return renewTill;
}
+ /**
+ * Returns the start {@link KerberosTime}
+ *
+ * @return The start {@link KerberosTime}
+ */
public KerberosTime getStartTime()
{
return startTime;
}
+ /**
+ * Returns the {@link TransitedEncoding}.
+ *
+ * @return The {@link TransitedEncoding}.
+ */
public TransitedEncoding getTransitedEncoding()
{
return transitedEncoding;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTicketPartModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTicketPartModifier.java
index 0629d36..12b0aa2 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTicketPartModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/EncTicketPartModifier.java
@@ -53,6 +53,11 @@
private AuthorizationData authorizationData; //optional
+ /**
+ * Returns the {@link EncTicketPart}.
+ *
+ * @return The {@link EncTicketPart}.
+ */
public EncTicketPart getEncTicketPart()
{
if ( clientPrincipal == null )
@@ -65,84 +70,154 @@
}
+ /**
+ * Sets the client {@link PrincipalName}.
+ *
+ * @param name
+ */
public void setClientName( PrincipalName name )
{
modifier.setPrincipalName( name );
}
+ /**
+ * Sets the client realm.
+ *
+ * @param realm
+ */
public void setClientRealm( String realm )
{
modifier.setRealm( realm );
}
+ /**
+ * Sets the client {@link KerberosPrincipal}.
+ *
+ * @param principal
+ */
public void setClientPrincipal( KerberosPrincipal principal )
{
clientPrincipal = principal;
}
+ /**
+ * Sets the {@link AuthorizationData}.
+ *
+ * @param data
+ */
public void setAuthorizationData( AuthorizationData data )
{
authorizationData = data;
}
+ /**
+ * Sets the auth {@link KerberosTime}.
+ *
+ * @param authtime
+ */
public void setAuthTime( KerberosTime authtime )
{
authTime = authtime;
}
+ /**
+ * Sets the client {@link HostAddresses}.
+ *
+ * @param addresses
+ */
public void setClientAddresses( HostAddresses addresses )
{
clientAddresses = addresses;
}
+ /**
+ * Sets the end {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setEndTime( KerberosTime time )
{
endTime = time;
}
+ /**
+ * Sets the {@link TicketFlags}.
+ *
+ * @param flags
+ */
public void setFlags( TicketFlags flags )
{
this.flags = flags;
}
+ /**
+ * Sets the flag at the given index.
+ *
+ * @param flag
+ */
public void setFlag( int flag )
{
flags.set( flag );
}
+ /**
+ * Clears the flag at the given index.
+ *
+ * @param flag
+ */
public void clearFlag( int flag )
{
flags.clear( flag );
}
+ /**
+ * Sets the renew till {@link KerberosTime}.
+ *
+ * @param till
+ */
public void setRenewTill( KerberosTime till )
{
renewTill = till;
}
+ /**
+ * Sets the sesson {@link EncryptionKey}.
+ *
+ * @param key
+ */
public void setSessionKey( EncryptionKey key )
{
sessionKey = key;
}
+ /**
+ * Sets the start {@link KerberosTime}.
+ *
+ * @param time
+ */
public void setStartTime( KerberosTime time )
{
startTime = time;
}
+ /**
+ * Sets the {@link TransitedEncoding}.
+ *
+ * @param encoding
+ */
public void setTransitedEncoding( TransitedEncoding encoding )
{
transitedEncoding = encoding;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/MessageComponentType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/MessageComponentType.java
index 906462b..23b5538 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/MessageComponentType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/MessageComponentType.java
@@ -34,47 +34,94 @@
public class MessageComponentType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * Constant for the "null" message component type.
*/
public static final MessageComponentType NULL = new MessageComponentType( 0, "null" );
+
+ /**
+ * Constant for the "ticket" message component type.
+ */
public static final MessageComponentType KRB_TKT = new MessageComponentType( 1, "ticket" );
+
+ /**
+ * Constant for the "authenticator" message component type.
+ */
public static final MessageComponentType KRB_AUTHENTICATOR = new MessageComponentType( 2, "authenticator" );
+
+ /**
+ * Constant for the "encrypted ticket part" message component type.
+ */
public static final MessageComponentType KRB_ENC_TKT_PART = new MessageComponentType( 3, "encrypted ticket part" );
+
+ /**
+ * Constant for the "encrypted initial authentication part" message component type.
+ */
public static final MessageComponentType KRB_ENC_AS_REP_PART = new MessageComponentType( 25,
"encrypted initial authentication part" );
+
+ /**
+ * Constant for the "encrypted TGS request part" message component type.
+ */
public static final MessageComponentType KRB_ENC_TGS_REP_PART = new MessageComponentType( 26,
"encrypted TGS request part" );
+
+ /**
+ * Constant for the "encrypted application request part" message component type.
+ */
public static final MessageComponentType KRB_ENC_AP_REP_PART = new MessageComponentType( 27,
"encrypted application request part" );
+
+ /**
+ * Constant for the "encrypted application message part" message component type.
+ */
public static final MessageComponentType KRB_ENC_KRB_PRIV_PART = new MessageComponentType( 28,
"encrypted application message part" );
+
+ /**
+ * Constant for the "encrypted credentials forward part" message component type.
+ */
public static final MessageComponentType KRB_ENC_KRB_CRED_PART = new MessageComponentType( 29,
"encrypted credentials forward part" );
/**
- * These two lines are all that's necessary to export a List of VALUES.
+ * Array for building a List of VALUES.
*/
private static final MessageComponentType[] values =
{ NULL, KRB_TKT, KRB_AUTHENTICATOR, KRB_ENC_TKT_PART, KRB_ENC_AS_REP_PART, KRB_ENC_TGS_REP_PART,
KRB_ENC_AP_REP_PART, KRB_ENC_KRB_PRIV_PART, KRB_ENC_KRB_CRED_PART };
+ /**
+ * A List of all the message component type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+ /**
+ * The name of the message component type.
+ */
private final String name;
+
+ /**
+ * The value/code for the message component type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private MessageComponentType(int ordinal, String name)
+ private MessageComponentType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
}
+ /**
+ * Returns the message component type when specified by its ordinal.
+ *
+ * @param type
+ * @return The message component type.
+ */
public static MessageComponentType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -89,20 +136,25 @@
}
+ /**
+ * Returns the number associated with this message component type.
+ *
+ * @return The message component type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
}
- public String toString()
- {
- return name + " (" + ordinal + ")";
- }
-
-
public int compareTo( Object that )
{
return ordinal - ( ( MessageComponentType ) that ).ordinal;
}
+
+
+ public String toString()
+ {
+ return name + " (" + ordinal + ")";
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/Ticket.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/Ticket.java
index de82485..9e45e5b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/Ticket.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/Ticket.java
@@ -39,6 +39,9 @@
*/
public class Ticket
{
+ /**
+ * Constant for the {@link Ticket} version number (5).
+ */
public static final int TICKET_VNO = 5;
private int versionNumber;
@@ -47,13 +50,26 @@
private EncTicketPart encTicketPart;
- public Ticket(KerberosPrincipal serverPrincipal, EncryptedData encPart)
+ /**
+ * Creates a new instance of Ticket.
+ *
+ * @param serverPrincipal
+ * @param encPart
+ */
+ public Ticket( KerberosPrincipal serverPrincipal, EncryptedData encPart )
{
this( TICKET_VNO, serverPrincipal, encPart );
}
- public Ticket(int versionNumber, KerberosPrincipal serverPrincipal, EncryptedData encPart)
+ /**
+ * Creates a new instance of Ticket.
+ *
+ * @param versionNumber
+ * @param serverPrincipal
+ * @param encPart
+ */
+ public Ticket( int versionNumber, KerberosPrincipal serverPrincipal, EncryptedData encPart )
{
this.versionNumber = versionNumber;
this.serverPrincipal = serverPrincipal;
@@ -61,111 +77,199 @@
}
+ /**
+ * Sets the {@link EncTicketPart}.
+ *
+ * @param decryptedPart
+ */
public void setEncTicketPart( EncTicketPart decryptedPart )
{
encTicketPart = decryptedPart;
}
- // getters
+ /**
+ * Returns the version number.
+ *
+ * @return The version number.
+ */
public int getVersionNumber()
{
return versionNumber;
}
+ /**
+ * Returns the server {@link KerberosPrincipal}.
+ *
+ * @return The server {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getServerPrincipal()
{
return serverPrincipal;
}
+ /**
+ * Returns the server realm.
+ *
+ * @return The server realm.
+ */
public String getRealm()
{
return serverPrincipal.getRealm();
}
+ /**
+ * Returns the {@link EncryptedData}.
+ *
+ * @return The {@link EncryptedData}.
+ */
public EncryptedData getEncPart()
{
return encPart;
}
+ /**
+ * Returns the {@link EncTicketPart}.
+ *
+ * @return The {@link EncTicketPart}.
+ */
public EncTicketPart getEncTicketPart()
{
return encTicketPart;
}
- // EncTicketPart delegate getters
+ /**
+ * Returns the {@link AuthorizationData}.
+ *
+ * @return The {@link AuthorizationData}.
+ */
public AuthorizationData getAuthorizationData()
{
return encTicketPart.getAuthorizationData();
}
+ /**
+ * Returns the auth {@link KerberosTime}.
+ *
+ * @return The auth {@link KerberosTime}.
+ */
public KerberosTime getAuthTime()
{
return encTicketPart.getAuthTime();
}
+ /**
+ * Returns the client {@link HostAddresses}.
+ *
+ * @return The client {@link HostAddresses}.
+ */
public HostAddresses getClientAddresses()
{
return encTicketPart.getClientAddresses();
}
+ /**
+ * Returns the client {@link KerberosPrincipal}.
+ *
+ * @return The client {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getClientPrincipal()
{
return encTicketPart.getClientPrincipal();
}
+ /**
+ * Returns the client realm.
+ *
+ * @return The client realm.
+ */
public String getClientRealm()
{
return encTicketPart.getClientPrincipal().getRealm();
}
+ /**
+ * Returns the end {@link KerberosTime}.
+ *
+ * @return The end {@link KerberosTime}.
+ */
public KerberosTime getEndTime()
{
return encTicketPart.getEndTime();
}
+ /**
+ * Returns the {@link TicketFlags}.
+ *
+ * @return The {@link TicketFlags}.
+ */
public TicketFlags getFlags()
{
return encTicketPart.getFlags();
}
+ /**
+ * Returns the renew till {@link KerberosTime}.
+ *
+ * @return The renew till {@link KerberosTime}.
+ */
public KerberosTime getRenewTill()
{
return encTicketPart.getRenewTill();
}
+ /**
+ * Returns the session {@link EncryptionKey}.
+ *
+ * @return The session {@link EncryptionKey}.
+ */
public EncryptionKey getSessionKey()
{
return encTicketPart.getSessionKey();
}
+ /**
+ * Returns the start {@link KerberosTime}.
+ *
+ * @return The start {@link KerberosTime}.
+ */
public KerberosTime getStartTime()
{
return encTicketPart.getStartTime();
}
+ /**
+ * Returns the {@link TransitedEncoding}.
+ *
+ * @return The {@link TransitedEncoding}.
+ */
public TransitedEncoding getTransitedEncoding()
{
return encTicketPart.getTransitedEncoding();
}
- // EncTicketPart TicketFlag delegates
+ /**
+ * Returns the flag at the given index.
+ *
+ * @param flag
+ * @return true if the flag at the given index is set.
+ */
public boolean getFlag( int flag )
{
return encTicketPart.getFlags().get( flag );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/TicketModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/TicketModifier.java
index 44487cf..95fd532 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/TicketModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/components/TicketModifier.java
@@ -38,6 +38,11 @@
private EncryptedData encPart;
+ /**
+ * Returns the {@link Ticket}.
+ *
+ * @return The {@link Ticket}.
+ */
public Ticket getTicket()
{
KerberosPrincipal serverPrincipal = serverModifier.getKerberosPrincipal();
@@ -45,24 +50,44 @@
}
+ /**
+ * Sets the {@link Ticket} version number.
+ *
+ * @param versionNumber
+ */
public void setTicketVersionNumber( int versionNumber )
{
ticketVersionNumber = versionNumber;
}
+ /**
+ * Sets the {@link EncryptedData}.
+ *
+ * @param part
+ */
public void setEncPart( EncryptedData part )
{
encPart = part;
}
+ /**
+ * Sets the server {@link PrincipalName}.
+ *
+ * @param name
+ */
public void setServerName( PrincipalName name )
{
serverModifier.setPrincipalName( name );
}
+ /**
+ * Sets the server realm.
+ *
+ * @param realm
+ */
public void setServerRealm( String realm )
{
serverModifier.setRealm( realm );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/ApOptions.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/ApOptions.java
index 0609d1b..8707642 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/ApOptions.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/ApOptions.java
@@ -26,19 +26,29 @@
*/
public class ApOptions extends Options
{
- // AP Request option - reserved
+ /**
+ * AP Request option - reserved
+ */
public static final int RESERVED = 0;
- // AP Request option - use session key
+
+ /**
+ * AP Request option - use session key
+ */
public static final int USE_SESSION_KEY = 1;
- // AP Request option - mutual authentication required
+
+ /**
+ * AP Request option - mutual authentication required
+ */
public static final int MUTUAL_REQUIRED = 2;
- // AP Request option - maximum value
+ /**
+ * AP Request option - maximum value
+ */
public static final int MAX_VALUE = 32;
/**
- * Class constructors
+ * Creates a new instance of ApOptions.
*/
public ApOptions()
{
@@ -46,7 +56,12 @@
}
- public ApOptions(byte[] options)
+ /**
+ * Creates a new instance of ApOptions.
+ *
+ * @param options
+ */
+ public ApOptions( byte[] options )
{
super( MAX_VALUE );
setBytes( options );
@@ -54,7 +69,7 @@
/**
- * Converts the object to a printable string
+ * Converts the object to a printable string.
*/
public String toString()
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationData.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationData.java
index 229fecf..03f2ca9 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationData.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationData.java
@@ -33,11 +33,11 @@
*/
public class AuthorizationData implements Encodable
{
- private List entries = new ArrayList();
+ private List<AuthorizationDataEntry> entries = new ArrayList<AuthorizationDataEntry>();
/**
- * Class constructor
+ * Creates a new instance of AuthorizationData.
*/
public AuthorizationData()
{
@@ -45,18 +45,33 @@
}
+ /**
+ * Adds all {@link AuthorizationData} entries to this {@link AuthorizationData}.
+ *
+ * @param data
+ */
public void add( AuthorizationData data )
{
entries.addAll( data.entries );
}
+ /**
+ * Adds an {@link AuthorizationDataEntry} to this {@link AuthorizationData}.
+ *
+ * @param entry
+ */
public void add( AuthorizationDataEntry entry )
{
entries.add( entry );
}
+ /**
+ * Returns an {@link Iterator} over the entries in this {@link AuthorizationData}.
+ *
+ * @return An {@link Iterator} over the entries in this {@link AuthorizationData}.
+ */
public Iterator iterator()
{
return entries.iterator();
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationDataEntry.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationDataEntry.java
index c0c6250..ccc80a8 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationDataEntry.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationDataEntry.java
@@ -31,21 +31,34 @@
/**
- * Class constructor
+ * Creates a new instance of AuthorizationDataEntry.
+ *
+ * @param adType
+ * @param adData
*/
- public AuthorizationDataEntry(AuthorizationType adType, byte[] adData)
+ public AuthorizationDataEntry( AuthorizationType adType, byte[] adData )
{
authorizationDataType = adType;
authorizationData = adData;
}
+ /**
+ * Returns the raw bytes of the authorization data.
+ *
+ * @return The raw bytes of the authorization data.
+ */
public byte[] getAuthorizationData()
{
return authorizationData;
}
+ /**
+ * Returns the {@link AuthorizationType}.
+ *
+ * @return The {@link AuthorizationType}.
+ */
public AuthorizationType getAuthorizationDataType()
{
return authorizationDataType;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationType.java
index acb3bb2..1728ff0 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/AuthorizationType.java
@@ -32,35 +32,96 @@
public final class AuthorizationType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * Constant for the "null" authorization type.
*/
public static final AuthorizationType NULL = new AuthorizationType( 0, "null" );
+
+ /**
+ * Constant for the "if relevant" authorization type.
+ */
public static final AuthorizationType IF_RELEVANT = new AuthorizationType( 1, "if relevant" );
+
+ /**
+ * Constant for the "intended for server" authorization type.
+ */
public static final AuthorizationType INTENDED_FOR_SERVER = new AuthorizationType( 2, "intended for server" );
+
+ /**
+ * Constant for the "intended for application class" authorization type.
+ */
public static final AuthorizationType INTENDED_FOR_APPLICATION_CLASS = new AuthorizationType( 3,
"intended for application class" );
+
+ /**
+ * Constant for the "kdc issued" authorization type.
+ */
public static final AuthorizationType KDC_ISSUED = new AuthorizationType( 4, "kdc issued" );
+
+ /**
+ * Constant for the "or" authorization type.
+ */
public static final AuthorizationType OR = new AuthorizationType( 5, "or" );
+
+ /**
+ * Constant for the "mandatory ticket extensions" authorization type.
+ */
public static final AuthorizationType MANDATORY_TICKET_EXTENSIONS = new AuthorizationType( 6,
"mandatory ticket extensions" );
+
+ /**
+ * Constant for the "in ticket extensions" authorization type.
+ */
public static final AuthorizationType IN_TICKET_EXTENSIONS = new AuthorizationType( 7, "in ticket extensions" );
+
+ /**
+ * Constant for the "OSF DCE" authorization type.
+ */
public static final AuthorizationType OSF_DCE = new AuthorizationType( 64, "OSF DCE" );
+
+ /**
+ * Constant for the "sesame" authorization type.
+ */
public static final AuthorizationType SESAME = new AuthorizationType( 65, "sesame" );
+ /**
+ * Array for building a List of VALUES.
+ */
+ private static final AuthorizationType[] values =
+ { NULL, IF_RELEVANT, INTENDED_FOR_SERVER, INTENDED_FOR_APPLICATION_CLASS, KDC_ISSUED, OR,
+ MANDATORY_TICKET_EXTENSIONS, IN_TICKET_EXTENSIONS, OSF_DCE, SESAME };
- public String toString()
+ /**
+ * A List of all the authorization type constants.
+ */
+ public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ /**
+ * The name of the authorization type.
+ */
+ private final String name;
+
+ /**
+ * The value/code for the authorization type.
+ */
+ private final int ordinal;
+
+
+ /**
+ * Private constructor prevents construction outside of this class.
+ */
+ private AuthorizationType( int ordinal, String name )
{
- return name + " (" + ordinal + ")";
+ this.ordinal = ordinal;
+ this.name = name;
}
- public int compareTo( Object that )
- {
- return ordinal - ( ( AuthorizationType ) that ).ordinal;
- }
-
-
+ /**
+ * Returns the authorization type when specified by its ordinal.
+ *
+ * @param type
+ * @return The authorization type.
+ */
public static AuthorizationType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -73,31 +134,25 @@
}
+ /**
+ * Returns the number associated with this authorization type.
+ *
+ * @return The authorization type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
}
- /// PRIVATE /////
- private final String name;
- private final int ordinal;
-
- /**
- * Private constructor prevents construction outside of this class.
- */
- private AuthorizationType(int ordinal, String name)
+ public int compareTo( Object that )
{
- this.ordinal = ordinal;
- this.name = name;
+ return ordinal - ( ( AuthorizationType ) that ).ordinal;
}
- /**
- * These two lines are all that's necessary to export a List of VALUES.
- */
- private static final AuthorizationType[] values =
- { NULL, IF_RELEVANT, INTENDED_FOR_SERVER, INTENDED_FOR_APPLICATION_CLASS, KDC_ISSUED, OR,
- MANDATORY_TICKET_EXTENSIONS, IN_TICKET_EXTENSIONS, OSF_DCE, SESAME };
- // VALUES needs to be located here, otherwise illegal forward reference
- public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ public String toString()
+ {
+ return name + " (" + ordinal + ")";
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/Checksum.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/Checksum.java
index 32a7503..069767d 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/Checksum.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/Checksum.java
@@ -35,7 +35,13 @@
private byte[] checksum;
- public Checksum(ChecksumType checksumType, byte[] checksum)
+ /**
+ * Creates a new instance of Checksum.
+ *
+ * @param checksumType
+ * @param checksum
+ */
+ public Checksum( ChecksumType checksumType, byte[] checksum )
{
this.checksumType = checksumType;
this.checksum = checksum;
@@ -60,12 +66,22 @@
}
+ /**
+ * Returns the checksum value.
+ *
+ * @return The checksum value.
+ */
public byte[] getChecksumValue()
{
return checksum;
}
+ /**
+ * Returns the {@link ChecksumType}.
+ *
+ * @return The {@link ChecksumType}.
+ */
public ChecksumType getChecksumType()
{
return checksumType;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedData.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedData.java
index 1a80618..b47274c 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedData.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedData.java
@@ -34,7 +34,14 @@
private byte[] cipherText;
- public EncryptedData(EncryptionType type, int version, byte[] cipherText)
+ /**
+ * Creates a new instance of EncryptedData.
+ *
+ * @param type
+ * @param version
+ * @param cipherText
+ */
+ public EncryptedData( EncryptionType type, int version, byte[] cipherText )
{
encryptionType = type;
keyVersion = version;
@@ -42,18 +49,33 @@
}
+ /**
+ * Returns the {@link EncryptionType}.
+ *
+ * @return The {@link EncryptionType}.
+ */
public EncryptionType getEncryptionType()
{
return encryptionType;
}
+ /**
+ * Returns the key version.
+ *
+ * @return The key version.
+ */
public int getKeyVersion()
{
return keyVersion;
}
+ /**
+ * Returns the raw cipher text.
+ *
+ * @return The raw cipher text.
+ */
public byte[] getCipherText()
{
return cipherText;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedDataModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedDataModifier.java
index 5c39a91..9524454 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedDataModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedDataModifier.java
@@ -34,24 +34,44 @@
private byte[] cipherText;
+ /**
+ * Returns the {@link EncryptedData}.
+ *
+ * @return The {@link EncryptedData}.
+ */
public EncryptedData getEncryptedData()
{
return new EncryptedData( encryptionType, keyVersion, cipherText );
}
+ /**
+ * Sets the raw cipher text bytes.
+ *
+ * @param cipherText
+ */
public void setCipherText( byte[] cipherText )
{
this.cipherText = cipherText;
}
+ /**
+ * Sets the {@link EncryptionType}.
+ *
+ * @param type
+ */
public void setEncryptionType( EncryptionType type )
{
encryptionType = type;
}
+ /**
+ * Sets the key version.
+ *
+ * @param version
+ */
public void setKeyVersion( int version )
{
keyVersion = version;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedTimeStamp.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedTimeStamp.java
index 5b6bf1e..3d1e519 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedTimeStamp.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedTimeStamp.java
@@ -35,19 +35,35 @@
private int microSeconds; //optional
- public EncryptedTimeStamp(KerberosTime timeStamp, int microSeconds)
+ /**
+ * Creates a new instance of EncryptedTimeStamp.
+ *
+ * @param timeStamp
+ * @param microSeconds
+ */
+ public EncryptedTimeStamp( KerberosTime timeStamp, int microSeconds )
{
this.timeStamp = timeStamp;
this.microSeconds = microSeconds;
}
+ /**
+ * Returns the {@link KerberosTime}.
+ *
+ * @return The {@link KerberosTime}.
+ */
public KerberosTime getTimeStamp()
{
return timeStamp;
}
+ /**
+ * Returns the microseconds.
+ *
+ * @return The microseconds.
+ */
public int getMicroSeconds()
{
return microSeconds;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedTimeStampModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedTimeStampModifier.java
index 78c936a..c0606d4 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedTimeStampModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptedTimeStampModifier.java
@@ -30,18 +30,33 @@
private int microSecond; //optional
+ /**
+ * Returns the {@link EncryptedTimeStamp}.
+ *
+ * @return The {@link EncryptedTimeStamp}.
+ */
public EncryptedTimeStamp getEncryptedTimestamp()
{
return new EncryptedTimeStamp( timeStamp, microSecond );
}
+ /**
+ * Sets the {@link KerberosTime}.
+ *
+ * @param timeStamp
+ */
public void setKerberosTime( KerberosTime timeStamp )
{
this.timeStamp = timeStamp;
}
+ /**
+ * Sets the microseconds.
+ *
+ * @param microSecond
+ */
public void setMicroSecond( int microSecond )
{
this.microSecond = microSecond;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptionKey.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptionKey.java
index ad1cfa9..65a081e 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptionKey.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptionKey.java
@@ -26,6 +26,9 @@
/**
+ * A Kerberos symmetric encryption key, which includes metadata support for
+ * the associated key type and key version number.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
@@ -36,29 +39,86 @@
private int keyVersion;
- public EncryptionKey(EncryptionType keyType, byte[] keyValue)
+ /**
+ * Creates a new instance of EncryptionKey.
+ *
+ * @param keyType
+ * @param keyValue
+ */
+ public EncryptionKey( EncryptionType keyType, byte[] keyValue )
{
this.keyType = keyType;
this.keyValue = keyValue;
}
- public EncryptionKey(EncryptionType keyType, byte[] keyValue, int keyVersion)
+ /**
+ * Creates a new instance of EncryptionKey. This constructor supports 'keyVersion',
+ * which is sent over the wire as part of EncryptedData but makes more sense
+ * in the domain model to have here as part of the key itself. Therefore, the
+ * keyVersion should only be constructor-injected when EncryptionKey's are
+ * retrieved from persisted storage.
+ *
+ * @param keyType
+ * @param keyValue
+ * @param keyVersion
+ */
+ public EncryptionKey( EncryptionType keyType, byte[] keyValue, int keyVersion )
{
this.keyType = keyType;
this.keyValue = keyValue;
- /**
- * keyVersion is sent over the wire as part of EncryptedData but makes more sense
- * in the domain model to have here as part of the key itself. Therefore, the
- * keyVersion should only be constructor-injected when EncryptionKey's are
- * retrieved from persisted storage.
- *
- * TODO - keyVersion may move into persisted user configuration
- */
this.keyVersion = keyVersion;
}
+ /**
+ * Destroys this key by overwriting the symmetric key material with zeros.
+ */
+ public synchronized void destroy()
+ {
+ if ( keyValue != null )
+ {
+ for ( int ii = 0; ii < keyValue.length; ii++ )
+ {
+ keyValue[ii] = 0;
+ }
+ }
+ }
+
+
+ /**
+ * Returns the key type.
+ *
+ * @return The key type.
+ */
+ public EncryptionType getKeyType()
+ {
+ return keyType;
+ }
+
+
+ /**
+ * Returns the key value.
+ *
+ * @return The key value.
+ */
+ public byte[] getKeyValue()
+ {
+ return keyValue;
+ }
+
+
+ /**
+ * Returns the key version.
+ *
+ * @return The key version.
+ */
+ public int getKeyVersion()
+ {
+ return keyVersion;
+ }
+
+
public boolean equals( Object o )
{
if ( this == o )
@@ -76,38 +136,8 @@
}
- public synchronized void destroy()
- {
- if ( keyValue != null )
- {
- for ( int ii = 0; ii < keyValue.length; ii++ )
- {
- keyValue[ii] = 0;
- }
- }
- }
-
-
public String toString()
{
return keyType.toString() + " (" + keyType.getOrdinal() + ")";
}
-
-
- public EncryptionType getKeyType()
- {
- return keyType;
- }
-
-
- public byte[] getKeyValue()
- {
- return keyValue;
- }
-
-
- public int getKeyVersion()
- {
- return keyVersion;
- }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptionTypeInfoEntry.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptionTypeInfoEntry.java
index a1bd755e..89bade1 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptionTypeInfoEntry.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/EncryptionTypeInfoEntry.java
@@ -33,19 +33,35 @@
private byte[] salt;
- public EncryptionTypeInfoEntry(EncryptionType encryptionType, byte[] salt)
+ /**
+ * Creates a new instance of EncryptionTypeInfoEntry.
+ *
+ * @param encryptionType
+ * @param salt
+ */
+ public EncryptionTypeInfoEntry( EncryptionType encryptionType, byte[] salt )
{
this.encryptionType = encryptionType;
this.salt = salt;
}
+ /**
+ * Returns the salt.
+ *
+ * @return The salt.
+ */
public byte[] getSalt()
{
return salt;
}
+ /**
+ * Returns the {@link EncryptionType}.
+ *
+ * @return The {@link EncryptionType}.
+ */
public EncryptionType getEncryptionType()
{
return encryptionType;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddress.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddress.java
index 9ab421c..7f9f2c9 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddress.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddress.java
@@ -37,16 +37,24 @@
/**
- * Class constructors
+ * Creates a new instance of HostAddress.
+ *
+ * @param addressType
+ * @param address
*/
- public HostAddress(HostAddressType addressType, byte[] address)
+ public HostAddress( HostAddressType addressType, byte[] address )
{
this.addressType = addressType;
this.address = address;
}
- public HostAddress(InetAddress internetAddress)
+ /**
+ * Creates a new instance of HostAddress.
+ *
+ * @param internetAddress
+ */
+ public HostAddress( InetAddress internetAddress )
{
addressType = HostAddressType.ADDRTYPE_INET;
byte[] newAddress = internetAddress.getAddress();
@@ -55,6 +63,12 @@
}
+ /**
+ * Returns whether one {@link HostAddress} is equal to another.
+ *
+ * @param that
+ * @return true if the {@link HostAddress}'s are equal.
+ */
public boolean equals( HostAddress that )
{
if ( this.addressType != that.addressType || ( this.address != null && that.address == null )
@@ -83,12 +97,22 @@
}
+ /**
+ * Get the bytes for this address.
+ *
+ * @return The bytes of this address.
+ */
public byte[] getAddress()
{
return address;
}
+ /**
+ * Returns the {@link HostAddressType} of this {@link HostAddress}.
+ *
+ * @return The {@link HostAddressType}.
+ */
public HostAddressType getAddressType()
{
return addressType;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddressType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddressType.java
index b4b4e38..6a1ce01 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddressType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddressType.java
@@ -32,36 +32,127 @@
public final class HostAddressType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * Constant for the "null" host address type.
*/
public static final HostAddressType NULL = new HostAddressType( 0, "null" );
+
+ /**
+ * Constant for the "Unix" host address type.
+ */
public static final HostAddressType ADDRTYPE_UNIX = new HostAddressType( 1, "Unix" );
+
+ /**
+ * Constant for the "Internet" host address type.
+ */
public static final HostAddressType ADDRTYPE_INET = new HostAddressType( 2, "Internet" );
+
+ /**
+ * Constant for the "Arpanet" host address type.
+ */
public static final HostAddressType ADDRTYPE_IMPLINK = new HostAddressType( 3, "Arpanet" );
+
+ /**
+ * Constant for the "PUP" host address type.
+ */
public static final HostAddressType ADDRTYPE_PUP = new HostAddressType( 4, "PUP" );
+
+ /**
+ * Constant for the "CHAOS" host address type.
+ */
public static final HostAddressType ADDRTYPE_CHAOS = new HostAddressType( 5, "CHAOS" );
+
+ /**
+ * Constant for the "XEROX Network Services" host address type.
+ */
public static final HostAddressType ADDRTYPE_XNS = new HostAddressType( 6, "XEROX Network Services" );
+
+ /**
+ * Constant for the "IPX" host address type.
+ */
public static final HostAddressType ADDRTYPE_IPX = new HostAddressType( 6, "IPX" );
+
+ /**
+ * Constant for the "OSI" host address type.
+ */
public static final HostAddressType ADDRTYPE_OSI = new HostAddressType( 7, "OSI" );
+
+ /**
+ * Constant for the "European Computer Manufacturers" host address type.
+ */
public static final HostAddressType ADDRTYPE_ECMA = new HostAddressType( 8, "European Computer Manufacturers" );
+
+ /**
+ * Constant for the "Datakit" host address type.
+ */
public static final HostAddressType ADDRTYPE_DATAKIT = new HostAddressType( 9, "Datakit" );
+
+ /**
+ * Constant for the "CCITT" host address type.
+ */
public static final HostAddressType ADDRTYPE_CCITT = new HostAddressType( 10, "CCITT" );
+
+ /**
+ * Constant for the "SNA" host address type.
+ */
public static final HostAddressType ADDRTYPE_SNA = new HostAddressType( 11, "SNA" );
+
+ /**
+ * Constant for the "DECnet" host address type.
+ */
public static final HostAddressType ADDRTYPE_DECNET = new HostAddressType( 12, "DECnet" );
+
+ /**
+ * Constant for the "Direct Data Link Interface" host address type.
+ */
public static final HostAddressType ADDRTYPE_DLI = new HostAddressType( 13, "Direct Data Link Interface" );
+
+ /**
+ * Constant for the "LAT" host address type.
+ */
public static final HostAddressType ADDRTYPE_LAT = new HostAddressType( 14, "LAT" );
+
+ /**
+ * Constant for the "NSC Hyperchannel" host address type.
+ */
public static final HostAddressType ADDRTYPE_HYLINK = new HostAddressType( 15, "NSC Hyperchannel" );
+
+ /**
+ * Constant for the "AppleTalk" host address type.
+ */
public static final HostAddressType ADDRTYPE_APPLETALK = new HostAddressType( 16, "AppleTalk" );
+
+ /**
+ * Constant for the "NetBios" host address type.
+ */
public static final HostAddressType ADDRTYPE_NETBIOS = new HostAddressType( 17, "NetBios" );
+
+ /**
+ * Constant for the "VoiceView" host address type.
+ */
public static final HostAddressType ADDRTYPE_VOICEVIEW = new HostAddressType( 18, "VoiceView" );
+
+ /**
+ * Constant for the "Firefox" host address type.
+ */
public static final HostAddressType ADDRTYPE_FIREFOX = new HostAddressType( 19, "Firefox" );
+
+ /**
+ * Constant for the "Banyan" host address type.
+ */
public static final HostAddressType ADDRTYPE_BAN = new HostAddressType( 21, "Banyan" );
+
+ /**
+ * Constant for the "ATM" host address type.
+ */
public static final HostAddressType ADDRTYPE_ATM = new HostAddressType( 22, "ATM" );
+
+ /**
+ * Constant for the "Internet Protocol V6" host address type.
+ */
public static final HostAddressType ADDRTYPE_INET6 = new HostAddressType( 23, "Internet Protocol V6" );
/**
- * These two lines are all that's necessary to export a List of VALUES.
+ * Array for building a List of VALUES.
*/
private static final HostAddressType[] values =
{ NULL, ADDRTYPE_UNIX, ADDRTYPE_INET, ADDRTYPE_IMPLINK, ADDRTYPE_PUP, ADDRTYPE_CHAOS, ADDRTYPE_XNS,
@@ -69,34 +160,38 @@
ADDRTYPE_DLI, ADDRTYPE_LAT, ADDRTYPE_HYLINK, ADDRTYPE_APPLETALK, ADDRTYPE_NETBIOS, ADDRTYPE_VOICEVIEW,
ADDRTYPE_FIREFOX, ADDRTYPE_BAN, ADDRTYPE_ATM, ADDRTYPE_INET6 };
+ /**
+ * A List of all the host address type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+ /**
+ * The name of the host address type.
+ */
private final String name;
+
+ /**
+ * The value/code for the host address type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private HostAddressType(int ordinal, String name)
+ private HostAddressType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
}
- public String toString()
- {
- return name + " (" + ordinal + ")";
- }
-
-
- public int compareTo( Object that )
- {
- return ordinal - ( ( HostAddressType ) that ).ordinal;
- }
-
-
+ /**
+ * Returns the host address type when specified by its ordinal.
+ *
+ * @param type
+ * @return The host address type.
+ */
public static HostAddressType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -111,8 +206,25 @@
}
+ /**
+ * Returns the number associated with this host address type.
+ *
+ * @return The host address type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
}
+
+
+ public int compareTo( Object that )
+ {
+ return ordinal - ( ( HostAddressType ) that ).ordinal;
+ }
+
+
+ public String toString()
+ {
+ return name + " (" + ordinal + ")";
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddresses.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddresses.java
index 2b0e0b3..f265031 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddresses.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/HostAddresses.java
@@ -30,14 +30,22 @@
/**
- * Class constructors
+ * Creates a new instance of HostAddresses.
+ *
+ * @param addresses
*/
- public HostAddresses(HostAddress[] addresses)
+ public HostAddresses( HostAddress[] addresses )
{
this.addresses = addresses;
}
+ /**
+ * Returns true if this {@link HostAddresses} contains a specified {@link HostAddress}.
+ *
+ * @param address
+ * @return true if this {@link HostAddresses} contains a specified {@link HostAddress}.
+ */
public boolean contains( HostAddress address )
{
if ( addresses != null )
@@ -55,6 +63,12 @@
}
+ /**
+ * Returns true if two {@link HostAddresses} are equal.
+ *
+ * @param that
+ * @return true if two {@link HostAddresses} are equal.
+ */
public boolean equals( HostAddresses that )
{
if ( ( this.addresses == null && that.addresses != null )
@@ -83,6 +97,11 @@
}
+ /**
+ * Returns the contained {@link HostAddress}s as an array.
+ *
+ * @return An array of {@link HostAddress}s.
+ */
public HostAddress[] getAddresses()
{
return addresses;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KdcOptions.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KdcOptions.java
index cd676e5..53b2702 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KdcOptions.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KdcOptions.java
@@ -26,51 +26,108 @@
*/
public class KdcOptions extends Options
{
- // KDC option - reserved
+ /**
+ * KDC option - reserved.
+ */
public static final int RESERVED = 0;
- // KDC option - forwardable
+ /**
+ * KDC option - forwardable.
+ */
public static final int FORWARDABLE = 1;
- // KDC option - forwarded
+
+ /**
+ * KDC option - forwarded.
+ */
public static final int FORWARDED = 2;
- // KDC option - proxiable
+
+ /**
+ * KDC option - proxiable.
+ */
public static final int PROXIABLE = 3;
- // KDC option - proxy
+
+ /**
+ * KDC option - proxy.
+ */
public static final int PROXY = 4;
- // KDC option - allow postdate
+
+ /**
+ * KDC option - allow postdate.
+ */
public static final int ALLOW_POSTDATE = 5;
- // KDC option - postdated
+
+ /**
+ * KDC option - postdated.
+ */
public static final int POSTDATED = 6;
- // KDC option - unused7
+
+ /**
+ * KDC option - unused7.
+ */
public static final int UNUSED7 = 7;
- // KDC option - renewable
+
+ /**
+ * KDC option - renewable.
+ */
public static final int RENEWABLE = 8;
- // KDC option - unused9
+
+ /**
+ * KDC option - unused9.
+ */
public static final int UNUSED9 = 9;
- // KDC option - unused10
+
+ /**
+ * KDC option - unused10.
+ */
public static final int UNUSED10 = 10;
- // KDC option - unused11
+
+ /**
+ * KDC option - unused11.
+ */
public static final int UNUSED11 = 11;
- // KDC option - unused12
+
+ /**
+ * KDC option - unused12.
+ */
public static final int UNUSED12 = 12;
- // KDC option - unused13
+
+ /**
+ * KDC option - unused13.
+ */
public static final int UNUSED13 = 13;
- // KDC option - disable transisted checked
+
+ /**
+ * KDC option - disable transisted checked.
+ */
public static final int DISABLE_TRANSISTED_CHECKED = 26;
- // KDC option - renewable is ok
+
+ /**
+ * KDC option - renewable is ok.
+ */
public static final int RENEWABLE_OK = 27;
- // KDC option - encrypted key in skey
+
+ /**
+ * KDC option - encrypted key in skey.
+ */
public static final int ENC_TKT_IN_SKEY = 28;
- // KDC option - renew
+
+ /**
+ * KDC option - renew.
+ */
public static final int RENEW = 30;
- // KDC option - validate
+
+ /**
+ * KDC option - validate.
+ */
public static final int VALIDATE = 31;
- // KDC option - maximum value
+ /**
+ * KDC option - maximum value.
+ */
public static final int MAX_VALUE = 32;
/**
- * Class constructors
+ * Creates a new instance of KdcOptions.
*/
public KdcOptions()
{
@@ -78,7 +135,12 @@
}
- public KdcOptions(byte[] bytes)
+ /**
+ * Creates a new instance of KdcOptions.
+ *
+ * @param bytes
+ */
+ public KdcOptions( byte[] bytes )
{
super( MAX_VALUE );
setBytes( bytes );
@@ -86,7 +148,7 @@
/**
- * Converts the object to a printable string
+ * Converts the object to a printable string.
*/
public String toString()
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosPrincipalModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosPrincipalModifier.java
index 88d5be8..785ead6 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosPrincipalModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosPrincipalModifier.java
@@ -35,6 +35,11 @@
String realm;
+ /**
+ * Returns the {@link KerberosPrincipal}.
+ *
+ * @return The {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getKerberosPrincipal()
{
if ( nameComponent != null )
@@ -55,12 +60,22 @@
}
+ /**
+ * Sets the {@link PrincipalName}.
+ *
+ * @param principalName
+ */
public void setPrincipalName( PrincipalName principalName )
{
nameComponent = principalName;
}
+ /**
+ * Sets the realm.
+ *
+ * @param realm
+ */
public void setRealm( String realm )
{
this.realm = realm;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosTime.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosTime.java
index ce4e508..e6b4a20 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosTime.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KerberosTime.java
@@ -32,8 +32,11 @@
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class KerberosTime implements Comparable
+public class KerberosTime implements Comparable<KerberosTime>
{
+ /**
+ * Constant for the {@link KerberosTime} "infinity."
+ */
public static final KerberosTime INFINITY = new KerberosTime( Long.MAX_VALUE );
private static final TimeZone UTC_TIME_ZONE = TimeZone.getTimeZone( "UTC" );
@@ -47,24 +50,44 @@
private long kerberosTime;
+ /**
+ * Creates a new instance of KerberosTime.
+ */
public KerberosTime()
{
kerberosTime = System.currentTimeMillis();
}
- public KerberosTime(long time)
+ /**
+ * Creates a new instance of KerberosTime.
+ *
+ * @param time
+ */
+ public KerberosTime( long time )
{
kerberosTime = time;
}
- public KerberosTime(Date time)
+ /**
+ * Creates a new instance of KerberosTime.
+ *
+ * @param time
+ */
+ public KerberosTime( Date time )
{
kerberosTime = time.getTime();
}
-
+
+ /**
+ * Returns the {@link KerberosTime} for a given zulu time.
+ *
+ * @param zuluTime
+ * @return The {@link KerberosTime}.
+ * @throws ParseException
+ */
public static KerberosTime getTime( String zuluTime ) throws ParseException
{
Date date = null;
@@ -75,24 +98,19 @@
return new KerberosTime( date );
}
-
- public int compareTo( Object o )
+
+ public int compareTo( KerberosTime that )
{
final int BEFORE = -1;
final int EQUAL = 0;
final int AFTER = 1;
// this optimization is usually worthwhile, and can always be added
- if ( this == o )
+ if ( this == that )
{
return EQUAL;
}
- // Performing explicit checks for nullity and type are made redundant by
- // the following cast, which will throw NullPointerException and
- // ClassCastException in these respective cases.
- final KerberosTime that = ( KerberosTime ) o;
-
// primitive numbers follow this form
if ( this.kerberosTime < that.kerberosTime )
{
@@ -108,42 +126,81 @@
}
+ /**
+ * Returns the {@link KerberosTime} as a long.
+ *
+ * @return The {@link KerberosTime} as a long.
+ */
public long getTime()
{
return kerberosTime;
}
+ /**
+ * Returns the {@link KerberosTime} as a {@link Date}.
+ *
+ * @return The {@link KerberosTime} as a {@link Date}.
+ */
public Date toDate()
{
return new Date( kerberosTime );
}
+ /**
+ * Returns whether this {@link KerberosTime} is within the given clockskew.
+ *
+ * @param clockSkew
+ * @return true if this {@link KerberosTime} is within the given clockskew.
+ */
public boolean isInClockSkew( long clockSkew )
{
return Math.abs( kerberosTime - System.currentTimeMillis() ) < clockSkew;
}
+ /**
+ * Returns whether this {@link KerberosTime} is greater than a given {@link KerberosTime}.
+ *
+ * @param time
+ * @return true if this {@link KerberosTime} is greater than a given {@link KerberosTime}.
+ */
public boolean greaterThan( KerberosTime time )
{
return kerberosTime > time.kerberosTime;
}
+ /**
+ * Returns whether this {@link KerberosTime} is less than a given {@link KerberosTime}.
+ *
+ * @param time
+ * @return true if this {@link KerberosTime} is less than a given {@link KerberosTime}.
+ */
public boolean lessThan( KerberosTime time )
{
return kerberosTime < time.kerberosTime;
}
+ /**
+ * Returns whether this {@link KerberosTime} is equal to another {@link KerberosTime}.
+ *
+ * @param time
+ * @return true if the two {@link KerberosTime}s are equal.
+ */
public boolean equals( KerberosTime time )
{
return kerberosTime == time.kerberosTime;
}
+ /**
+ * Returns whether this {@link KerberosTime} is zero.
+ *
+ * @return true if this {@link KerberosTime} is zero.
+ */
public boolean isZero()
{
return kerberosTime == 0;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KrbCredInfo.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KrbCredInfo.java
index b893ed3..777a7e7 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KrbCredInfo.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/KrbCredInfo.java
@@ -42,9 +42,22 @@
private HostAddresses clientAddresses; //optional
- public KrbCredInfo(EncryptionKey key, KerberosPrincipal clientPrincipal, TicketFlags flags, KerberosTime authTime,
+ /**
+ * Creates a new instance of KrbCredInfo.
+ *
+ * @param key
+ * @param clientPrincipal
+ * @param flags
+ * @param authTime
+ * @param startTime
+ * @param endTime
+ * @param renewTill
+ * @param serverPrincipal
+ * @param clientAddresses
+ */
+ public KrbCredInfo( EncryptionKey key, KerberosPrincipal clientPrincipal, TicketFlags flags, KerberosTime authTime,
KerberosTime startTime, KerberosTime endTime, KerberosTime renewTill, KerberosPrincipal serverPrincipal,
- HostAddresses clientAddresses)
+ HostAddresses clientAddresses )
{
this.key = key;
this.clientPrincipal = clientPrincipal;
@@ -58,54 +71,99 @@
}
+ /**
+ * Returns the auth {@link KerberosTime}.
+ *
+ * @return The auth {@link KerberosTime}.
+ */
public KerberosTime getAuthTime()
{
return authTime;
}
+ /**
+ * Returns the client {@link HostAddresses}.
+ *
+ * @return The client {@link HostAddresses}.
+ */
public HostAddresses getClientAddresses()
{
return clientAddresses;
}
+ /**
+ * Returns the end {@link KerberosTime}.
+ *
+ * @return The end {@link KerberosTime}.
+ */
public KerberosTime getEndTime()
{
return endTime;
}
+ /**
+ * Returns the {@link TicketFlags}.
+ *
+ * @return The {@link TicketFlags}.
+ */
public TicketFlags getFlags()
{
return flags;
}
+ /**
+ * Returns the {@link EncryptionKey}.
+ *
+ * @return The {@link EncryptionKey}.
+ */
public EncryptionKey getKey()
{
return key;
}
+ /**
+ * Returns the client {@link KerberosPrincipal}.
+ *
+ * @return The client {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getClientPrincipal()
{
return clientPrincipal;
}
+ /**
+ * Returns the renew till {@link KerberosTime}.
+ *
+ * @return The renew till {@link KerberosTime}.
+ */
public KerberosTime getRenewTill()
{
return renewTill;
}
+ /**
+ * Returns the server {@link KerberosPrincipal}.
+ *
+ * @return The server {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getServerPrincipal()
{
return serverPrincipal;
}
+ /**
+ * Returns the start {@link KerberosTime}.
+ *
+ * @return The start {@link KerberosTime}.
+ */
public KerberosTime getStartTime()
{
return startTime;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequest.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequest.java
index 133a00c..db79de8 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequest.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequest.java
@@ -29,18 +29,31 @@
private LastRequestEntry[] entries = new LastRequestEntry[1];
+ /**
+ * Creates a new instance of LastRequest.
+ */
public LastRequest()
{
entries[0] = new LastRequestEntry( LastRequestType.NONE, new KerberosTime() );
}
- public LastRequest(LastRequestEntry[] entries)
+ /**
+ * Creates a new instance of LastRequest.
+ *
+ * @param entries
+ */
+ public LastRequest( LastRequestEntry[] entries )
{
this.entries = entries;
}
+ /**
+ * Returns an array of {@link LastRequestEntry}s.
+ *
+ * @return The array of {@link LastRequestEntry}s.
+ */
public LastRequestEntry[] getEntries()
{
return entries;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestEntry.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestEntry.java
index 49649de..0221b3b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestEntry.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestEntry.java
@@ -30,19 +30,35 @@
private KerberosTime lastRequestValue;
- public LastRequestEntry(LastRequestType type, KerberosTime value)
+ /**
+ * Creates a new instance of LastRequestEntry.
+ *
+ * @param type
+ * @param value
+ */
+ public LastRequestEntry( LastRequestType type, KerberosTime value )
{
lastRequestType = type;
lastRequestValue = value;
}
+ /**
+ * Returns the {@link LastRequestType}.
+ *
+ * @return The {@link LastRequestType}.
+ */
public LastRequestType getLastRequestType()
{
return lastRequestType;
}
+ /**
+ * Returns the {@link KerberosTime} of the last request.
+ *
+ * @return The {@link KerberosTime} of the last request.
+ */
public KerberosTime getLastRequestValue()
{
return lastRequestValue;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestType.java
index c628bf9..fb498d5 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/LastRequestType.java
@@ -32,30 +32,79 @@
public final class LastRequestType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * Constant for the "none" last request type.
*/
public static final LastRequestType NONE = new LastRequestType( 0, "none" );
+
+ /**
+ * Constant for the "time of initial ticket" last request type.
+ */
public static final LastRequestType TIME_OF_INITIAL_TGT = new LastRequestType( 1, "time of initial ticket" );
+
+ /**
+ * Constant for the "time of initial request" last request type.
+ */
public static final LastRequestType TIME_OF_INITIAL_REQ = new LastRequestType( 2, "time of initial request" );
+
+ /**
+ * Constant for the "time of newest ticket" last request type.
+ */
public static final LastRequestType TIME_OF_NEWEST_TGT = new LastRequestType( 3, "time of newest ticket" );
+
+ /**
+ * Constant for the "time of last renewal" last request type.
+ */
public static final LastRequestType TIME_OF_LAST_RENEWAL = new LastRequestType( 4, "time of last renewal" );
+
+ /**
+ * Constant for the "time of last request" last request type.
+ */
public static final LastRequestType TIME_OF_LAST_REQ = new LastRequestType( 5, "time of last request" );
+
+ /**
+ * Constant for the "time of password expiration" last request type.
+ */
public static final LastRequestType TIME_OF_PASSWORD_EXP = new LastRequestType( 6, "time of password expiration" );
+ /**
+ * Array for building a List of VALUES.
+ */
+ private static final LastRequestType[] values =
+ { NONE, TIME_OF_INITIAL_TGT, TIME_OF_INITIAL_REQ, TIME_OF_NEWEST_TGT, TIME_OF_LAST_RENEWAL, TIME_OF_LAST_REQ,
+ TIME_OF_PASSWORD_EXP };
- public String toString()
+ /**
+ * A List of all the last request type constants.
+ */
+ public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ /**
+ * The name of the checksum type.
+ */
+ private final String name;
+
+ /**
+ * The value/code for the checksum type.
+ */
+ private final int ordinal;
+
+
+ /**
+ * Private constructor prevents construction outside of this class.
+ */
+ private LastRequestType( int ordinal, String name )
{
- return name + " (" + ordinal + ")";
+ this.ordinal = ordinal;
+ this.name = name;
}
- public int compareTo( Object that )
- {
- return ordinal - ( ( LastRequestType ) that ).ordinal;
- }
-
-
+ /**
+ * Returns the last request type when specified by its ordinal.
+ *
+ * @param type
+ * @return The last request type.
+ */
public static LastRequestType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -70,31 +119,25 @@
}
+ /**
+ * Returns the number associated with this last request type.
+ *
+ * @return The last request type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
}
- /// PRIVATE /////
- private final String name;
- private final int ordinal;
-
- /**
- * Private constructor prevents construction outside of this class.
- */
- private LastRequestType(int ordinal, String name)
+ public int compareTo( Object that )
{
- this.ordinal = ordinal;
- this.name = name;
+ return ordinal - ( ( LastRequestType ) that ).ordinal;
}
- /**
- * These two lines are all that's necessary to export a List of VALUES.
- */
- private static final LastRequestType[] values =
- { NONE, TIME_OF_INITIAL_TGT, TIME_OF_INITIAL_REQ, TIME_OF_NEWEST_TGT, TIME_OF_LAST_RENEWAL, TIME_OF_LAST_REQ,
- TIME_OF_PASSWORD_EXP };
- // VALUES needs to be located here, otherwise illegal forward reference
- public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ public String toString()
+ {
+ return name + " (" + ordinal + ")";
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/Options.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/Options.java
index 7a8f920..553918f 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/Options.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/Options.java
@@ -33,41 +33,66 @@
private int maxSize;
- protected Options(int maxSize)
+ protected Options( int maxSize )
{
this.maxSize = maxSize;
options = new BitSet( maxSize );
}
+ /**
+ * Returns whether the option at a given index matches the option in this {@link Options}.
+ *
+ * @param options
+ * @param option
+ * @return true if two options are the same.
+ */
public boolean match( Options options, int option )
{
return options.get( option ) == this.get( option );
}
+ /**
+ * Returns the value of the option at the given index.
+ *
+ * @param index
+ * @return true if the option at the given index is set.
+ */
public boolean get( int index )
{
return options.get( index );
}
+ /**
+ * Sets the option at a given index.
+ *
+ * @param index
+ */
public void set( int index )
{
options.set( index );
}
+ /**
+ * Clears (sets false) the option at a given index.
+ *
+ * @param index
+ */
public void clear( int index )
{
options.clear( index );
}
- /*
+ /**
* Byte-reversing methods are an anomaly of the BouncyCastle
* DERBitString endianness. Thes methods can be removed if the
* Apache Directory Snickers codecs operate differently.
+ *
+ * @return The raw {@link Options} bytes.
*/
public byte[] getBytes()
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationData.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationData.java
index 535d48c..04e869d 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationData.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationData.java
@@ -30,19 +30,35 @@
private byte[] dataValue;
- public PreAuthenticationData(PreAuthenticationDataType dataType, byte[] dataValue)
+ /**
+ * Creates a new instance of PreAuthenticationData.
+ *
+ * @param dataType
+ * @param dataValue
+ */
+ public PreAuthenticationData( PreAuthenticationDataType dataType, byte[] dataValue )
{
this.dataType = dataType;
this.dataValue = dataValue;
}
+ /**
+ * Returns the {@link PreAuthenticationDataType}.
+ *
+ * @return The {@link PreAuthenticationDataType}.
+ */
public PreAuthenticationDataType getDataType()
{
return dataType;
}
+ /**
+ * Returns the raw bytes of the {@link PreAuthenticationData}.
+ *
+ * @return The raw bytes of the {@link PreAuthenticationData}.
+ */
public byte[] getDataValue()
{
return dataValue;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationDataModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationDataModifier.java
index 358124c..09103fc 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationDataModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationDataModifier.java
@@ -30,18 +30,33 @@
private byte[] dataValue;
+ /**
+ * Returns the {@link PreAuthenticationData}.
+ *
+ * @return The {@link PreAuthenticationData}.
+ */
public PreAuthenticationData getPreAuthenticationData()
{
return new PreAuthenticationData( dataType, dataValue );
}
+ /**
+ * Sets the {@link PreAuthenticationDataType}.
+ *
+ * @param dataType
+ */
public void setDataType( PreAuthenticationDataType dataType )
{
this.dataType = dataType;
}
+ /**
+ * Sets the raw bytes of this {@link PreAuthenticationData}.
+ *
+ * @param dataValue
+ */
public void setDataValue( byte[] dataValue )
{
this.dataValue = dataValue;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationDataType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationDataType.java
index 32bf89d..e84523d 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationDataType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PreAuthenticationDataType.java
@@ -32,72 +32,141 @@
public class PreAuthenticationDataType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * Constant for the "null" pre-authentication data type.
*/
public static final PreAuthenticationDataType NULL = new PreAuthenticationDataType( 0, "null" );
- public static final PreAuthenticationDataType PA_TGS_REQ = new PreAuthenticationDataType( 1, "TGS Request." );
+
+ /**
+ * Constant for the "TGS request" pre-authentication data type.
+ */
+ public static final PreAuthenticationDataType PA_TGS_REQ = new PreAuthenticationDataType( 1, "TGS request." );
+
+ /**
+ * Constant for the "encrypted timestamp" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_ENC_TIMESTAMP = new PreAuthenticationDataType( 2,
"Encrypted timestamp." );
+
+ /**
+ * Constant for the "password salt" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_PW_SALT = new PreAuthenticationDataType( 3, "password salt" );
+
+ /**
+ * Constant for the "enc unix time" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_ENC_UNIX_TIME = new PreAuthenticationDataType( 5, "enc unix time" );
+
+ /**
+ * Constant for the "sandia secureid" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_SANDIA_SECUREID = new PreAuthenticationDataType( 6,
"sandia secureid" );
+
+ /**
+ * Constant for the "sesame" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_SESAME = new PreAuthenticationDataType( 7, "sesame" );
+
+ /**
+ * Constant for the "OSF DCE" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_OSF_DCE = new PreAuthenticationDataType( 8, "OSF DCE" );
+
+ /**
+ * Constant for the "cybersafe secureid" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_CYBERSAFE_SECUREID = new PreAuthenticationDataType( 9,
"cybersafe secureid" );
+
+ /**
+ * Constant for the "ASF3 salt" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_ASF3_SALT = new PreAuthenticationDataType( 10, "ASF3 salt" );
+
+ /**
+ * Constant for the "encryption info" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_ENCTYPE_INFO = new PreAuthenticationDataType( 11,
"Encryption info." );
+
+ /**
+ * Constant for the "SAM challenge" pre-authentication data type.
+ */
public static final PreAuthenticationDataType SAM_CHALLENGE = new PreAuthenticationDataType( 12, "SAM challenge." );
+
+ /**
+ * Constant for the "SAM response" pre-authentication data type.
+ */
public static final PreAuthenticationDataType SAM_RESPONSE = new PreAuthenticationDataType( 13, "SAM response." );
+
+ /**
+ * Constant for the "PK as request" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_PK_AS_REQ = new PreAuthenticationDataType( 14, "PK as request" );
+
+ /**
+ * Constant for the "PK as response" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_PK_AS_REP = new PreAuthenticationDataType( 15, "PK as response" );
+
+ /**
+ * Constant for the "use specified key version" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_USE_SPECIFIED_KVNO = new PreAuthenticationDataType( 20,
"use specified key version" );
+
+ /**
+ * Constant for the "SAM redirect" pre-authentication data type.
+ */
public static final PreAuthenticationDataType SAM_REDIRECT = new PreAuthenticationDataType( 21, "SAM redirect." );
+
+ /**
+ * Constant for the "get from typed data" pre-authentication data type.
+ */
public static final PreAuthenticationDataType PA_GET_FROM_TYPED_DATA = new PreAuthenticationDataType( 22,
"Get from typed data" );
- /** Array for building a List of VALUES. */
+ /**
+ * Array for building a List of VALUES.
+ */
private static final PreAuthenticationDataType[] values =
{ NULL, PA_TGS_REQ, PA_ENC_TIMESTAMP, PA_PW_SALT, PA_ENC_UNIX_TIME, PA_SANDIA_SECUREID, PA_SESAME, PA_OSF_DCE,
PA_CYBERSAFE_SECUREID, PA_ASF3_SALT, PA_ENCTYPE_INFO, SAM_CHALLENGE, SAM_RESPONSE, PA_PK_AS_REQ,
PA_PK_AS_REP, PA_USE_SPECIFIED_KVNO, SAM_REDIRECT, PA_GET_FROM_TYPED_DATA };
- /** A list of all the pre-authentication type constants. */
+ /**
+ * A list of all the pre-authentication type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
- /** The name of the pre-authentication type. */
+ /**
+ * The name of the pre-authentication type.
+ */
private final String name;
- /** The value/code for the pre-authentication type. */
+ /**
+ * The value/code for the pre-authentication type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private PreAuthenticationDataType(int ordinal, String name)
+ private PreAuthenticationDataType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
}
- public String toString()
- {
- return name + " (" + ordinal + ")";
- }
-
-
- public int compareTo( Object that )
- {
- return ordinal - ( ( PreAuthenticationDataType ) that ).ordinal;
- }
-
-
+ /**
+ * Returns the pre-authentication type when specified by its ordinal.
+ *
+ * @param type
+ * @return The pre-authentication type.
+ */
public static PreAuthenticationDataType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -112,8 +181,25 @@
}
+ /**
+ * Returns the number associated with this pre-authentication type.
+ *
+ * @return The pre-authentication type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
}
+
+
+ public int compareTo( Object that )
+ {
+ return ordinal - ( ( PreAuthenticationDataType ) that ).ordinal;
+ }
+
+
+ public String toString()
+ {
+ return name + " (" + ordinal + ")";
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalName.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalName.java
index 8e2acbb..abf37ee 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalName.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalName.java
@@ -30,19 +30,35 @@
private int nameType;
- public PrincipalName(String nameComponent, int nameType)
+ /**
+ * Creates a new instance of PrincipalName.
+ *
+ * @param nameComponent
+ * @param nameType
+ */
+ public PrincipalName( String nameComponent, int nameType )
{
this.nameComponent = nameComponent;
this.nameType = nameType;
}
+ /**
+ * Returns the type of the {@link PrincipalName}.
+ *
+ * @return The type of the {@link PrincipalName}.
+ */
public int getNameType()
{
return nameType;
}
+ /**
+ * Returns the name component.
+ *
+ * @return The name component.
+ */
public String getNameComponent()
{
return nameComponent;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalNameModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalNameModifier.java
index 1dfba96..59586fb 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalNameModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalNameModifier.java
@@ -33,18 +33,23 @@
{
private static final String COMPONENT_SEPARATOR = "/";
- List components = new ArrayList();
+ List<String> components = new ArrayList<String>();
int nameType;
+ /**
+ * Returns the {@link PrincipalName}.
+ *
+ * @return The {@link PrincipalName}.
+ */
public PrincipalName getPrincipalName()
{
StringBuffer sb = new StringBuffer();
- Iterator it = components.iterator();
+ Iterator<String> it = components.iterator();
while ( it.hasNext() )
{
- String component = ( String ) it.next();
+ String component = it.next();
sb.append( component );
if ( it.hasNext() )
@@ -57,12 +62,22 @@
}
+ /**
+ * Sets the type.
+ *
+ * @param type
+ */
public void setType( int type )
{
nameType = type;
}
+ /**
+ * Adds a name component.
+ *
+ * @param name
+ */
public void addName( String name )
{
components.add( name );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalNameType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalNameType.java
index 72a42a0..551197c 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalNameType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/PrincipalNameType.java
@@ -32,34 +32,83 @@
public final class PrincipalNameType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * Constant for the "unknown name type" principal name type.
*/
public static final PrincipalNameType KRB_NT_UNKNOWN = new PrincipalNameType( 0, "unknown name type" );
+
+ /**
+ * Constant for the "user principal name type" principal name type.
+ */
public static final PrincipalNameType KRB_NT_PRINCIPAL = new PrincipalNameType( 1, "user principal name type" );
+
+ /**
+ * Constant for the "service and other unique instance (krbtgt) name type" principal name type.
+ */
public static final PrincipalNameType KRB_NT_SRV_INST = new PrincipalNameType( 2,
"service and other unique instance (krbtgt) name type" );
+
+ /**
+ * Constant for the "service with host name as instance (telnet, rcommands)" principal name type.
+ */
public static final PrincipalNameType KRB_NT_SRV_HST = new PrincipalNameType( 3,
"service with host name as instance (telnet, rcommands)" );
+
+ /**
+ * Constant for the "service with host name as instance (telnet, rcommands) name type" principal name type.
+ */
public static final PrincipalNameType KRB_NT_SRV_XHST = new PrincipalNameType( 4,
"service with host name as instance (telnet, rcommands) name type" );
+
+ /**
+ * Constant for the "unique ID name type" principal name type.
+ */
public static final PrincipalNameType KRB_NT_UID = new PrincipalNameType( 5, "unique ID name type" );
+
+ /**
+ * Constant for the "nt x500 principal; encoded X.509 Distinguished name [RFC 2253]" principal name type.
+ */
public static final PrincipalNameType KRB_NT_X500_PRINCIPAL = new PrincipalNameType( 6,
"nt x500 principal; encoded X.509 Distinguished name [RFC 2253]" );
+ /**
+ * Array for building a List of VALUES.
+ */
+ private static final PrincipalNameType[] values =
+ { KRB_NT_UNKNOWN, KRB_NT_PRINCIPAL, KRB_NT_SRV_INST, KRB_NT_SRV_HST, KRB_NT_SRV_XHST, KRB_NT_UID,
+ KRB_NT_X500_PRINCIPAL };
- public String toString()
+ /**
+ * A List of all the principal name type constants.
+ */
+ public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ /**
+ * The name of the principal name type.
+ */
+ private final String name;
+
+ /**
+ * The value/code for the principal name type.
+ */
+ private final int ordinal;
+
+
+ /**
+ * Private constructor prevents construction outside of this class.
+ */
+ private PrincipalNameType( int ordinal, String name )
{
- return name + " (" + ordinal + ")";
+ this.ordinal = ordinal;
+ this.name = name;
}
- public int compareTo( Object that )
- {
- return ordinal - ( ( PrincipalNameType ) that ).ordinal;
- }
-
-
+ /**
+ * Returns the principal name type when specified by its ordinal.
+ *
+ * @param type
+ * @return The principal name type.
+ */
public static PrincipalNameType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -74,31 +123,25 @@
}
+ /**
+ * Returns the number associated with this principal name type.
+ *
+ * @return The principal name type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
}
- /// PRIVATE /////
- private final String name;
- private final int ordinal;
-
- /**
- * Private constructor prevents construction outside of this class.
- */
- private PrincipalNameType(int ordinal, String name)
+ public int compareTo( Object that )
{
- this.ordinal = ordinal;
- this.name = name;
+ return ordinal - ( ( PrincipalNameType ) that ).ordinal;
}
- /**
- * These two lines are all that's necessary to export a List of VALUES.
- */
- private static final PrincipalNameType[] values =
- { KRB_NT_UNKNOWN, KRB_NT_PRINCIPAL, KRB_NT_SRV_INST, KRB_NT_SRV_HST, KRB_NT_SRV_XHST, KRB_NT_UID,
- KRB_NT_X500_PRINCIPAL };
- // VALUES needs to be located here, otherwise illegal forward reference
- public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ public String toString()
+ {
+ return name + " (" + ordinal + ")";
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBody.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBody.java
index b062e19..13b3d7b 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBody.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBody.java
@@ -45,9 +45,24 @@
private Ticket[] additionalTickets; //optional
- public RequestBody(KdcOptions kdcOptions, KerberosPrincipal clientPrincipal, KerberosPrincipal serverPrincipal,
+ /**
+ * Creates a new instance of RequestBody.
+ *
+ * @param kdcOptions
+ * @param clientPrincipal
+ * @param serverPrincipal
+ * @param from
+ * @param till
+ * @param rtime
+ * @param nonce
+ * @param eType
+ * @param addresses
+ * @param encAuthorizationData
+ * @param additionalTickets
+ */
+ public RequestBody( KdcOptions kdcOptions, KerberosPrincipal clientPrincipal, KerberosPrincipal serverPrincipal,
KerberosTime from, KerberosTime till, KerberosTime rtime, int nonce, EncryptionType[] eType,
- HostAddresses addresses, EncryptedData encAuthorizationData, Ticket[] additionalTickets)
+ HostAddresses addresses, EncryptedData encAuthorizationData, Ticket[] additionalTickets )
{
this.kdcOptions = kdcOptions;
this.clientPrincipal = clientPrincipal;
@@ -63,66 +78,121 @@
}
+ /**
+ * Returns the additional {@link Ticket}s.
+ *
+ * @return The additional {@link Ticket}s.
+ */
public Ticket[] getAdditionalTickets()
{
return additionalTickets;
}
+ /**
+ * Returns the {@link HostAddresses}.
+ *
+ * @return The {@link HostAddresses}.
+ */
public HostAddresses getAddresses()
{
return addresses;
}
+ /**
+ * Returns the client {@link KerberosPrincipal}.
+ *
+ * @return The client {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getClientPrincipal()
{
return clientPrincipal;
}
+ /**
+ * Returns the server {@link KerberosPrincipal}.
+ *
+ * @return The server {@link KerberosPrincipal}.
+ */
public KerberosPrincipal getServerPrincipal()
{
return serverPrincipal;
}
+ /**
+ * Returns the encrypted {@link AuthorizationData} as {@link EncryptedData}.
+ *
+ * @return The encrypted {@link AuthorizationData} as {@link EncryptedData}.
+ */
public EncryptedData getEncAuthorizationData()
{
return encAuthorizationData;
}
+ /**
+ * Returns the requested {@link EncryptionType}s.
+ *
+ * @return The requested {@link EncryptionType}s.
+ */
public EncryptionType[] getEType()
{
return eType;
}
+ /**
+ * Returns the from {@link KerberosTime}.
+ *
+ * @return The from {@link KerberosTime}.
+ */
public KerberosTime getFrom()
{
return from;
}
+ /**
+ * Returns the {@link KdcOptions}.
+ *
+ * @return The {@link KdcOptions}.
+ */
public KdcOptions getKdcOptions()
{
return kdcOptions;
}
+ /**
+ * Returns the nonce.
+ *
+ * @return The nonce.
+ */
public int getNonce()
{
return nonce;
}
+ /**
+ * Returns the "R" {@link KerberosTime}.
+ *
+ * @return The "R" {@link KerberosTime}.
+ */
public KerberosTime getRtime()
{
return rtime;
}
+ /**
+ * Returns the till {@link KerberosTime}.
+ *
+ * @return The till {@link KerberosTime}.
+ */
public KerberosTime getTill()
{
return till;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBodyModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBodyModifier.java
index a749d3d..ee20da1 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBodyModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/RequestBodyModifier.java
@@ -45,6 +45,11 @@
private Ticket[] additionalTickets; //optional
+ /**
+ * Returns the {@link RequestBody}.
+ *
+ * @return The {@link RequestBody}.
+ */
public RequestBody getRequestBody()
{
KerberosPrincipal clientPrincipal = clientModifier.getKerberosPrincipal();
@@ -55,18 +60,33 @@
}
+ /**
+ * Sets the client {@link PrincipalName}.
+ *
+ * @param clientName
+ */
public void setClientName( PrincipalName clientName )
{
clientModifier.setPrincipalName( clientName );
}
+ /**
+ * Sets the server {@link PrincipalName}.
+ *
+ * @param serverName
+ */
public void setServerName( PrincipalName serverName )
{
serverModifier.setPrincipalName( serverName );
}
+ /**
+ * Sets the realm.
+ *
+ * @param realm
+ */
public void setRealm( String realm )
{
clientModifier.setRealm( realm );
@@ -74,54 +94,99 @@
}
+ /**
+ * Sets additional {@link Ticket}s.
+ *
+ * @param tickets
+ */
public void setAdditionalTickets( Ticket[] tickets )
{
additionalTickets = tickets;
}
+ /**
+ * Sets the {@link HostAddresses}.
+ *
+ * @param addresses
+ */
public void setAddresses( HostAddresses addresses )
{
this.addresses = addresses;
}
+ /**
+ * Sets the encrypted authorization data.
+ *
+ * @param authorizationData
+ */
public void setEncAuthorizationData( EncryptedData authorizationData )
{
encAuthorizationData = authorizationData;
}
+ /**
+ * Sets the requested {@link EncryptionType}s.
+ *
+ * @param type
+ */
public void setEType( EncryptionType[] type )
{
eType = type;
}
+ /**
+ * Sets the from {@link KerberosTime}.
+ *
+ * @param from
+ */
public void setFrom( KerberosTime from )
{
this.from = from;
}
+ /**
+ * Sets the {@link KdcOptions}.
+ *
+ * @param options
+ */
public void setKdcOptions( KdcOptions options )
{
kdcOptions = options;
}
+ /**
+ * Sets the nonce.
+ *
+ * @param nonce
+ */
public void setNonce( int nonce )
{
this.nonce = nonce;
}
+ /**
+ * Sets the "R" {@link KerberosTime}.
+ *
+ * @param rtime
+ */
public void setRtime( KerberosTime rtime )
{
this.rtime = rtime;
}
+ /**
+ * Sets the till {@link KerberosTime}.
+ *
+ * @param till
+ */
public void setTill( KerberosTime till )
{
this.till = till;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TicketFlags.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TicketFlags.java
index 26d797e..4e178cc 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TicketFlags.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TicketFlags.java
@@ -26,36 +26,78 @@
*/
public class TicketFlags extends Options
{
- // Ticket flag - reserved
+ /**
+ * Ticket flag - reserved
+ */
public static final int RESERVED = 0;
- // Ticket flag - forwardable
+
+ /**
+ * Ticket flag - forwardable
+ */
public static final int FORWARDABLE = 1;
- // Ticket flag - forwarded
+
+ /**
+ * Ticket flag - forwarded
+ */
public static final int FORWARDED = 2;
- // Ticket flag - proxiable
+
+ /**
+ * Ticket flag - proxiable
+ */
public static final int PROXIABLE = 3;
- // Ticket flag - proxy
+
+ /**
+ * Ticket flag - proxy
+ */
public static final int PROXY = 4;
- // Ticket flag - may be postdated
+
+ /**
+ * Ticket flag - may be postdated
+ */
public static final int MAY_POSTDATE = 5;
- // Ticket flag - postdated
+
+ /**
+ * Ticket flag - postdated
+ */
public static final int POSTDATED = 6;
- // Ticket flag - invalid
+ /**
+ * Ticket flag - invalid
+ */
public static final int INVALID = 7;
- // Ticket flag - renewable
+
+ /**
+ * Ticket flag - renewable
+ */
public static final int RENEWABLE = 8;
- // Ticket flag - initial
+
+ /**
+ * Ticket flag - initial
+ */
public static final int INITIAL = 9;
- // Ticket flag - pre-authentication
+
+ /**
+ * Ticket flag - pre-authentication
+ */
public static final int PRE_AUTHENT = 10;
- // Ticket flag - hardware authentication
+
+ /**
+ * Ticket flag - hardware authentication
+ */
public static final int HW_AUTHENT = 11;
- // Ticket flag - transitedEncoding policy checked
+
+ /**
+ * Ticket flag - transitedEncoding policy checked
+ */
public static final int TRANSITED_POLICY_CHECKED = 12;
- // Ticket flag - OK as delegate
+
+ /**
+ * Ticket flag - OK as delegate
+ */
public static final int OK_AS_DELEGATE = 13;
- // Ticket flag - maximum value
+ /**
+ * Ticket flag - maximum value
+ */
public static final int MAX_VALUE = 32;
@@ -68,7 +110,12 @@
}
- public TicketFlags(byte[] options)
+ /**
+ * Creates a new instance of TicketFlags.
+ *
+ * @param options
+ */
+ public TicketFlags( byte[] options )
{
super( MAX_VALUE );
setBytes( options );
@@ -76,7 +123,7 @@
/**
- * Converts the object to a printable string
+ * Converts the object to a printable string.
*/
public String toString()
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncoding.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncoding.java
index bac5c73..c332e23 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncoding.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncoding.java
@@ -30,6 +30,9 @@
private byte[] contents;
+ /**
+ * Creates a new instance of TransitedEncoding.
+ */
public TransitedEncoding()
{
type = TransitedEncodingType.NULL;
@@ -37,19 +40,35 @@
}
- public TransitedEncoding(TransitedEncodingType type, byte[] contents)
+ /**
+ * Creates a new instance of TransitedEncoding.
+ *
+ * @param type
+ * @param contents
+ */
+ public TransitedEncoding( TransitedEncodingType type, byte[] contents )
{
this.type = type;
this.contents = contents;
}
+ /**
+ * Returns the contents.
+ *
+ * @return The contents.
+ */
public byte[] getContents()
{
return contents;
}
+ /**
+ * Returns the {@link TransitedEncodingType}.
+ *
+ * @return The {@link TransitedEncodingType}.
+ */
public TransitedEncodingType getType()
{
return type;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncodingType.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncodingType.java
index 43294a2..efadf62 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncodingType.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/TransitedEncodingType.java
@@ -32,26 +32,54 @@
public final class TransitedEncodingType implements Comparable
{
/**
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ * Constant for the "null" transited encoding type.
*/
public static final TransitedEncodingType NULL = new TransitedEncodingType( 0, "null" );
+
+ /**
+ * Constant for the "Domain X500 compress" transited encoding type.
+ */
public static final TransitedEncodingType DOMAIN_X500_COMPRESS = new TransitedEncodingType( 1,
"Domain X500 compress" );
+ /**
+ * Array for building a List of VALUES.
+ */
+ private static final TransitedEncodingType[] values =
+ { NULL, DOMAIN_X500_COMPRESS };
- public String toString()
+ /**
+ * A List of all the transited encoding type constants.
+ */
+ public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ /**
+ * The name of the transited encoding type.
+ */
+ private final String name;
+
+ /**
+ * The value/code for the transited encoding type.
+ */
+ private final int ordinal;
+
+
+ /**
+ * Private constructor prevents construction outside of this class.
+ */
+ private TransitedEncodingType( int ordinal, String name )
{
- return name + " (" + ordinal + ")";
+ this.ordinal = ordinal;
+ this.name = name;
}
- public int compareTo( Object that )
- {
- return ordinal - ( ( TransitedEncodingType ) that ).ordinal;
- }
-
-
+ /**
+ * Returns the transited encoding type when specified by its ordinal.
+ *
+ * @param type
+ * @return The transited encoding type.
+ */
public static TransitedEncodingType getTypeByOrdinal( int type )
{
for ( int ii = 0; ii < values.length; ii++ )
@@ -66,30 +94,25 @@
}
+ /**
+ * Returns the number associated with this transited encoding type.
+ *
+ * @return The transited encoding type ordinal.
+ */
public int getOrdinal()
{
return ordinal;
}
- /// PRIVATE /////
- private final String name;
- private final int ordinal;
-
- /**
- * Private constructor prevents construction outside of this class.
- */
- private TransitedEncodingType(int ordinal, String name)
+ public int compareTo( Object that )
{
- this.ordinal = ordinal;
- this.name = name;
+ return ordinal - ( ( TransitedEncodingType ) that ).ordinal;
}
- /**
- * These two lines are all that's necessary to export a List of VALUES.
- */
- private static final TransitedEncodingType[] values =
- { NULL, DOMAIN_X500_COMPRESS };
- // VALUES needs to be located here, otherwise illegal forward reference
- public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
+
+ public String toString()
+ {
+ return name + " (" + ordinal + ")";
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/replay/InMemoryReplayCache.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/replay/InMemoryReplayCache.java
index 2a51c99..d487db4 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/replay/InMemoryReplayCache.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/replay/InMemoryReplayCache.java
@@ -38,7 +38,7 @@
{
private static final long TWO_WEEKS = 1000 * 60 * 60 * 24 * 14;
- private List list = new ArrayList();
+ private List<ReplayCacheEntry> list = new ArrayList<ReplayCacheEntry>();
public synchronized boolean isReplay( KerberosTime clientTime, KerberosPrincipal clientPrincipal )
@@ -90,19 +90,38 @@
private KerberosPrincipal clientPrincipal;
- public ReplayCacheEntry(KerberosTime time, KerberosPrincipal principal)
+ /**
+ * Creates a new instance of ReplayCacheEntry.
+ *
+ * @param time
+ * @param principal
+ */
+ public ReplayCacheEntry( KerberosTime time, KerberosPrincipal principal )
{
clientTime = time;
clientPrincipal = principal;
}
+ /**
+ * Returns whether this {@link ReplayCacheEntry} is equal another {@link ReplayCacheEntry}.
+ * {@link ReplayCacheEntry}'s are equal when the client time and the client principal are equal.
+ *
+ * @param other
+ * @return true if the ReplayCacheEntry's are equal.
+ */
public boolean equals( ReplayCacheEntry other )
{
return clientTime.equals( other.clientTime ) && clientPrincipal.equals( other.clientPrincipal );
}
+ /**
+ * Return whether this {@link ReplayCacheEntry} is older than a given time.
+ *
+ * @param time
+ * @return true if the {@link ReplayCacheEntry} is older.
+ */
public boolean olderThan( KerberosTime time )
{
return time.greaterThan( clientTime );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/replay/ReplayCache.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/replay/ReplayCache.java
index a37a999..51ec0a0 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/replay/ReplayCache.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/replay/ReplayCache.java
@@ -31,8 +31,21 @@
*/
public interface ReplayCache
{
+ /**
+ * Returns whether a request is a replay, based on the client time and client principal.
+ *
+ * @param clientTime
+ * @param clientPrincipal
+ * @return true if the request is a replay.
+ */
boolean isReplay( KerberosTime clientTime, KerberosPrincipal clientPrincipal );
+ /**
+ * Saves the client time and client principal to the replay cache.
+ *
+ * @param clientTime
+ * @param clientPrincipal
+ */
void save( KerberosTime clientTime, KerberosPrincipal clientPrincipal );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/DesStringToKey.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/DesStringToKey.java
deleted file mode 100644
index 4a65b7d..0000000
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/DesStringToKey.java
+++ /dev/null
@@ -1,235 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.kerberos.shared.service;
-
-
-import java.io.UnsupportedEncodingException;
-
-import org.apache.mina.handler.chain.IoHandlerCommand;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.params.DESParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-
-/**
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public abstract class DesStringToKey implements IoHandlerCommand
-{
- private String contextKey = "context";
-
- public byte[] getKey( String passPhrase )
- {
- return generateKey( passPhrase );
- }
-
-
- // This is the concatenation order as designated in RFC 1510
- public byte[] getKey( String password, String realmName, String userName )
- {
- return generateKey( password + realmName + userName );
- }
-
-
- public String getContextKey()
- {
- return ( this.contextKey );
- }
-
-
- private byte[] generateKey( String passPhrase )
- {
- byte encodedByteArray[] = characterEncodeString( passPhrase );
-
- byte paddedByteArray[] = padString( encodedByteArray );
-
- byte secretKey[] = fanFold( paddedByteArray );
-
- DESParameters.setOddParity( secretKey );
-
- if ( DESParameters.isWeakKey( secretKey, 0 ) )
- {
- secretKey = getStrongKey( secretKey );
- }
-
- secretKey = encryptSecretKey( paddedByteArray, secretKey );
-
- DESParameters.setOddParity( secretKey );
-
- if ( DESParameters.isWeakKey( secretKey, 0 ) )
- {
- secretKey = getStrongKey( secretKey );
- }
-
- return secretKey;
- }
-
-
- private byte[] fanFold( byte[] paddedByteArray )
- {
- byte secretKey[] = new byte[8];
-
- int div = paddedByteArray.length / 8;
-
- for ( int ii = 0; ii < div; ii++ )
- {
- byte blockValue1[] = new byte[8];
- System.arraycopy( paddedByteArray, ii * 8, blockValue1, 0, 8 );
-
- if ( ii % 2 == 1 )
- {
- byte tempbyte1 = 0;
- byte tempbyte2 = 0;
- byte blockValue2[] = new byte[8];
-
- for ( int jj = 0; jj < 8; jj++ )
- {
- tempbyte2 = 0;
-
- for ( int kk = 0; kk < 4; kk++ )
- {
- tempbyte2 = ( byte ) ( ( 1 << ( 7 - kk ) ) & 0xff );
- tempbyte1 |= ( blockValue1[jj] & tempbyte2 ) >>> ( 7 - 2 * kk );
- tempbyte2 = 0;
- }
-
- for ( int kk = 4; kk < 8; kk++ )
- {
- tempbyte2 = ( byte ) ( ( 1 << ( 7 - kk ) ) & 0xff );
- tempbyte1 |= ( blockValue1[jj] & tempbyte2 ) << ( 2 * kk - 7 );
- tempbyte2 = 0;
- }
-
- blockValue2[7 - jj] = tempbyte1;
- tempbyte1 = 0;
- }
-
- for ( int jj = 0; jj < 8; jj++ )
- {
- blockValue2[jj] = ( byte ) ( ( ( blockValue2[jj] & 0xff ) >>> 1 ) & 0xff );
- }
-
- System.arraycopy( blockValue2, 0, blockValue1, 0, blockValue2.length );
- }
-
- for ( int jj = 0; jj < 8; jj++ )
- {
- blockValue1[jj] = ( byte ) ( ( ( blockValue1[jj] & 0xff ) << 1 ) & 0xff );
- }
-
- // ... eXclusive-ORed with itself to form an 8-byte DES key
- for ( int jj = 0; jj < 8; jj++ )
- {
- secretKey[jj] ^= blockValue1[jj];
- }
- }
-
- return secretKey;
- }
-
-
- // TODO - Re-evaluate when DES3 keys are supported. This is duplicated
- // with parts of EncryptionEngine, but makes this class standalone.
- private byte[] encryptSecretKey( byte data[], byte key[] )
- {
- CBCBlockCipher cipher = new CBCBlockCipher( new DESEngine() );
- KeyParameter kp = new KeyParameter( key );
- ParametersWithIV iv;
-
- iv = new ParametersWithIV( kp, key );
- cipher.init( true, iv );
-
- byte encKey[] = new byte[data.length];
- byte ivBytes[] = new byte[8];
-
- for ( int ii = 0; ii < data.length / 8; ii++ )
- {
- cipher.processBlock( data, ii * 8, encKey, ii * 8 );
- System.arraycopy( encKey, ii * 8, ivBytes, 0, 8 );
- iv = new ParametersWithIV( kp, ivBytes );
- cipher.init( true, iv );
- }
-
- return ivBytes;
- }
-
-
- // Corrects the weak key by exclusive OR with 0xF0 constant.
- private byte[] getStrongKey( byte keyValue[] )
- {
- keyValue[7] ^= 0xf0;
-
- return keyValue;
- }
-
-
- // Encodes string with ISO-Latin encoding
- private byte[] characterEncodeString( String str )
- {
- byte encodedByteArray[] = new byte[str.length()];
-
- try
- {
- encodedByteArray = str.getBytes( "8859_1" );
- }
- catch ( UnsupportedEncodingException ue )
- {
- }
-
- return encodedByteArray;
- }
-
-
- // Add padding to make an exact multiple of 8.
- // TODO - Re-evaluate when DES3 keys are supported. This is duplicated
- // with parts of EncryptionEngine, but makes this class standalone.
- private byte[] padString( byte encodedString[] )
- {
- int length;
-
- if ( encodedString.length < 8 )
- {
- length = encodedString.length;
- }
- else
- {
- length = encodedString.length % 8;
- }
-
- if ( length == 0 )
- {
- return encodedString;
- }
-
- byte paddedByteArray[] = new byte[( 8 - length ) + encodedString.length];
-
- for ( int ii = paddedByteArray.length - 1; ii > encodedString.length - 1; ii-- )
- {
- paddedByteArray[ii] = 0;
- }
-
- System.arraycopy( encodedString, 0, paddedByteArray, 0, encodedString.length );
-
- return paddedByteArray;
- }
-}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/GetPrincipalStoreEntry.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/GetPrincipalStoreEntry.java
index 577ddb3..9a47117 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/GetPrincipalStoreEntry.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/GetPrincipalStoreEntry.java
@@ -37,6 +37,17 @@
{
private String contextKey = "context";
+
+ /**
+ * Get a PrincipalStoreEntry given a principal. The ErrorType is used to indicate
+ * whether any resulting error pertains to a server or client.
+ *
+ * @param principal
+ * @param store
+ * @param errorType
+ * @return The PrincipalStoreEntry
+ * @throws Exception
+ */
public PrincipalStoreEntry getEntry( KerberosPrincipal principal, PrincipalStore store, ErrorType errorType )
throws Exception
{
@@ -51,7 +62,7 @@
throw new KerberosException( errorType );
}
- if ( entry == null || entry.getEncryptionKey() == null )
+ if ( entry == null || entry.getKeyMap().isEmpty() )
{
throw new KerberosException( errorType );
}
@@ -60,7 +71,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
index 5d7eece..f170d65 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
@@ -22,6 +22,8 @@
import java.net.InetAddress;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
@@ -48,10 +50,25 @@
{
private String contextKey = "context";
- // RFC 1510 A.10. KRB_AP_REQ verification
+
+ /**
+ * Verifies an AuthHeader using guidelines from RFC 1510 section A.10., "KRB_AP_REQ verification."
+ *
+ * @param authHeader
+ * @param ticket
+ * @param serverKey
+ * @param clockSkew
+ * @param replayCache
+ * @param emptyAddressesAllowed
+ * @param clientAddress
+ * @param lockBox
+ * @param authenticatorKeyUsage
+ * @return The authenticator.
+ * @throws KerberosException
+ */
public Authenticator verifyAuthHeader( ApplicationRequest authHeader, Ticket ticket, EncryptionKey serverKey,
long clockSkew, ReplayCache replayCache, boolean emptyAddressesAllowed, InetAddress clientAddress,
- LockBox lockBox ) throws KerberosException
+ CipherTextHandler lockBox, KeyUsage authenticatorKeyUsage ) throws KerberosException
{
if ( authHeader.getProtocolVersionNumber() != 5 )
{
@@ -90,11 +107,12 @@
throw new KerberosException( ErrorType.KRB_AP_ERR_NOKEY );
}
- EncTicketPart encPart = ( EncTicketPart ) lockBox.unseal( EncTicketPart.class, ticketKey, ticket.getEncPart() );
+ EncTicketPart encPart = ( EncTicketPart ) lockBox.unseal( EncTicketPart.class, ticketKey, ticket.getEncPart(),
+ KeyUsage.NUMBER2 );
ticket.setEncTicketPart( encPart );
Authenticator authenticator = ( Authenticator ) lockBox.unseal( Authenticator.class, ticket.getSessionKey(),
- authHeader.getEncPart() );
+ authHeader.getEncPart(), authenticatorKeyUsage );
if ( !authenticator.getClientPrincipal().getName().equals( ticket.getClientPrincipal().getName() ) )
{
@@ -147,7 +165,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyTicket.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyTicket.java
index acb78c2..50ae9d1 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyTicket.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyTicket.java
@@ -38,6 +38,15 @@
{
private String contextKey = "context";
+
+ /**
+ * Verifies a Ticket given a realm and the server principal.
+ *
+ * @param ticket
+ * @param primaryRealm
+ * @param serverPrincipal
+ * @throws Exception
+ */
public void verifyTicket( Ticket ticket, String primaryRealm, KerberosPrincipal serverPrincipal ) throws Exception
{
if ( !ticket.getRealm().equals( primaryRealm ) && !ticket.getServerPrincipal().equals( serverPrincipal ) )
@@ -47,7 +56,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/JndiPrincipalStoreImpl.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/JndiPrincipalStoreImpl.java
index aeafa4e..6327f88 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/JndiPrincipalStoreImpl.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/JndiPrincipalStoreImpl.java
@@ -21,7 +21,6 @@
import javax.naming.spi.InitialContextFactory;
-import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.protocol.shared.ServiceConfiguration;
@@ -47,7 +46,13 @@
private PrincipalStore store;
- public JndiPrincipalStoreImpl(ServiceConfiguration config, InitialContextFactory factory)
+ /**
+ * Creates a new instance of JndiPrincipalStoreImpl.
+ *
+ * @param config
+ * @param factory
+ */
+ public JndiPrincipalStoreImpl( ServiceConfiguration config, InitialContextFactory factory )
{
this.config = config;
this.factory = factory;
@@ -80,9 +85,9 @@
}
- public String changePassword( KerberosPrincipal principal, KerberosKey newKey ) throws Exception
+ public String changePassword( KerberosPrincipal principal, String newPassword ) throws Exception
{
- return store.changePassword( principal, newKey );
+ return store.changePassword( principal, newPassword );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/KerberosCatalog.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/KerberosCatalog.java
index 3311a4f..5e1d3b6 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/KerberosCatalog.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/KerberosCatalog.java
@@ -37,7 +37,12 @@
private Map map;
- public KerberosCatalog(Map map)
+ /**
+ * Creates a new instance of KerberosCatalog.
+ *
+ * @param map
+ */
+ public KerberosCatalog( Map map )
{
this.map = map;
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/MultiBaseSearch.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/MultiBaseSearch.java
index 555bf1f..303731f 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/MultiBaseSearch.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/MultiBaseSearch.java
@@ -28,7 +28,6 @@
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.spi.InitialContextFactory;
-import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.core.configuration.ConfigurationException;
@@ -54,16 +53,16 @@
class MultiBaseSearch implements PrincipalStore
{
private InitialContextFactory factory;
- private Hashtable env;
+ private Hashtable<String, Object> env;
private Catalog catalog;
- MultiBaseSearch(ServiceConfiguration config, InitialContextFactory factory)
+ MultiBaseSearch( ServiceConfiguration config, InitialContextFactory factory )
{
this.factory = factory;
- env = new Hashtable( config.toJndiEnvironment() );
+ env = new Hashtable<String, Object>( config.toJndiEnvironment() );
env.put( Context.INITIAL_CONTEXT_FACTORY, config.getInitialContextFactory() );
env.put( Context.PROVIDER_URL, config.getCatalogBaseDn() );
@@ -148,14 +147,14 @@
}
- public String changePassword( KerberosPrincipal principal, KerberosKey newKey ) throws Exception
+ public String changePassword( KerberosPrincipal principal, String newPassword ) throws Exception
{
env.put( Context.PROVIDER_URL, catalog.getBaseDn( principal.getRealm() ) );
try
{
DirContext ctx = ( DirContext ) factory.getInitialContext( env );
- return ( String ) execute( ctx, new ChangePassword( principal, newKey ) );
+ return ( String ) execute( ctx, new ChangePassword( principal, newPassword ) );
}
catch ( NamingException ne )
{
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStore.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStore.java
index 4308a99..10d1056 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStore.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStore.java
@@ -20,7 +20,6 @@
package org.apache.directory.server.kerberos.shared.store;
-import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
@@ -32,17 +31,53 @@
*/
public interface PrincipalStore
{
+ /**
+ * Add a principal.
+ *
+ * @param entry
+ * @return The name of the principal being added.
+ * @throws Exception
+ */
public String addPrincipal( PrincipalStoreEntry entry ) throws Exception;
- public String changePassword( KerberosPrincipal principal, KerberosKey newKey ) throws Exception;
+ /**
+ * Change a principal's password.
+ *
+ * @param principal
+ * @param newPassword
+ * @return The name of the principal whose password is being changed.
+ * @throws Exception
+ */
+ public String changePassword( KerberosPrincipal principal, String newPassword ) throws Exception;
+ /**
+ * Delete a principal.
+ *
+ * @param principal
+ * @return The name of the principal being deleted.
+ * @throws Exception
+ */
public String deletePrincipal( KerberosPrincipal principal ) throws Exception;
+ /**
+ * Get all principals for a given realm.
+ *
+ * @param realm
+ * @return An array of {@link PrincipalStoreEntry}'s.
+ * @throws Exception
+ */
public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception;
+ /**
+ * Get a {@link PrincipalStoreEntry} given a Kerberos principal.
+ *
+ * @param principal
+ * @return The {@link PrincipalStoreEntry} for the given Kerberos principal.
+ * @throws Exception
+ */
public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception;
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntry.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntry.java
index 3623d6b..4856b70 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntry.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntry.java
@@ -20,6 +20,8 @@
package org.apache.directory.server.kerberos.shared.store;
+import java.util.Map;
+
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
@@ -50,16 +52,18 @@
private int maxRenew;
private int kdcFlags;
private SamType samType;
- private EncryptionKey key;
+
private boolean disabled;
private boolean lockedOut;
private KerberosTime expiration;
+ private Map<EncryptionType, EncryptionKey> keyMap;
- PrincipalStoreEntry(String commonName, String userId, KerberosPrincipal principal, int keyVersionNumber,
+
+ PrincipalStoreEntry( String commonName, String userId, KerberosPrincipal principal, int keyVersionNumber,
KerberosTime validStart, KerberosTime validEnd, KerberosTime passwordEnd, int maxLife, int maxRenew,
- int kdcFlags, int keyType, byte[] key, String realmName, SamType samType, boolean disabled,
- boolean lockedOut, KerberosTime expiration )
+ int kdcFlags, int keyType, Map<EncryptionType, EncryptionKey> keyMap, String realmName, SamType samType,
+ boolean disabled, boolean lockedOut, KerberosTime expiration )
{
this.commonName = commonName;
this.userId = userId;
@@ -75,94 +79,169 @@
this.lockedOut = lockedOut;
this.expiration = expiration;
this.samType = samType;
- this.key = new EncryptionKey( EncryptionType.getTypeByOrdinal( keyType ), key, keyVersionNumber );
+ this.keyMap = keyMap;
}
-
+
+ /**
+ * Returns whether this account is disabled.
+ *
+ * @return Whether this account is disabled.
+ */
public boolean isDisabled()
{
return disabled;
}
-
-
+
+
+ /**
+ * Returns whether this account is locked-out.
+ *
+ * @return Whether this account is locked-out.
+ */
public boolean isLockedOut()
{
return lockedOut;
}
-
-
+
+
+ /**
+ * Returns the expiration time.
+ *
+ * @return The expiration time.
+ */
public KerberosTime getExpiration()
{
return expiration;
}
-
+
+ /**
+ * Returns the common name.
+ *
+ * @return The common name.
+ */
public String getCommonName()
{
return commonName;
}
+ /**
+ * Returns the user ID.
+ *
+ * @return The user ID.
+ */
public String getUserId()
{
return userId;
}
- public EncryptionKey getEncryptionKey()
+ /**
+ * Returns the key map.
+ *
+ * @return The key map.
+ */
+ public Map<EncryptionType, EncryptionKey> getKeyMap()
{
- return key;
+ return keyMap;
}
+ /**
+ * Returns the KDC flags.
+ *
+ * @return The KDC flags.
+ */
public int getKDCFlags()
{
return kdcFlags;
}
+ /**
+ * Returns the max life.
+ *
+ * @return The max life.
+ */
public int getMaxLife()
{
return maxLife;
}
+ /**
+ * Returns the maximum renew time.
+ *
+ * @return The maximum renew time.
+ */
public int getMaxRenew()
{
return maxRenew;
}
+ /**
+ * Returns the expiration time for the password.
+ *
+ * @return The expiration time for the password.
+ */
public KerberosTime getPasswordEnd()
{
return passwordEnd;
}
+ /**
+ * Returns the principal.
+ *
+ * @return The principal.
+ */
public KerberosPrincipal getPrincipal()
{
return principal;
}
+ /**
+ * Returns the realm name.
+ *
+ * @return The realm name.
+ */
public String getRealmName()
{
return realmName;
}
+ /**
+ * Returns the end of validity.
+ *
+ * @return The end of validity.
+ */
public KerberosTime getValidEnd()
{
return validEnd;
}
+ /**
+ * Returns the start of validity.
+ *
+ * @return The start of validity.
+ */
public KerberosTime getValidStart()
{
return validStart;
}
+ /**
+ * Returns the single-use authentication (SAM) type.
+ *
+ * @return The single-use authentication (SAM) type.
+ */
public SamType getSamType()
{
return samType;
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
index b1955c1..2bd6386 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/PrincipalStoreEntryModifier.java
@@ -20,8 +20,17 @@
package org.apache.directory.server.kerberos.shared.store;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.io.decoder.EncryptionKeyDecoder;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
@@ -52,118 +61,242 @@
private int kdcFlags;
private int encryptionType;
private SamType samType;
- private byte[] key;
+
private boolean disabled = false;
private boolean lockedOut = false;
private KerberosTime expiration = KerberosTime.INFINITY;
+ private Map<EncryptionType, EncryptionKey> keyMap;
+
+ /**
+ * Returns the {@link PrincipalStoreEntry}.
+ *
+ * @return The {@link PrincipalStoreEntry}.
+ */
public PrincipalStoreEntry getEntry()
{
return new PrincipalStoreEntry( commonName, userId, principal, keyVersionNumber, validStart, validEnd,
- passwordEnd, maxLife, maxRenew, kdcFlags, encryptionType, key, realmName, samType,
- disabled, lockedOut, expiration );
+ passwordEnd, maxLife, maxRenew, kdcFlags, encryptionType, keyMap, realmName, samType, disabled, lockedOut,
+ expiration );
}
-
+
+ /**
+ * Sets whether the account is disabled.
+ *
+ * @param disabled
+ */
public void setDisabled( boolean disabled )
{
this.disabled = disabled;
}
-
-
+
+
+ /**
+ * Sets whether the account is locked-out.
+ *
+ * @param lockedOut
+ */
public void setLockedOut( boolean lockedOut )
{
this.lockedOut = lockedOut;
}
-
-
+
+
+ /**
+ * Sets the expiration time.
+ *
+ * @param expiration
+ */
public void setExpiration( KerberosTime expiration )
{
this.expiration = expiration;
}
-
+
+ /**
+ * Sets the common name (cn).
+ *
+ * @param commonName
+ */
public void setCommonName( String commonName )
{
this.commonName = commonName;
}
+ /**
+ * Sets the user ID.
+ *
+ * @param userId
+ */
public void setUserId( String userId )
{
this.userId = userId;
}
+ /**
+ * Sets the encryption type.
+ *
+ * @param encryptionType
+ */
public void setEncryptionType( int encryptionType )
{
this.encryptionType = encryptionType;
}
+ /**
+ * Sets the KDC flags.
+ *
+ * @param kdcFlags
+ */
public void setKDCFlags( int kdcFlags )
{
this.kdcFlags = kdcFlags;
}
- public void setKey( byte[] key )
+ /**
+ * Sets the key map.
+ *
+ * @param keyMap
+ */
+ public void setKeyMap( Map<EncryptionType, EncryptionKey> keyMap )
{
- this.key = key;
+ this.keyMap = keyMap;
}
+ /**
+ * Sets the key version number.
+ *
+ * @param keyVersionNumber
+ */
public void setKeyVersionNumber( int keyVersionNumber )
{
this.keyVersionNumber = keyVersionNumber;
}
+ /**
+ * Sets the ticket maximum life time.
+ *
+ * @param maxLife
+ */
public void setMaxLife( int maxLife )
{
this.maxLife = maxLife;
}
+ /**
+ * Sets the ticket maximum renew time.
+ *
+ * @param maxRenew
+ */
public void setMaxRenew( int maxRenew )
{
this.maxRenew = maxRenew;
}
+ /**
+ * Sets the end-of-life for the password.
+ *
+ * @param passwordEnd
+ */
public void setPasswordEnd( KerberosTime passwordEnd )
{
this.passwordEnd = passwordEnd;
}
+ /**
+ * Sets the principal.
+ *
+ * @param principal
+ */
public void setPrincipal( KerberosPrincipal principal )
{
this.principal = principal;
}
+ /**
+ * Sets the realm.
+ *
+ * @param realmName
+ */
public void setRealmName( String realmName )
{
this.realmName = realmName;
}
+ /**
+ * Sets the end of validity.
+ *
+ * @param validEnd
+ */
public void setValidEnd( KerberosTime validEnd )
{
this.validEnd = validEnd;
}
+ /**
+ * Sets the start of validity.
+ *
+ * @param validStart
+ */
public void setValidStart( KerberosTime validStart )
{
this.validStart = validStart;
}
+ /**
+ * Sets the single-use authentication (SAM) type.
+ *
+ * @param samType
+ */
public void setSamType( SamType samType )
{
this.samType = samType;
}
+
+
+ /**
+ * Converts the ASN.1 encoded key set to a map of encryption types to encryption keys.
+ *
+ * @param krb5key
+ * @return The map of encryption types to encryption keys.
+ * @throws NamingException
+ * @throws IOException
+ */
+ public Map<EncryptionType, EncryptionKey> reconstituteKeyMap( Attribute krb5key ) throws NamingException,
+ IOException
+ {
+ Map<EncryptionType, EncryptionKey> map = new HashMap<EncryptionType, EncryptionKey>();
+
+ for ( int ii = 0; ii < krb5key.size(); ii++ )
+ {
+ Object key = krb5key.get( ii );
+
+ if ( key instanceof String )
+ {
+ throw new NamingException(
+ "JNDI should not return a string for the Kerberos key: JNDI property java.naming.ldap.attributes.binary must include the krb5key attribute." );
+ }
+
+ byte[] encryptionKeyBytes = ( byte[] ) key;
+ EncryptionKey encryptionKey = EncryptionKeyDecoder.decode( encryptionKeyBytes );
+ map.put( encryptionKey.getKeyType(), encryptionKey );
+ }
+
+ return map;
+ }
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/SingleBaseSearch.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/SingleBaseSearch.java
index bf11ca7..3f67370 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/SingleBaseSearch.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/SingleBaseSearch.java
@@ -27,7 +27,6 @@
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.spi.InitialContextFactory;
-import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.core.configuration.ConfigurationException;
@@ -91,9 +90,9 @@
}
- public String changePassword( KerberosPrincipal principal, KerberosKey newKey ) throws Exception
+ public String changePassword( KerberosPrincipal principal, String newPassword ) throws Exception
{
- return ( String ) execute( new ChangePassword( principal, newKey ) );
+ return ( String ) execute( new ChangePassword( principal, newPassword ) );
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/AddPrincipal.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/AddPrincipal.java
index cb347ff..d010ec2 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/AddPrincipal.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/AddPrincipal.java
@@ -25,10 +25,6 @@
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
-
-// this is a jdk 1.5 dep which would make us 1.4 incompatible
-// reverted to using LdapName for now until a better alt is found
-// import javax.naming.ldap.LdapName;
import javax.naming.spi.DirStateFactory;
import javax.naming.spi.DirStateFactory.Result;
@@ -53,8 +49,10 @@
/**
* Creates the action to be used against the embedded ApacheDS DIT.
+ *
+ * @param entry The {@link PrincipalStoreEntry} to add.
*/
- public AddPrincipal(PrincipalStoreEntry entry)
+ public AddPrincipal( PrincipalStoreEntry entry )
{
this.entry = entry;
}
@@ -84,22 +82,3 @@
return null;
}
}
-
-/*
- dn: uid=akarasulu, ou=Users, dc=example,dc=com
- cn: Alex Karasulu
- sn: Karasulu
- givenname: Alex
- objectclass: top
- objectclass: person
- objectclass: organizationalPerson
- objectclass: inetOrgPerson
- objectclass: krb5Principal
- objectclass: krb5KDCEntry
- ou: Directory
- ou: Users
- uid: akarasulu
- krb5PrincipalName: akarasulu@EXAMPLE.COM
- krb5KeyVersionNumber: 0
- */
-
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.java
index e68f9eb..ac1eb58 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/ChangePassword.java
@@ -30,7 +30,6 @@
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchResult;
-import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
@@ -52,43 +51,41 @@
/** The Kerberos principal who's password is to be changed. */
protected KerberosPrincipal principal;
- /** The new key for the update. */
- protected KerberosKey newKey;
+ /** The new password for the update. */
+ protected String newPassword;
/**
* Creates the action to be used against the embedded ApacheDS DIT.
+ *
+ * @param principal The principal to change the password for.
+ * @param newPassword The password to change.
*/
- public ChangePassword(KerberosPrincipal principal, KerberosKey newKey)
+ public ChangePassword( KerberosPrincipal principal, String newPassword )
{
this.principal = principal;
- this.newKey = newKey;
+ this.newPassword = newPassword;
}
- public Object execute( DirContext ctx, Name searchBaseDn )
+ public Object execute( DirContext ctx, Name searchBaseDn ) throws NamingException
{
if ( principal == null )
{
return null;
}
- ModificationItemImpl[] mods = new ModificationItemImpl[1];
- Attribute newKeyAttribute = new AttributeImpl( "krb5key", newKey.getEncoded() );
- mods[0] = new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, newKeyAttribute );
+ ModificationItemImpl[] mods = new ModificationItemImpl[2];
+ Attribute newPasswordAttribute = new AttributeImpl( "userPassword", newPassword );
+ mods[0] = new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, newPasswordAttribute );
+ Attribute principalAttribute = new AttributeImpl( "krb5PrincipalName", principal.getName() );
+ mods[1] = new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, principalAttribute );
String dn = null;
- try
- {
- dn = search( ctx, principal.getName() );
- Name rdn = getRelativeName( ctx.getNameInNamespace(), dn );
- ctx.modifyAttributes( rdn, mods );
- }
- catch ( NamingException e )
- {
- return null;
- }
+ dn = search( ctx, principal.getName() );
+ Name rdn = getRelativeName( ctx.getNameInNamespace(), dn );
+ ctx.modifyAttributes( rdn, mods );
return dn;
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/DeletePrincipal.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/DeletePrincipal.java
index 310bd28..a534286 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/DeletePrincipal.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/DeletePrincipal.java
@@ -54,8 +54,10 @@
/**
* Creates the action to be used against the embedded ApacheDS DIT.
+ *
+ * @param principal The principal to delete.
*/
- public DeletePrincipal(KerberosPrincipal principal)
+ public DeletePrincipal( KerberosPrincipal principal )
{
this.principal = principal;
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java
index f2759a2..f7779f4 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetAllPrincipals.java
@@ -21,23 +21,30 @@
package org.apache.directory.server.kerberos.shared.store.operations;
+import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
+import java.util.Map;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
+import javax.naming.directory.InvalidAttributeValueException;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntryModifier;
import org.apache.directory.server.protocol.shared.store.ContextOperation;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
/**
@@ -52,11 +59,12 @@
private static final String filter = "(objectClass=krb5Principal)";
+
public Object execute( DirContext ctx, Name searchBaseDn )
{
SearchControls controls = new SearchControls();
- List answers = new ArrayList();
+ List<PrincipalStoreEntry> answers = new ArrayList<PrincipalStoreEntry>();
try
{
@@ -69,7 +77,6 @@
SearchResult result = ( SearchResult ) answer.next();
attrs = result.getAttributes();
PrincipalStoreEntry entry = getEntry( attrs );
- System.out.println( "Result name is " + result.getName() );
answers.add( entry );
}
@@ -103,7 +110,7 @@
String encryptionType = ( String ) attrs.get( KerberosAttribute.TYPE ).get();
String keyVersionNumber = ( String ) attrs.get( KerberosAttribute.VERSION ).get();
- String commonName = ( String ) attrs.get( "cn" ).get();
+ String commonName = ( String ) attrs.get( SchemaConstants.CN_AT ).get();
if ( attrs.get( "apacheSamType" ) != null )
{
@@ -112,13 +119,25 @@
modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) ) );
}
- byte[] keyBytes = ( byte[] ) attrs.get( KerberosAttribute.KEY ).get();
+ if ( attrs.get( KerberosAttribute.KEY ) != null )
+ {
+ Attribute krb5key = attrs.get( KerberosAttribute.KEY );
+ try
+ {
+ Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap( krb5key );
+ modifier.setKeyMap( keyMap );
+ }
+ catch ( IOException ioe )
+ {
+ throw new InvalidAttributeValueException( "Account Kerberos key attribute '" + KerberosAttribute.KEY
+ + "' contained an invalid value for krb5key." );
+ }
+ }
modifier.setCommonName( commonName );
modifier.setPrincipal( new KerberosPrincipal( principal ) );
modifier.setEncryptionType( Integer.parseInt( encryptionType ) );
modifier.setKeyVersionNumber( Integer.parseInt( keyVersionNumber ) );
- modifier.setKey( keyBytes );
return modifier.getEntry();
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
index 8c373ad..848df3d 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/GetPrincipal.java
@@ -20,17 +20,22 @@
package org.apache.directory.server.kerberos.shared.store.operations;
+import java.io.IOException;
import java.text.ParseException;
+import java.util.Map;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InvalidAttributeValueException;
import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
@@ -57,8 +62,10 @@
/**
* Creates the action to be used against the embedded ApacheDS DIT.
+ *
+ * @param principal
*/
- public GetPrincipal(KerberosPrincipal principal)
+ public GetPrincipal( KerberosPrincipal principal )
{
this.principal = principal;
}
@@ -77,7 +84,7 @@
String[] attrIDs =
{ KerberosAttribute.PRINCIPAL, KerberosAttribute.VERSION, KerberosAttribute.TYPE, KerberosAttribute.KEY,
- KerberosAttribute.SAM_TYPE, KerberosAttribute.ACCOUNT_DISABLED,
+ KerberosAttribute.SAM_TYPE, KerberosAttribute.ACCOUNT_DISABLED,
KerberosAttribute.ACCOUNT_EXPIRATION_TIME, KerberosAttribute.ACCOUNT_LOCKEDOUT };
Attributes matchAttrs = new AttributesImpl( true );
@@ -128,28 +135,28 @@
if ( attrs.get( KerberosAttribute.ACCOUNT_DISABLED ) != null )
{
- String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_DISABLED ).get();
+ String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_DISABLED ).get();
modifier.setDisabled( "true".equalsIgnoreCase( val ) );
}
if ( attrs.get( KerberosAttribute.ACCOUNT_LOCKEDOUT ) != null )
{
- String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_LOCKEDOUT ).get();
+ String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_LOCKEDOUT ).get();
modifier.setLockedOut( "true".equalsIgnoreCase( val ) );
}
-
+
if ( attrs.get( KerberosAttribute.ACCOUNT_EXPIRATION_TIME ) != null )
{
- String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_EXPIRATION_TIME ).get();
+ String val = ( String ) attrs.get( KerberosAttribute.ACCOUNT_EXPIRATION_TIME ).get();
try
{
modifier.setExpiration( KerberosTime.getTime( val ) );
}
catch ( ParseException e )
{
- throw new InvalidAttributeValueException( "Account expiration attribute " +
- KerberosAttribute.ACCOUNT_EXPIRATION_TIME
- + " contained an invalid value for generalizedTime: " + val );
+ throw new InvalidAttributeValueException( "Account expiration attribute "
+ + KerberosAttribute.ACCOUNT_EXPIRATION_TIME + " contained an invalid value for generalizedTime: "
+ + val );
}
}
@@ -159,22 +166,24 @@
modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) ) );
}
- Object key = attrs.get( KerberosAttribute.KEY ).get();
- byte[] keyBytes = null;
-
- if ( key instanceof String )
+ if ( attrs.get( KerberosAttribute.KEY ) != null )
{
- String msg = "JNDI should not return a string for the kerberos key: JNDI property java.naming.ldap.attributes.binary must include the krb5key attribute.";
- throw new NamingException( msg );
+ Attribute krb5key = attrs.get( KerberosAttribute.KEY );
+ try
+ {
+ Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap( krb5key );
+ modifier.setKeyMap( keyMap );
+ }
+ catch ( IOException ioe )
+ {
+ throw new InvalidAttributeValueException( "Account Kerberos key attribute '" + KerberosAttribute.KEY
+ + "' contained an invalid value for krb5key." );
+ }
}
- keyBytes = ( byte[] ) key;
- modifier.setKey( keyBytes );
-
modifier.setPrincipal( new KerberosPrincipal( principal ) );
modifier.setEncryptionType( Integer.parseInt( encryptionType ) );
modifier.setKeyVersionNumber( Integer.parseInt( keyVersionNumber ) );
return modifier.getEntry();
}
-
}
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java
index d7fe71f..6ce8905 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalObjectFactory.java
@@ -21,16 +21,23 @@
package org.apache.directory.server.kerberos.shared.store.operations;
+import java.io.IOException;
import java.util.Hashtable;
+import java.util.Map;
import javax.naming.Context;
import javax.naming.Name;
+import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import javax.naming.directory.InvalidAttributeValueException;
import javax.naming.spi.DirObjectFactory;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntryModifier;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
/**
@@ -44,21 +51,35 @@
public Object getObjectInstance( Object obj, Name name, Context nameCtx, Hashtable environment, Attributes attrs )
throws Exception
{
- if ( attrs == null || attrs.get( "objectClass" ) == null
- || !attrs.get( "objectClass" ).contains( "krb5KDCEntry" ) )
+ if ( attrs == null || attrs.get( SchemaConstants.OBJECT_CLASS_AT ) == null
+ || !attrs.get( SchemaConstants.OBJECT_CLASS_AT ).contains( "krb5KDCEntry" ) )
{
return null;
}
PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
- modifier.setUserId( ( String ) attrs.get( "uid" ).get() );
- modifier.setCommonName( ( String ) attrs.get( "cn" ).get() );
+ modifier.setUserId( ( String ) attrs.get( SchemaConstants.UID_AT ).get() );
+ modifier.setCommonName( ( String ) attrs.get( SchemaConstants.CN_AT ).get() );
KerberosPrincipal principal = new KerberosPrincipal( ( String ) attrs.get( KerberosAttribute.PRINCIPAL ).get() );
modifier.setPrincipal( principal );
- modifier.setKey( ( byte[] ) attrs.get( KerberosAttribute.KEY ).get() );
+ if ( attrs.get( KerberosAttribute.KEY ) != null )
+ {
+ Attribute krb5key = attrs.get( KerberosAttribute.KEY );
+ try
+ {
+ Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap( krb5key );
+ modifier.setKeyMap( keyMap );
+ }
+ catch ( IOException ioe )
+ {
+ throw new InvalidAttributeValueException( "Account Kerberos key attribute '" + KerberosAttribute.KEY
+ + "' contained an invalid value for krb5key." );
+ }
+ }
+
modifier.setEncryptionType( Integer.parseInt( ( String ) attrs.get( KerberosAttribute.TYPE ).get() ) );
modifier.setKeyVersionNumber( Integer.parseInt( ( String ) attrs.get( KerberosAttribute.VERSION ).get() ) );
diff --git a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java
index e9cdab2..8f40849 100644
--- a/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java
+++ b/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/operations/PrincipalStateFactory.java
@@ -21,6 +21,7 @@
package org.apache.directory.server.kerberos.shared.store.operations;
+import java.io.IOException;
import java.util.Hashtable;
import javax.naming.Context;
@@ -28,13 +29,19 @@
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import javax.naming.directory.InvalidAttributeValueException;
import javax.naming.directory.SchemaViolationException;
import javax.naming.spi.DirStateFactory;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.io.encoder.EncryptionKeyEncoder;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
+import org.apache.directory.shared.ldap.util.AttributeUtils;
/**
@@ -62,27 +69,28 @@
}
// process the objectClass attribute
- Attribute oc = outAttrs.get( "objectClass" );
+ Attribute oc = outAttrs.get( SchemaConstants.OBJECT_CLASS_AT );
if ( oc == null )
{
- oc = new AttributeImpl( "objectClass" );
+ oc = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
outAttrs.put( oc );
}
- if ( !oc.contains( "top" ) )
+ if ( !AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.TOP_OC ) )
{
- oc.add( "top" );
+ oc.add( SchemaConstants.TOP_OC );
}
PrincipalStoreEntry p = ( PrincipalStoreEntry ) obj;
- if ( !oc.contains( "uidObject" ) )
+ if ( !AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.UID_OBJECT_AT ) )
{
- oc.add( "uidObject" );
+ oc.add( SchemaConstants.UID_OBJECT_AT );
+
if ( p.getUserId() != null )
{
- outAttrs.put( "uid", p.getUserId() );
+ outAttrs.put( SchemaConstants.UID_AT, p.getUserId() );
}
else
{
@@ -90,29 +98,32 @@
}
}
- if ( !oc.contains( "extensibleObject" ) )
+ if ( !AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.EXTENSIBLE_OBJECT_OC ) )
{
- oc.add( "extensibleObject" );
+ oc.add( SchemaConstants.EXTENSIBLE_OBJECT_OC );
outAttrs.put( "apacheSamType", "7" );
}
- if ( !oc.contains( "person" ) )
+ if ( !( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.PERSON_OC ) || oc
+ .contains( SchemaConstants.PERSON_OC_OID ) ) )
{
- oc.add( "person" );
+ oc.add( SchemaConstants.PERSON_OC );
// TODO - look into adding sn, gn, and cn to ServerProfiles
- outAttrs.put( "sn", p.getUserId() );
- outAttrs.put( "cn", p.getCommonName() );
+ outAttrs.put( SchemaConstants.SN_AT, p.getUserId() );
+ outAttrs.put( SchemaConstants.CN_AT, p.getCommonName() );
}
- if ( !oc.contains( "organizationalPerson" ) )
+ if ( !( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.ORGANIZATIONAL_PERSON_OC ) || oc
+ .contains( SchemaConstants.ORGANIZATIONAL_PERSON_OC_OID ) ) )
{
- oc.add( "organizationalPerson" );
+ oc.add( SchemaConstants.ORGANIZATIONAL_PERSON_OC );
}
- if ( !oc.contains( "inetOrgPerson" ) )
+ if ( !( AttributeUtils.containsValueCaseIgnore( oc, SchemaConstants.INET_ORG_PERSON_OC ) || oc
+ .contains( SchemaConstants.INET_ORG_PERSON_OC_OID ) ) )
{
- oc.add( "inetOrgPerson" );
+ oc.add( SchemaConstants.INET_ORG_PERSON_OC );
}
if ( !oc.contains( "krb5Principal" ) )
@@ -125,25 +136,31 @@
oc.add( "krb5KDCEntry" );
String principal = p.getPrincipal().getName();
- byte[] keyBytes = p.getEncryptionKey().getKeyValue();
- int keyType = p.getEncryptionKey().getKeyType().getOrdinal();
- int keyVersion = p.getEncryptionKey().getKeyVersion();
+
+ EncryptionKey encryptionKey = p.getKeyMap().get( EncryptionType.DES_CBC_MD5 );
+
+ try
+ {
+ outAttrs.put( KerberosAttribute.KEY, EncryptionKeyEncoder.encode( encryptionKey ) );
+ }
+ catch ( IOException ioe )
+ {
+ throw new InvalidAttributeValueException( "Unable to encode Kerberos key." );
+ }
+
+ int keyType = encryptionKey.getKeyType().getOrdinal();
+ int keyVersion = encryptionKey.getKeyVersion();
outAttrs.put( KerberosAttribute.PRINCIPAL, principal );
- outAttrs.put( KerberosAttribute.KEY, keyBytes );
outAttrs.put( KerberosAttribute.TYPE, Integer.toString( keyType ) );
outAttrs.put( KerberosAttribute.VERSION, Integer.toString( keyVersion ) );
}
Result r = new Result( obj, outAttrs );
- System.out.println( "Result from obj " + obj );
- System.out.println( "Result attrs " + outAttrs );
-
return r;
}
- System.out.println( "ERROR: entry was not correct type " + obj );
return null;
}
diff --git a/kerberos-shared/src/main/resources/META-INF/LICENSE.txt b/kerberos-shared/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..1b3e9c7
--- /dev/null
+++ b/kerberos-shared/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,300 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
diff --git a/kerberos-shared/src/main/resources/META-INF/NOTICE.txt b/kerberos-shared/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/kerberos-shared/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesEncryptionTest.java b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesEncryptionTest.java
new file mode 100644
index 0000000..449ac03
--- /dev/null
+++ b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/AesEncryptionTest.java
@@ -0,0 +1,135 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.security.GeneralSecurityException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Arrays;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import junit.framework.TestCase;
+
+
+/**
+ * Tests the use of AES for Kerberos, using test vectors from RFC 3962,
+ * "Advanced Encryption Standard (AES) Encryption for Kerberos 5."
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class AesEncryptionTest extends TestCase
+{
+ private byte[] keyBytes =
+ { ( byte ) 0x63, ( byte ) 0x68, ( byte ) 0x69, ( byte ) 0x63, ( byte ) 0x6b, ( byte ) 0x65, ( byte ) 0x6e,
+ ( byte ) 0x20, ( byte ) 0x74, ( byte ) 0x65, ( byte ) 0x72, ( byte ) 0x69, ( byte ) 0x79, ( byte ) 0x61,
+ ( byte ) 0x6b, ( byte ) 0x69 };
+
+ private SecretKey key = new SecretKeySpec( keyBytes, "AES" );
+
+ private byte[] iv =
+ { ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00,
+ ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00,
+ ( byte ) 0x00, ( byte ) 0x00, };
+
+ private AlgorithmParameterSpec paramSpec = new IvParameterSpec( iv );
+
+
+ /**
+ * Tests the first test vector from RFC 3962,
+ * "Advanced Encryption Standard (AES) Encryption for Kerberos 5."
+ */
+ public void testFirstAesVector()
+ {
+ byte[] input =
+ { ( byte ) 0x49, ( byte ) 0x20, ( byte ) 0x77, ( byte ) 0x6f, ( byte ) 0x75, ( byte ) 0x6c, ( byte ) 0x64,
+ ( byte ) 0x20, ( byte ) 0x6c, ( byte ) 0x69, ( byte ) 0x6b, ( byte ) 0x65, ( byte ) 0x20,
+ ( byte ) 0x74, ( byte ) 0x68, ( byte ) 0x65, ( byte ) 0x20 };
+
+ byte[] output =
+ { ( byte ) 0xc6, ( byte ) 0x35, ( byte ) 0x35, ( byte ) 0x68, ( byte ) 0xf2, ( byte ) 0xbf, ( byte ) 0x8c,
+ ( byte ) 0xb4, ( byte ) 0xd8, ( byte ) 0xa5, ( byte ) 0x80, ( byte ) 0x36, ( byte ) 0x2d,
+ ( byte ) 0xa7, ( byte ) 0xff, ( byte ) 0x7f, ( byte ) 0x97 };
+
+ byte[] result = aesCipher( key, input );
+
+ assertEquals( "Length", input.length, result.length );
+ assertTrue( Arrays.equals( output, result ) );
+ }
+
+
+ /**
+ * Tests the last test vector from RFC 3962,
+ * "Advanced Encryption Standard (AES) Encryption for Kerberos 5."
+ */
+ public void testLastAesVector()
+ {
+ byte[] input =
+ { ( byte ) 0x49, ( byte ) 0x20, ( byte ) 0x77, ( byte ) 0x6f, ( byte ) 0x75, ( byte ) 0x6c, ( byte ) 0x64,
+ ( byte ) 0x20, ( byte ) 0x6c, ( byte ) 0x69, ( byte ) 0x6b, ( byte ) 0x65, ( byte ) 0x20,
+ ( byte ) 0x74, ( byte ) 0x68, ( byte ) 0x65, ( byte ) 0x20, ( byte ) 0x47, ( byte ) 0x65,
+ ( byte ) 0x6e, ( byte ) 0x65, ( byte ) 0x72, ( byte ) 0x61, ( byte ) 0x6c, ( byte ) 0x20,
+ ( byte ) 0x47, ( byte ) 0x61, ( byte ) 0x75, ( byte ) 0x27, ( byte ) 0x73, ( byte ) 0x20,
+ ( byte ) 0x43, ( byte ) 0x68, ( byte ) 0x69, ( byte ) 0x63, ( byte ) 0x6b, ( byte ) 0x65,
+ ( byte ) 0x6e, ( byte ) 0x2c, ( byte ) 0x20, ( byte ) 0x70, ( byte ) 0x6c, ( byte ) 0x65,
+ ( byte ) 0x61, ( byte ) 0x73, ( byte ) 0x65, ( byte ) 0x2c, ( byte ) 0x20, ( byte ) 0x61,
+ ( byte ) 0x6e, ( byte ) 0x64, ( byte ) 0x20, ( byte ) 0x77, ( byte ) 0x6f, ( byte ) 0x6e,
+ ( byte ) 0x74, ( byte ) 0x6f, ( byte ) 0x6e, ( byte ) 0x20, ( byte ) 0x73, ( byte ) 0x6f,
+ ( byte ) 0x75, ( byte ) 0x70, ( byte ) 0x2e };
+
+ byte[] output =
+ { ( byte ) 0x97, ( byte ) 0x68, ( byte ) 0x72, ( byte ) 0x68, ( byte ) 0xd6, ( byte ) 0xec, ( byte ) 0xcc,
+ ( byte ) 0xc0, ( byte ) 0xc0, ( byte ) 0x7b, ( byte ) 0x25, ( byte ) 0xe2, ( byte ) 0x5e,
+ ( byte ) 0xcf, ( byte ) 0xe5, ( byte ) 0x84, ( byte ) 0x39, ( byte ) 0x31, ( byte ) 0x25,
+ ( byte ) 0x23, ( byte ) 0xa7, ( byte ) 0x86, ( byte ) 0x62, ( byte ) 0xd5, ( byte ) 0xbe,
+ ( byte ) 0x7f, ( byte ) 0xcb, ( byte ) 0xcc, ( byte ) 0x98, ( byte ) 0xeb, ( byte ) 0xf5,
+ ( byte ) 0xa8, ( byte ) 0x48, ( byte ) 0x07, ( byte ) 0xef, ( byte ) 0xe8, ( byte ) 0x36,
+ ( byte ) 0xee, ( byte ) 0x89, ( byte ) 0xa5, ( byte ) 0x26, ( byte ) 0x73, ( byte ) 0x0d,
+ ( byte ) 0xbc, ( byte ) 0x2f, ( byte ) 0x7b, ( byte ) 0xc8, ( byte ) 0x40, ( byte ) 0x9d,
+ ( byte ) 0xad, ( byte ) 0x8b, ( byte ) 0xbb, ( byte ) 0x96, ( byte ) 0xc4, ( byte ) 0xcd,
+ ( byte ) 0xc0, ( byte ) 0x3b, ( byte ) 0xc1, ( byte ) 0x03, ( byte ) 0xe1, ( byte ) 0xa1,
+ ( byte ) 0x94, ( byte ) 0xbb, ( byte ) 0xd8 };
+
+ byte[] result = aesCipher( key, input );
+
+ assertEquals( "Length", input.length, result.length );
+ assertTrue( Arrays.equals( output, result ) );
+ }
+
+
+ private byte[] aesCipher( SecretKey key, byte[] input )
+ {
+ try
+ {
+ Cipher ecipher = Cipher.getInstance( "AES/CTS/NoPadding" );
+ ecipher.init( Cipher.ENCRYPT_MODE, key, paramSpec );
+ return ecipher.doFinal( input );
+ }
+ catch ( GeneralSecurityException gse )
+ {
+ return new byte[]
+ { 0x00 };
+ }
+ }
+}
diff --git a/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
new file mode 100644
index 0000000..ec1be96
--- /dev/null
+++ b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandlerTest.java
@@ -0,0 +1,450 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.TimeZone;
+
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import junit.framework.TestCase;
+
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptedTimeStamp;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
+
+
+/**
+ * Test case for sealing and unsealing Kerberos CipherText.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class CipherTextHandlerTest extends TestCase
+{
+ private byte[] desEncryptedTimeStamp =
+ { ( byte ) 0x97, ( byte ) 0x21, ( byte ) 0x58, ( byte ) 0x5f, ( byte ) 0x81, ( byte ) 0x46, ( byte ) 0x17,
+ ( byte ) 0xa6, ( byte ) 0x4e, ( byte ) 0x8a, ( byte ) 0x5d, ( byte ) 0xe2, ( byte ) 0xf3, ( byte ) 0xd1,
+ ( byte ) 0x40, ( byte ) 0x30, ( byte ) 0x38, ( byte ) 0x5e, ( byte ) 0xb8, ( byte ) 0xf6, ( byte ) 0xad,
+ ( byte ) 0xd8, ( byte ) 0x7c, ( byte ) 0x30, ( byte ) 0xb0, ( byte ) 0x0d, ( byte ) 0x69, ( byte ) 0x71,
+ ( byte ) 0x08, ( byte ) 0xd5, ( byte ) 0x6a, ( byte ) 0x61, ( byte ) 0x1f, ( byte ) 0xee, ( byte ) 0x38,
+ ( byte ) 0xad, ( byte ) 0x43, ( byte ) 0x99, ( byte ) 0xae, ( byte ) 0xc2, ( byte ) 0xd2, ( byte ) 0xf5,
+ ( byte ) 0xb2, ( byte ) 0xb7, ( byte ) 0x95, ( byte ) 0x22, ( byte ) 0x93, ( byte ) 0x12, ( byte ) 0x63,
+ ( byte ) 0xd5, ( byte ) 0xf4, ( byte ) 0x39, ( byte ) 0xfa, ( byte ) 0x27, ( byte ) 0x6e, ( byte ) 0x8e };
+
+ private byte[] tripleDesEncryptedTimeStamp =
+ { ( byte ) 0x96, ( byte ) 0xcb, ( byte ) 0x38, ( byte ) 0xb3, ( byte ) 0xc9, ( byte ) 0xb5, ( byte ) 0x78,
+ ( byte ) 0x17, ( byte ) 0xba, ( byte ) 0x0a, ( byte ) 0x64, ( byte ) 0x49, ( byte ) 0x18, ( byte ) 0x39,
+ ( byte ) 0x57, ( byte ) 0x1e, ( byte ) 0xcf, ( byte ) 0xfc, ( byte ) 0x6e, ( byte ) 0x0f, ( byte ) 0x53,
+ ( byte ) 0xe2, ( byte ) 0x9c, ( byte ) 0x96, ( byte ) 0xfd, ( byte ) 0xbc, ( byte ) 0xc6, ( byte ) 0x1e,
+ ( byte ) 0x10, ( byte ) 0x35, ( byte ) 0xe0, ( byte ) 0x8f, ( byte ) 0xc1, ( byte ) 0x7f, ( byte ) 0xbd,
+ ( byte ) 0x86, ( byte ) 0x55, ( byte ) 0xf2, ( byte ) 0x22, ( byte ) 0x48, ( byte ) 0x86, ( byte ) 0xfb,
+ ( byte ) 0x92, ( byte ) 0x22, ( byte ) 0xe7, ( byte ) 0xbe, ( byte ) 0xd1, ( byte ) 0xec, ( byte ) 0x2e,
+ ( byte ) 0x37, ( byte ) 0xd8, ( byte ) 0x47, ( byte ) 0x1e, ( byte ) 0xa0, ( byte ) 0x16, ( byte ) 0x70,
+ ( byte ) 0x5f, ( byte ) 0x6b, ( byte ) 0x18, ( byte ) 0xf3 };
+
+ private byte[] aes128EncryptedTimeStamp =
+ { ( byte ) 0x4f, ( byte ) 0x1e, ( byte ) 0x52, ( byte ) 0xf5, ( byte ) 0xe0, ( byte ) 0xee, ( byte ) 0xe5,
+ ( byte ) 0xe2, ( byte ) 0x2c, ( byte ) 0x9b, ( byte ) 0xf4, ( byte ) 0xdc, ( byte ) 0x58, ( byte ) 0x5f,
+ ( byte ) 0x00, ( byte ) 0x96, ( byte ) 0x31, ( byte ) 0xfe, ( byte ) 0xc7, ( byte ) 0xf7, ( byte ) 0x89,
+ ( byte ) 0x38, ( byte ) 0x88, ( byte ) 0xf5, ( byte ) 0x25, ( byte ) 0xaf, ( byte ) 0x09, ( byte ) 0x9f,
+ ( byte ) 0xfd, ( byte ) 0x78, ( byte ) 0x68, ( byte ) 0x3b, ( byte ) 0xb4, ( byte ) 0x1e, ( byte ) 0xc2,
+ ( byte ) 0xfc, ( byte ) 0x2d, ( byte ) 0xf3, ( byte ) 0x41, ( byte ) 0x88, ( byte ) 0x92, ( byte ) 0x7e,
+ ( byte ) 0xd7, ( byte ) 0xed, ( byte ) 0xe1, ( byte ) 0xe0, ( byte ) 0x0c, ( byte ) 0xad, ( byte ) 0xe5,
+ ( byte ) 0x06, ( byte ) 0xbf, ( byte ) 0x30, ( byte ) 0x1e, ( byte ) 0xbf, ( byte ) 0xf2, ( byte ) 0xec };
+
+ private byte[] aes256EncryptedTimeStamp =
+ { ( byte ) 0xa8, ( byte ) 0x40, ( byte ) 0x73, ( byte ) 0xfc, ( byte ) 0xe5, ( byte ) 0x45, ( byte ) 0x66,
+ ( byte ) 0xd6, ( byte ) 0x83, ( byte ) 0xb4, ( byte ) 0xed, ( byte ) 0xb6, ( byte ) 0x18, ( byte ) 0x5a,
+ ( byte ) 0xd2, ( byte ) 0x24, ( byte ) 0xd6, ( byte ) 0xef, ( byte ) 0x38, ( byte ) 0xac, ( byte ) 0xdf,
+ ( byte ) 0xcd, ( byte ) 0xed, ( byte ) 0x6d, ( byte ) 0x32, ( byte ) 0xf6, ( byte ) 0x00, ( byte ) 0xd1,
+ ( byte ) 0xc0, ( byte ) 0xb0, ( byte ) 0x1e, ( byte ) 0x70, ( byte ) 0x13, ( byte ) 0x48, ( byte ) 0x0a,
+ ( byte ) 0x5a, ( byte ) 0xbb, ( byte ) 0xd2, ( byte ) 0x2a, ( byte ) 0x6b, ( byte ) 0x16, ( byte ) 0x29,
+ ( byte ) 0x63, ( byte ) 0xba, ( byte ) 0xea, ( byte ) 0xb7, ( byte ) 0x1a, ( byte ) 0x90, ( byte ) 0x7b,
+ ( byte ) 0xf4, ( byte ) 0x89, ( byte ) 0x94, ( byte ) 0x7a, ( byte ) 0x2d, ( byte ) 0x6a, ( byte ) 0xf1 };
+
+ private byte[] arcfourEncryptedTimeStamp =
+ { ( byte ) 0xa2, ( byte ) 0x4f, ( byte ) 0x04, ( byte ) 0x6d, ( byte ) 0x93, ( byte ) 0x31, ( byte ) 0x19,
+ ( byte ) 0x77, ( byte ) 0x3f, ( byte ) 0x9d, ( byte ) 0xf9, ( byte ) 0x6f, ( byte ) 0x7e, ( byte ) 0x86,
+ ( byte ) 0x2c, ( byte ) 0x99, ( byte ) 0x63, ( byte ) 0xc5, ( byte ) 0xcf, ( byte ) 0xe2, ( byte ) 0xf1,
+ ( byte ) 0x54, ( byte ) 0x05, ( byte ) 0x6a, ( byte ) 0xea, ( byte ) 0x20, ( byte ) 0x37, ( byte ) 0x31,
+ ( byte ) 0xa2, ( byte ) 0xdc, ( byte ) 0xe8, ( byte ) 0x79, ( byte ) 0xaa, ( byte ) 0xae, ( byte ) 0x1c,
+ ( byte ) 0xfa, ( byte ) 0x93, ( byte ) 0x02, ( byte ) 0xbe, ( byte ) 0x11, ( byte ) 0x14, ( byte ) 0x22,
+ ( byte ) 0x65, ( byte ) 0x92, ( byte ) 0xbd, ( byte ) 0xf5, ( byte ) 0x52, ( byte ) 0x9f, ( byte ) 0x94,
+ ( byte ) 0x67, ( byte ) 0x10, ( byte ) 0xd2 };
+
+ private static final TimeZone UTC_TIME_ZONE = TimeZone.getTimeZone( "UTC" );
+
+ private static final SimpleDateFormat dateFormat = new SimpleDateFormat( "yyyyMMddHHmmss'Z'" );
+
+ static
+ {
+ dateFormat.setTimeZone( UTC_TIME_ZONE );
+ }
+
+
+ /**
+ * Tests the lengths of the test vectors for encrypted timestamps for each
+ * of the supported encryption types. The length of the Kerberos Cipher Text
+ * is relevant to the structure of the underlying plaintext.
+ */
+ public void testTestVectorLengths()
+ {
+ assertEquals( "DES length", 56, desEncryptedTimeStamp.length );
+ assertEquals( "DES3 length", 60, tripleDesEncryptedTimeStamp.length );
+ assertEquals( "AES128 length", 56, aes128EncryptedTimeStamp.length );
+ assertEquals( "AES256 length", 56, aes256EncryptedTimeStamp.length );
+ assertEquals( "RC4-HMAC length", 52, arcfourEncryptedTimeStamp.length );
+ }
+
+
+ /**
+ * Tests the unsealing of Kerberos CipherText with a good password. After decryption and
+ * an integrity check, an attempt is made to decode the bytes as an EncryptedTimestamp. The
+ * result is timestamp data.
+ */
+ public void testDesGoodPasswordDecrypt()
+ {
+ CipherTextHandler lockBox = new CipherTextHandler();
+ Class hint = EncryptedTimeStamp.class;
+ KerberosPrincipal principal = new KerberosPrincipal( "erodriguez@EXAMPLE.COM" );
+ KerberosKey kerberosKey = new KerberosKey( principal, "kerby".toCharArray(), "DES" );
+ EncryptionKey key = new EncryptionKey( EncryptionType.DES_CBC_MD5, kerberosKey.getEncoded() );
+ EncryptedData data = new EncryptedData( EncryptionType.DES_CBC_MD5, 0, desEncryptedTimeStamp );
+
+ try
+ {
+ EncryptedTimeStamp object = ( EncryptedTimeStamp ) lockBox.unseal( hint, key, data, KeyUsage.NUMBER1 );
+ assertEquals( "TimeStamp", "20070322233107Z", object.getTimeStamp().toString() );
+ assertEquals( "MicroSeconds", 291067, object.getMicroSeconds() );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+ }
+
+
+ /**
+ * Tests the unsealing of Kerberos CipherText with a bad password. After decryption, the
+ * checksum is tested and should fail on comparison, resulting in an integrity check error.
+ */
+ public void testDesBadPasswordDecrypt()
+ {
+ CipherTextHandler lockBox = new CipherTextHandler();
+ Class hint = EncryptedTimeStamp.class;
+ KerberosPrincipal principal = new KerberosPrincipal( "erodriguez@EXAMPLE.COM" );
+ KerberosKey kerberosKey = new KerberosKey( principal, "badpassword".toCharArray(), "DES" );
+ EncryptionKey key = new EncryptionKey( EncryptionType.DES_CBC_MD5, kerberosKey.getEncoded() );
+ EncryptedData data = new EncryptedData( EncryptionType.DES_CBC_MD5, 0, desEncryptedTimeStamp );
+
+ try
+ {
+ lockBox.unseal( hint, key, data, KeyUsage.NUMBER1 );
+ fail( "Should have thrown exception." );
+ }
+ catch ( KerberosException ke )
+ {
+ assertEquals( "ErrorCode", 31, ke.getErrorCode() );
+ }
+ }
+
+
+ /**
+ * Tests the unsealing of Kerberos CipherText with a good password. After decryption and
+ * an integrity check, an attempt is made to decode the bytes as an EncryptedTimestamp. The
+ * result is timestamp data.
+ */
+ public void testTripleDesGoodPasswordDecrypt()
+ {
+ CipherTextHandler lockBox = new CipherTextHandler();
+ Class hint = EncryptedTimeStamp.class;
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "DESede" );
+ EncryptionKey key = new EncryptionKey( EncryptionType.DES3_CBC_SHA1_KD, kerberosKey.getEncoded() );
+ EncryptedData data = new EncryptedData( EncryptionType.DES3_CBC_SHA1_KD, 0, tripleDesEncryptedTimeStamp );
+
+ try
+ {
+ EncryptedTimeStamp object = ( EncryptedTimeStamp ) lockBox.unseal( hint, key, data, KeyUsage.NUMBER1 );
+ assertEquals( "TimeStamp", "20070410190400Z", object.getTimeStamp().toString() );
+ assertEquals( "MicroSeconds", 460450, object.getMicroSeconds() );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+ }
+
+
+ /**
+ * Tests the encryption and subsequent unsealing of an ASN.1 encoded timestamp with a
+ * good password. After encryption, an attempt is made to unseal the encrypted bytes
+ * as an EncryptedTimestamp. The result is timestamp data.
+ *
+ * @throws ParseException
+ */
+ public void testTripleDesGoodPasswordEncrypt() throws ParseException
+ {
+ CipherTextHandler lockBox = new CipherTextHandler();
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "DESede" );
+ EncryptionKey key = new EncryptionKey( EncryptionType.DES3_CBC_SHA1_KD, kerberosKey.getEncoded() );
+
+ String zuluTime = "20070410190400Z";
+ int microSeconds = 460450;
+ EncryptedTimeStamp encryptedTimeStamp = getEncryptedTimeStamp( zuluTime, microSeconds );
+
+ EncryptedData encryptedData = null;
+
+ try
+ {
+ encryptedData = lockBox.seal( key, encryptedTimeStamp, KeyUsage.NUMBER1 );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+
+ Class hint = EncryptedTimeStamp.class;
+
+ try
+ {
+ EncryptedTimeStamp object = ( EncryptedTimeStamp ) lockBox.unseal( hint, key, encryptedData,
+ KeyUsage.NUMBER1 );
+ assertEquals( "TimeStamp", zuluTime, object.getTimeStamp().toString() );
+ assertEquals( "MicroSeconds", microSeconds, object.getMicroSeconds() );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+ }
+
+
+ /**
+ * Tests the unsealing of Kerberos CipherText with a good password. After decryption and
+ * an integrity check, an attempt is made to decode the bytes as an EncryptedTimestamp. The
+ * result is timestamp data.
+ */
+ public void testAes128GoodPasswordDecrypt()
+ {
+ CipherTextHandler lockBox = new CipherTextHandler();
+ Class hint = EncryptedTimeStamp.class;
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES128" );
+ EncryptionKey key = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, kerberosKey.getEncoded() );
+ EncryptedData data = new EncryptedData( EncryptionType.AES128_CTS_HMAC_SHA1_96, 0, aes128EncryptedTimeStamp );
+
+ try
+ {
+ EncryptedTimeStamp object = ( EncryptedTimeStamp ) lockBox.unseal( hint, key, data, KeyUsage.NUMBER1 );
+ assertEquals( "TimeStamp", "20070410212557Z", object.getTimeStamp().toString() );
+ assertEquals( "MicroSeconds", 379386, object.getMicroSeconds() );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+ }
+
+
+ /**
+ * Tests the encryption and subsequent unsealing of an ASN.1 encoded timestamp with a
+ * good password. After encryption, an attempt is made to unseal the encrypted bytes
+ * as an EncryptedTimestamp. The result is timestamp data.
+ *
+ * @throws ParseException
+ */
+ public void testAes128GoodPasswordEncrypt() throws ParseException
+ {
+ CipherTextHandler lockBox = new CipherTextHandler();
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES128" );
+ EncryptionKey key = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, kerberosKey.getEncoded() );
+
+ String zuluTime = "20070410190400Z";
+ int microSeconds = 460450;
+ EncryptedTimeStamp encryptedTimeStamp = getEncryptedTimeStamp( zuluTime, microSeconds );
+
+ EncryptedData encryptedData = null;
+
+ try
+ {
+ encryptedData = lockBox.seal( key, encryptedTimeStamp, KeyUsage.NUMBER1 );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+
+ Class hint = EncryptedTimeStamp.class;
+
+ try
+ {
+ EncryptedTimeStamp object = ( EncryptedTimeStamp ) lockBox.unseal( hint, key, encryptedData,
+ KeyUsage.NUMBER1 );
+ assertEquals( "TimeStamp", "20070410190400Z", object.getTimeStamp().toString() );
+ assertEquals( "MicroSeconds", 460450, object.getMicroSeconds() );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+ }
+
+
+ /**
+ * Tests the unsealing of Kerberos CipherText with a good password. After decryption and
+ * an integrity check, an attempt is made to decode the bytes as an EncryptedTimestamp. The
+ * result is timestamp data.
+ */
+ public void testAes256GoodPasswordDecrypt()
+ {
+ CipherTextHandler lockBox = new CipherTextHandler();
+ Class hint = EncryptedTimeStamp.class;
+
+ KerberosKey kerberosKey;
+
+ try
+ {
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES256" );
+ }
+ catch ( IllegalArgumentException iae )
+ {
+ // Algorithm AES256 not enabled
+ return;
+ }
+
+ EncryptionKey key = new EncryptionKey( EncryptionType.AES256_CTS_HMAC_SHA1_96, kerberosKey.getEncoded() );
+ EncryptedData data = new EncryptedData( EncryptionType.AES256_CTS_HMAC_SHA1_96, 0, aes256EncryptedTimeStamp );
+
+ try
+ {
+ EncryptedTimeStamp object = ( EncryptedTimeStamp ) lockBox.unseal( hint, key, data, KeyUsage.NUMBER1 );
+ assertEquals( "TimeStamp", "20070410212809Z", object.getTimeStamp().toString() );
+ assertEquals( "MicroSeconds", 298294, object.getMicroSeconds() );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+ }
+
+
+ /**
+ * Tests the encryption and subsequent unsealing of an ASN.1 encoded timestamp with a
+ * good password. After encryption, an attempt is made to unseal the encrypted bytes
+ * as an EncryptedTimestamp. The result is timestamp data.
+ *
+ * @throws ParseException
+ */
+ public void testAes256GoodPasswordEncrypt() throws ParseException
+ {
+ CipherTextHandler lockBox = new CipherTextHandler();
+
+ KerberosKey kerberosKey;
+
+ try
+ {
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES256" );
+ }
+ catch ( IllegalArgumentException iae )
+ {
+ // Algorithm AES256 not enabled
+ return;
+ }
+
+ EncryptionKey key = new EncryptionKey( EncryptionType.AES256_CTS_HMAC_SHA1_96, kerberosKey.getEncoded() );
+
+ String zuluTime = "20070410190400Z";
+ int microSeconds = 460450;
+ EncryptedTimeStamp encryptedTimeStamp = getEncryptedTimeStamp( zuluTime, microSeconds );
+
+ EncryptedData encryptedData = null;
+
+ try
+ {
+ encryptedData = lockBox.seal( key, encryptedTimeStamp, KeyUsage.NUMBER1 );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+
+ Class hint = EncryptedTimeStamp.class;
+
+ try
+ {
+ EncryptedTimeStamp object = ( EncryptedTimeStamp ) lockBox.unseal( hint, key, encryptedData,
+ KeyUsage.NUMBER1 );
+ assertEquals( "TimeStamp", "20070410190400Z", object.getTimeStamp().toString() );
+ assertEquals( "MicroSeconds", 460450, object.getMicroSeconds() );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+ }
+
+
+ protected EncryptedTimeStamp getEncryptedTimeStamp( String zuluTime, int microSeconds ) throws ParseException
+ {
+ Date date = null;
+ synchronized ( dateFormat )
+ {
+ date = dateFormat.parse( zuluTime );
+ }
+
+ KerberosTime timeStamp = new KerberosTime( date );
+
+ return new EncryptedTimeStamp( timeStamp, microSeconds );
+ }
+
+ /*
+ public void testArcFourGoodPassword()
+ {
+ LockBox lockBox = new LockBox();
+ Class hint = EncryptedTimeStamp.class;
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "ArcFourHmac" );
+ EncryptionKey key = new EncryptionKey( EncryptionType.RC4_HMAC, kerberosKey.getEncoded() );
+ EncryptedData data = new EncryptedData( EncryptionType.RC4_HMAC, 0, arcfourEncryptedTimeStamp );
+
+ try
+ {
+ EncryptedTimeStamp object = ( EncryptedTimeStamp ) lockBox.unseal( hint, key, data );
+ assertEquals( "TimeStamp", "20070322233107Z", object.getTimeStamp().toString() );
+ assertEquals( "MicroSeconds", 291067, object.getMicroSeconds() );
+ }
+ catch ( KerberosException ke )
+ {
+ fail( "Should not have caught exception." );
+ }
+ }*/
+}
diff --git a/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryptionTest.java b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryptionTest.java
new file mode 100644
index 0000000..d31b28d
--- /dev/null
+++ b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/Des3CbcSha1KdEncryptionTest.java
@@ -0,0 +1,221 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.util.Arrays;
+
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import junit.framework.TestCase;
+
+
+/**
+ * Tests the use of Triple DES for Kerberos, using test vectors from RFC 3961,
+ * "Encryption and Checksum Specifications for Kerberos 5."
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class Des3CbcSha1KdEncryptionTest extends TestCase
+{
+ private Des3CbcSha1KdEncryption keyDerivationFunction = new Des3CbcSha1KdEncryption();
+
+
+ /**
+ * Tests setting parity as defined in RFC 3961.
+ */
+ public void testParity()
+ {
+ byte[] test =
+ { ( byte ) 0x93, ( byte ) 0x50, ( byte ) 0x79, ( byte ) 0xd1, ( byte ) 0x44, ( byte ) 0x90, ( byte ) 0xa7 };
+ byte[] expected =
+ { ( byte ) 0x92, ( byte ) 0x51, ( byte ) 0x79, ( byte ) 0xd0, ( byte ) 0x45, ( byte ) 0x91, ( byte ) 0xa7,
+ ( byte ) 0x9b };
+
+ byte[] result = keyDerivationFunction.setParity( test );
+
+ assertTrue( Arrays.equals( expected, result ) );
+ }
+
+
+ /**
+ * Tests 'deriveRandom' and 'randomToKey' functions.
+ */
+ public void testDerivedKey()
+ {
+ byte[] key =
+ { ( byte ) 0xdc, ( byte ) 0xe0, ( byte ) 0x6b, ( byte ) 0x1f, ( byte ) 0x64, ( byte ) 0xc8, ( byte ) 0x57,
+ ( byte ) 0xa1, ( byte ) 0x1c, ( byte ) 0x3d, ( byte ) 0xb5, ( byte ) 0x7c, ( byte ) 0x51,
+ ( byte ) 0x89, ( byte ) 0x9b, ( byte ) 0x2c, ( byte ) 0xc1, ( byte ) 0x79, ( byte ) 0x10,
+ ( byte ) 0x08, ( byte ) 0xce, ( byte ) 0x97, ( byte ) 0x3b, ( byte ) 0x92 };
+
+ byte[] usage =
+ { ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x01, ( byte ) 0x55 };
+
+ byte[] DR =
+ { ( byte ) 0x93, ( byte ) 0x50, ( byte ) 0x79, ( byte ) 0xd1, ( byte ) 0x44, ( byte ) 0x90, ( byte ) 0xa7,
+ ( byte ) 0x5c, ( byte ) 0x30, ( byte ) 0x93, ( byte ) 0xc4, ( byte ) 0xa6, ( byte ) 0xe8,
+ ( byte ) 0xc3, ( byte ) 0xb0, ( byte ) 0x49, ( byte ) 0xc7, ( byte ) 0x1e, ( byte ) 0x6e,
+ ( byte ) 0xe7, ( byte ) 0x05 };
+
+ byte[] DK =
+ { ( byte ) 0x92, ( byte ) 0x51, ( byte ) 0x79, ( byte ) 0xd0, ( byte ) 0x45, ( byte ) 0x91, ( byte ) 0xa7,
+ ( byte ) 0x9b, ( byte ) 0x5d, ( byte ) 0x31, ( byte ) 0x92, ( byte ) 0xc4, ( byte ) 0xa7,
+ ( byte ) 0xe9, ( byte ) 0xc2, ( byte ) 0x89, ( byte ) 0xb0, ( byte ) 0x49, ( byte ) 0xc7,
+ ( byte ) 0x1f, ( byte ) 0x6e, ( byte ) 0xe6, ( byte ) 0x04, ( byte ) 0xcd };
+
+ byte[] result = keyDerivationFunction.deriveRandom( key, usage, 64, 168 );
+ assertTrue( Arrays.equals( DR, result ) );
+
+ result = keyDerivationFunction.randomToKey( result );
+ assertTrue( Arrays.equals( DK, result ) );
+ }
+
+
+ /**
+ * Tests 'deriveRandom' and 'randomToKey' functions.
+ */
+ public void testDerivedKey2()
+ {
+ byte[] key =
+ { ( byte ) 0x5e, ( byte ) 0x13, ( byte ) 0xd3, ( byte ) 0x1c, ( byte ) 0x70, ( byte ) 0xef, ( byte ) 0x76,
+ ( byte ) 0x57, ( byte ) 0x46, ( byte ) 0x57, ( byte ) 0x85, ( byte ) 0x31, ( byte ) 0xcb,
+ ( byte ) 0x51, ( byte ) 0xc1, ( byte ) 0x5b, ( byte ) 0xf1, ( byte ) 0x1c, ( byte ) 0xa8,
+ ( byte ) 0x2c, ( byte ) 0x97, ( byte ) 0xce, ( byte ) 0xe9, ( byte ) 0xf2 };
+
+ byte[] usage =
+ { ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x01, ( byte ) 0xaa };
+
+ byte[] DR =
+ { ( byte ) 0x9f, ( byte ) 0x58, ( byte ) 0xe5, ( byte ) 0xa0, ( byte ) 0x47, ( byte ) 0xd8, ( byte ) 0x94,
+ ( byte ) 0x10, ( byte ) 0x1c, ( byte ) 0x46, ( byte ) 0x98, ( byte ) 0x45, ( byte ) 0xd6,
+ ( byte ) 0x7a, ( byte ) 0xe3, ( byte ) 0xc5, ( byte ) 0x24, ( byte ) 0x9e, ( byte ) 0xd8,
+ ( byte ) 0x12, ( byte ) 0xf2 };
+
+ byte[] DK =
+ { ( byte ) 0x9e, ( byte ) 0x58, ( byte ) 0xe5, ( byte ) 0xa1, ( byte ) 0x46, ( byte ) 0xd9, ( byte ) 0x94,
+ ( byte ) 0x2a, ( byte ) 0x10, ( byte ) 0x1c, ( byte ) 0x46, ( byte ) 0x98, ( byte ) 0x45,
+ ( byte ) 0xd6, ( byte ) 0x7a, ( byte ) 0x20, ( byte ) 0xe3, ( byte ) 0xc4, ( byte ) 0x25,
+ ( byte ) 0x9e, ( byte ) 0xd9, ( byte ) 0x13, ( byte ) 0xf2, ( byte ) 0x07 };
+
+ byte[] result = keyDerivationFunction.deriveRandom( key, usage, 64, 168 );
+ assertTrue( Arrays.equals( DR, result ) );
+
+ result = keyDerivationFunction.randomToKey( result );
+ assertTrue( Arrays.equals( DK, result ) );
+ }
+
+
+ /**
+ * Tests that key derivation can be performed for a Triple-DES key.
+ */
+ public void testTestVectorsTripleDesKerberosKey1()
+ {
+ byte[] expectedKey =
+ { ( byte ) 0x85, ( byte ) 0x0B, ( byte ) 0xB5, ( byte ) 0x13, ( byte ) 0x58, ( byte ) 0x54, ( byte ) 0x8C,
+ ( byte ) 0xD0, ( byte ) 0x5E, ( byte ) 0x86, ( byte ) 0x76, ( byte ) 0x8C, ( byte ) 0x31,
+ ( byte ) 0x3E, ( byte ) 0x3B, ( byte ) 0xFE, ( byte ) 0xF7, ( byte ) 0x51, ( byte ) 0x19,
+ ( byte ) 0x37, ( byte ) 0xDC, ( byte ) 0xF7, ( byte ) 0x2C, ( byte ) 0x3E };
+
+ KerberosPrincipal principal = new KerberosPrincipal( "raeburn@ATHENA.MIT.EDU" );
+ KerberosKey key = new KerberosKey( principal, "password".toCharArray(), "DESede" );
+
+ assertEquals( "DESede key length", 24, key.getEncoded().length );
+ assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );
+ }
+
+
+ /**
+ * Tests that key derivation can be performed for a Triple-DES key.
+ */
+ public void testTestVectorsTripleDesKerberosKey2()
+ {
+ byte[] expectedKey =
+ { ( byte ) 0xDF, ( byte ) 0xCD, ( byte ) 0x23, ( byte ) 0x3D, ( byte ) 0xD0, ( byte ) 0xA4, ( byte ) 0x32,
+ ( byte ) 0x04, ( byte ) 0xEA, ( byte ) 0x6D, ( byte ) 0xC4, ( byte ) 0x37, ( byte ) 0xFB,
+ ( byte ) 0x15, ( byte ) 0xE0, ( byte ) 0x61, ( byte ) 0xB0, ( byte ) 0x29, ( byte ) 0x79,
+ ( byte ) 0xC1, ( byte ) 0xF7, ( byte ) 0x4F, ( byte ) 0x37, ( byte ) 0x7A };
+
+ KerberosPrincipal principal = new KerberosPrincipal( "danny@WHITEHOUSE.GOV" );
+ KerberosKey key = new KerberosKey( principal, "potatoe".toCharArray(), "DESede" );
+
+ assertEquals( "DESede key length", 24, key.getEncoded().length );
+ assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );
+ }
+
+
+ /**
+ * Tests that key derivation can be performed for a Triple-DES key.
+ */
+ public void testTestVectorsTripleDesKerberosKey3()
+ {
+ byte[] expectedKey =
+ { ( byte ) 0x6D, ( byte ) 0x2F, ( byte ) 0xCD, ( byte ) 0xF2, ( byte ) 0xD6, ( byte ) 0xFB, ( byte ) 0xBC,
+ ( byte ) 0x3D, ( byte ) 0xDC, ( byte ) 0xAD, ( byte ) 0xB5, ( byte ) 0xDA, ( byte ) 0x57,
+ ( byte ) 0x10, ( byte ) 0xA2, ( byte ) 0x34, ( byte ) 0x89, ( byte ) 0xB0, ( byte ) 0xD3,
+ ( byte ) 0xB6, ( byte ) 0x9D, ( byte ) 0x5D, ( byte ) 0x9D, ( byte ) 0x4A };
+
+ KerberosPrincipal principal = new KerberosPrincipal( "buckaroo@EXAMPLE.COM" );
+ KerberosKey key = new KerberosKey( principal, "penny".toCharArray(), "DESede" );
+
+ assertEquals( "DESede key length", 24, key.getEncoded().length );
+ assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );
+ }
+
+
+ /**
+ * Tests that key derivation can be performed for a Triple-DES key.
+ */
+ public void testTestVectorsTripleDesKerberosKey4()
+ {
+ byte[] expectedKey =
+ { ( byte ) 0x16, ( byte ) 0xD5, ( byte ) 0xA4, ( byte ) 0x0E, ( byte ) 0x1C, ( byte ) 0xE3, ( byte ) 0xBA,
+ ( byte ) 0xCB, ( byte ) 0x61, ( byte ) 0xB9, ( byte ) 0xDC, ( byte ) 0xE0, ( byte ) 0x04,
+ ( byte ) 0x70, ( byte ) 0x32, ( byte ) 0x4C, ( byte ) 0x83, ( byte ) 0x19, ( byte ) 0x73,
+ ( byte ) 0xA7, ( byte ) 0xB9, ( byte ) 0x52, ( byte ) 0xFE, ( byte ) 0xB0 };
+
+ KerberosPrincipal principal = new KerberosPrincipal( "Juri\u0161i\u0107@ATHENA.MIT.EDU" );
+ KerberosKey key = new KerberosKey( principal, "\u00DF".toCharArray(), "DESede" );
+
+ assertEquals( "DESede key length", 24, key.getEncoded().length );
+ assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );
+ }
+
+
+ /**
+ * Tests that key derivation can be performed for a Triple-DES key.
+ */
+ public void testTestVectorsTripleDesKerberosKey5()
+ {
+ byte[] expectedKey =
+ { ( byte ) 0x85, ( byte ) 0x76, ( byte ) 0x37, ( byte ) 0x26, ( byte ) 0x58, ( byte ) 0x5D, ( byte ) 0xBC,
+ ( byte ) 0x1C, ( byte ) 0xCE, ( byte ) 0x6E, ( byte ) 0xC4, ( byte ) 0x3E, ( byte ) 0x1F,
+ ( byte ) 0x75, ( byte ) 0x1F, ( byte ) 0x07, ( byte ) 0xF1, ( byte ) 0xC4, ( byte ) 0xCB,
+ ( byte ) 0xB0, ( byte ) 0x98, ( byte ) 0xF4, ( byte ) 0x0B, ( byte ) 0x19 };
+
+ KerberosPrincipal principal = new KerberosPrincipal( "pianist@EXAMPLE.COM" );
+ KerberosKey key = new KerberosKey( principal, "\uD834\uDD1E".toCharArray(), "DESede" );
+
+ assertEquals( "DESede key length", 24, key.getEncoded().length );
+ assertTrue( "Key match", Arrays.equals( expectedKey, key.getEncoded() ) );
+ }
+}
diff --git a/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesStringToKeyTest.java b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesStringToKeyTest.java
new file mode 100644
index 0000000..e112ff3
--- /dev/null
+++ b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/DesStringToKeyTest.java
@@ -0,0 +1,158 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.security.InvalidKeyException;
+import java.util.Arrays;
+
+import javax.crypto.spec.DESKeySpec;
+
+import junit.framework.TestCase;
+
+
+/**
+ * Test cases for the DES string-to-key function as described in RFC 3961,
+ * "Encryption and Checksum Specifications for Kerberos 5."
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class DesStringToKeyTest extends TestCase
+{
+ private byte[] fanFold1 =
+ { ( byte ) 0xC0, ( byte ) 0x1E, ( byte ) 0x38, ( byte ) 0x68, ( byte ) 0x8A, ( byte ) 0xC8, ( byte ) 0x6C,
+ ( byte ) 0x2E };
+ private byte[] intermediateKey1 =
+ { ( byte ) 0xC1, ( byte ) 0x1F, ( byte ) 0x38, ( byte ) 0x68, ( byte ) 0x8A, ( byte ) 0xC8, ( byte ) 0x6D,
+ ( byte ) 0x2F };
+ private byte[] desKey1 =
+ { ( byte ) 0xCB, ( byte ) 0xC2, ( byte ) 0x2F, ( byte ) 0xAE, ( byte ) 0x23, ( byte ) 0x52, ( byte ) 0x98,
+ ( byte ) 0xE3 };
+
+ private byte[] fanFold2 =
+ { ( byte ) 0xA0, ( byte ) 0x28, ( byte ) 0x94, ( byte ) 0x4E, ( byte ) 0xE6, ( byte ) 0x3C, ( byte ) 0x04,
+ ( byte ) 0x16 };
+ private byte[] intermediateKey2 =
+ { ( byte ) 0xA1, ( byte ) 0x29, ( byte ) 0x94, ( byte ) 0x4F, ( byte ) 0xE6, ( byte ) 0x3D, ( byte ) 0x04,
+ ( byte ) 0x16 };
+ private byte[] desKey2 =
+ { ( byte ) 0xDF, ( byte ) 0x3D, ( byte ) 0x32, ( byte ) 0xA7, ( byte ) 0x4F, ( byte ) 0xD9, ( byte ) 0x2A,
+ ( byte ) 0x01 };
+
+ private DesStringToKey stringToKey = new DesStringToKey();
+
+
+ /**
+ * Tests DES StringToKey test vector 1 from RFC 3961.
+ */
+ public void testDesStringToKeyVector1()
+ {
+ byte[] key = stringToKey.getKey( "password", "ATHENA.MIT.EDU", "raeburn" );
+
+ assertTrue( "Key match", Arrays.equals( desKey1, key ) );
+ }
+
+
+ /**
+ * Tests DES StringToKey test vector 2 from RFC 3961.
+ */
+ public void testDesStringToKeyVector2()
+ {
+ byte[] key = stringToKey.getKey( "potatoe", "WHITEHOUSE.GOV", "danny" );
+
+ assertTrue( "Key match", Arrays.equals( desKey2, key ) );
+ }
+
+
+ /**
+ * Tests DES StringToKey test vector 1 from RFC 3961 with intermediate step checks.
+ *
+ * @throws InvalidKeyException
+ */
+ public void testIntermediateDesStringToKeyVector1() throws InvalidKeyException
+ {
+ String passPhrase = "passwordATHENA.MIT.EDUraeburn";
+
+ byte[] encodedByteArray = stringToKey.characterEncodeString( passPhrase );
+ byte[] paddedByteArray = stringToKey.padString( encodedByteArray );
+ byte[] fanFold = stringToKey.fanFold( paddedByteArray );
+
+ assertTrue( "Key match", Arrays.equals( fanFold1, fanFold ) );
+
+ fanFold = stringToKey.setParity( fanFold );
+ assertTrue( "Key match", Arrays.equals( intermediateKey1, fanFold ) );
+
+ byte[] secretKey = getDesKey( paddedByteArray, fanFold );
+ assertTrue( "Key match", Arrays.equals( desKey1, secretKey ) );
+ }
+
+
+ /**
+ * Tests DES StringToKey test vector 2 from RFC 3961 with intermediate step checks.
+ *
+ * @throws InvalidKeyException
+ */
+ public void testIntermediateDesStringToKeyVector2() throws InvalidKeyException
+ {
+ String passPhrase = "potatoeWHITEHOUSE.GOVdanny";
+
+ byte[] encodedByteArray = stringToKey.characterEncodeString( passPhrase );
+ byte[] paddedByteArray = stringToKey.padString( encodedByteArray );
+ byte[] fanFold = stringToKey.fanFold( paddedByteArray );
+
+ assertTrue( "Key match", Arrays.equals( fanFold2, fanFold ) );
+
+ fanFold = stringToKey.setParity( fanFold );
+ assertTrue( "Key match", Arrays.equals( intermediateKey2, fanFold ) );
+
+ byte[] secretKey = getDesKey( paddedByteArray, fanFold );
+ assertTrue( "Key match", Arrays.equals( desKey2, secretKey ) );
+ }
+
+
+ /**
+ * Test harness method for checking intermediate key state, which is not
+ * exposed from {@link DesStringToKey}.
+ *
+ * @param paddedByteArray The input passphrase.
+ * @param intermediateKey The intermediate key generated by fan-folding and parity-adjustment.
+ * @return The final DES key.
+ * @throws InvalidKeyException
+ */
+ private byte[] getDesKey( byte[] paddedByteArray, byte[] intermediateKey ) throws InvalidKeyException
+ {
+ if ( DESKeySpec.isWeak( intermediateKey, 0 ) )
+ {
+ intermediateKey = stringToKey.getStrongKey( intermediateKey );
+ }
+
+ byte[] secretKey = stringToKey.calculateChecksum( paddedByteArray, intermediateKey );
+
+ secretKey = stringToKey.setParity( secretKey );
+
+ if ( DESKeySpec.isWeak( secretKey, 0 ) )
+ {
+ secretKey = stringToKey.getStrongKey( secretKey );
+ }
+
+ return secretKey;
+ }
+}
diff --git a/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
new file mode 100644
index 0000000..e4d3288
--- /dev/null
+++ b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KerberosKeyFactoryTest.java
@@ -0,0 +1,227 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import javax.security.auth.kerberos.KerberosKey;
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import junit.framework.TestCase;
+
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * Test cases for string-to-key functions for DES-, DES3-, AES-, and RC4-based
+ * encryption types.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class KerberosKeyFactoryTest extends TestCase
+{
+ /**
+ * Tests that key derivation can be performed for a DES key.
+ */
+ public void testDesKerberosKey()
+ {
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey key = new KerberosKey( principal, "secret".toCharArray(), "DES" );
+
+ assertEquals( "DES key length", 8, key.getEncoded().length );
+ }
+
+
+ /**
+ * Tests that key derivation can be performed for a Triple-DES key.
+ */
+ public void testTripleDesKerberosKey()
+ {
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey key = new KerberosKey( principal, "secret".toCharArray(), "DESede" );
+
+ assertEquals( "DESede key length", 24, key.getEncoded().length );
+ }
+
+
+ /**
+ * Tests that key derivation can be performed for an RC4-HMAC key.
+ */
+ public void testArcFourHmacKerberosKey()
+ {
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey key = new KerberosKey( principal, "secret".toCharArray(), "ArcFourHmac" );
+
+ assertEquals( "ArcFourHmac key length", 16, key.getEncoded().length );
+ }
+
+
+ /**
+ * Tests that key derivation can be performed for an AES-128 key.
+ *
+ * @throws Exception
+ */
+ public void testAes128KerberosKey() throws Exception
+ {
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey key = new KerberosKey( principal, "secret".toCharArray(), "AES128" );
+
+ assertEquals( "AES128 key length", 16, key.getEncoded().length );
+ }
+
+
+ /**
+ * Tests that key derivation can be performed for an AES-256 key.
+ */
+ public void testAes256KerberosKey()
+ {
+ try
+ {
+ KerberosPrincipal principal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
+ KerberosKey kerberosKey = new KerberosKey( principal, "secret".toCharArray(), "AES256" );
+ assertEquals( "AES256 key length", 32, kerberosKey.getEncoded().length );
+ }
+ catch ( IllegalArgumentException iae )
+ {
+ // Algorithm AES256 not enabled
+ }
+ }
+
+
+ /**
+ * Tests that key derivation can be performed by the factory for multiple cipher types.
+ */
+ public void testKerberosKeyFactory()
+ {
+ String principalName = "hnelson@EXAMPLE.COM";
+ String passPhrase = "secret";
+
+ Map<EncryptionType, EncryptionKey> map = KerberosKeyFactory.getKerberosKeys( principalName, passPhrase );
+
+ EncryptionKey kerberosKey = map.get( EncryptionType.DES_CBC_MD5 );
+
+ EncryptionType keyType = kerberosKey.getKeyType();
+ int keyLength = kerberosKey.getKeyValue().length;
+ byte[] keyBytes = kerberosKey.getKeyValue();
+
+ assertEquals( keyType, EncryptionType.DES_CBC_MD5 );
+ assertEquals( keyLength, 8 );
+ byte[] expectedBytes = new byte[]
+ { ( byte ) 0xF4, ( byte ) 0xA7, ( byte ) 0x13, ( byte ) 0x64, ( byte ) 0x8A, ( byte ) 0x61, ( byte ) 0xCE,
+ ( byte ) 0x5B };
+ assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+
+ kerberosKey = map.get( EncryptionType.DES3_CBC_SHA1_KD );
+ keyType = kerberosKey.getKeyType();
+ keyLength = kerberosKey.getKeyValue().length;
+ keyBytes = kerberosKey.getKeyValue();
+
+ assertEquals( keyType, EncryptionType.DES3_CBC_SHA1_KD );
+ assertEquals( keyLength, 24 );
+ expectedBytes = new byte[]
+ { ( byte ) 0x57, ( byte ) 0x07, ( byte ) 0xCE, ( byte ) 0x29, ( byte ) 0x52, ( byte ) 0x92, ( byte ) 0x2C,
+ ( byte ) 0x1C, ( byte ) 0x8C, ( byte ) 0xBF, ( byte ) 0x43, ( byte ) 0xC2, ( byte ) 0x3D,
+ ( byte ) 0x8F, ( byte ) 0x8C, ( byte ) 0x5E, ( byte ) 0x9E, ( byte ) 0x8C, ( byte ) 0xF7,
+ ( byte ) 0x5D, ( byte ) 0x3E, ( byte ) 0x4A, ( byte ) 0x5E, ( byte ) 0x25 };
+ assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+
+ kerberosKey = map.get( EncryptionType.RC4_HMAC );
+ keyType = kerberosKey.getKeyType();
+ keyLength = kerberosKey.getKeyValue().length;
+ keyBytes = kerberosKey.getKeyValue();
+
+ assertEquals( keyType, EncryptionType.RC4_HMAC );
+ assertEquals( keyLength, 16 );
+ expectedBytes = new byte[]
+ { ( byte ) 0x87, ( byte ) 0x8D, ( byte ) 0x80, ( byte ) 0x14, ( byte ) 0x60, ( byte ) 0x6C, ( byte ) 0xDA,
+ ( byte ) 0x29, ( byte ) 0x67, ( byte ) 0x7A, ( byte ) 0x44, ( byte ) 0xEF, ( byte ) 0xA1,
+ ( byte ) 0x35, ( byte ) 0x3F, ( byte ) 0xC7 };
+ assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+
+ kerberosKey = map.get( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
+ keyType = kerberosKey.getKeyType();
+ keyLength = kerberosKey.getKeyValue().length;
+ keyBytes = kerberosKey.getKeyValue();
+
+ assertEquals( keyType, EncryptionType.AES128_CTS_HMAC_SHA1_96 );
+ assertEquals( keyLength, 16 );
+ expectedBytes = new byte[]
+ { ( byte ) 0xAD, ( byte ) 0x21, ( byte ) 0x4B, ( byte ) 0x38, ( byte ) 0xB6, ( byte ) 0x9D, ( byte ) 0xFC,
+ ( byte ) 0xCA, ( byte ) 0xAC, ( byte ) 0xF1, ( byte ) 0x5F, ( byte ) 0x34, ( byte ) 0x6D,
+ ( byte ) 0x41, ( byte ) 0x7B, ( byte ) 0x90 };
+ assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+
+ kerberosKey = map.get( EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+
+ if ( kerberosKey != null )
+ {
+ keyType = kerberosKey.getKeyType();
+ keyLength = kerberosKey.getKeyValue().length;
+ keyBytes = kerberosKey.getKeyValue();
+
+ assertEquals( keyType, EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+ assertEquals( keyLength, 32 );
+ expectedBytes = new byte[]
+ { ( byte ) 0x3D, ( byte ) 0x33, ( byte ) 0x31, ( byte ) 0x8F, ( byte ) 0xBE, ( byte ) 0x47,
+ ( byte ) 0xE5, ( byte ) 0x2A, ( byte ) 0x21, ( byte ) 0x50, ( byte ) 0x77, ( byte ) 0xA4,
+ ( byte ) 0x15, ( byte ) 0x58, ( byte ) 0xCA, ( byte ) 0xE7, ( byte ) 0x36, ( byte ) 0x50,
+ ( byte ) 0x1F, ( byte ) 0xA7, ( byte ) 0xA4, ( byte ) 0x85, ( byte ) 0x82, ( byte ) 0x05,
+ ( byte ) 0xF6, ( byte ) 0x8F, ( byte ) 0x67, ( byte ) 0xA2, ( byte ) 0xB5, ( byte ) 0xEA,
+ ( byte ) 0x0E, ( byte ) 0xBF };
+ assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+ }
+ }
+
+
+ /**
+ * Tests that key derivation can be performed by the factory for a specified cipher type.
+ */
+ public void testKerberosKeyFactoryOnlyDes()
+ {
+ String principalName = "hnelson@EXAMPLE.COM";
+ String passPhrase = "secret";
+
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.DES_CBC_MD5 );
+
+ Map<EncryptionType, EncryptionKey> map = KerberosKeyFactory.getKerberosKeys( principalName, passPhrase,
+ encryptionTypes );
+
+ assertEquals( "List length", 1, map.values().size() );
+
+ EncryptionKey kerberosKey = map.get( EncryptionType.DES_CBC_MD5 );
+
+ EncryptionType keyType = kerberosKey.getKeyType();
+ int keyLength = kerberosKey.getKeyValue().length;
+ byte[] keyBytes = kerberosKey.getKeyValue();
+
+ assertEquals( keyType, EncryptionType.DES_CBC_MD5 );
+ assertEquals( keyLength, 8 );
+ byte[] expectedBytes = new byte[]
+ { ( byte ) 0xF4, ( byte ) 0xA7, ( byte ) 0x13, ( byte ) 0x64, ( byte ) 0x8A, ( byte ) 0x61, ( byte ) 0xCE,
+ ( byte ) 0x5B };
+ assertTrue( Arrays.equals( expectedBytes, keyBytes ) );
+ }
+}
diff --git a/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
new file mode 100644
index 0000000..4c64845
--- /dev/null
+++ b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/KeyTypeTest.java
@@ -0,0 +1,288 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.security.InvalidKeyException;
+import java.security.Provider;
+import java.security.Security;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.DESKeySpec;
+
+import junit.framework.TestCase;
+
+
+/**
+ * Test cases for the encryption types used by Kerberos "5.2" per RFC 4120,
+ * "The Kerberos Network Authentication Service (V5)."
+ *
+ * We MUST support:
+ * Encryption: AES256-CTS-HMAC-SHA1-96 [RFC3962]
+ * Checksums: HMAC-SHA1-96-AES256 [RFC3962]
+ *
+ * We SHOULD support:
+ * Encryption: AES128-CTS-HMAC-SHA1-96, DES-CBC-MD5, DES3-CBC-SHA1-KD
+ * Checksums: DES-MD5, HMAC-SHA1-DES3-KD, HMAC-SHA1-96-AES128
+ *
+ * Also important for interoperability is:
+ * ArcFour with HMAC/md5, DES-CBC-CRC
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class KeyTypeTest extends TestCase
+{
+ /**
+ * Tests that the cipher types used by Kerberos exist, namely
+ * DES, DESede, RC4, and AES.
+ */
+ public void testKeyTypes()
+ {
+ String[] names = getCryptoImpls( "Cipher" );
+ List ciphers = Arrays.asList( names );
+
+ assertTrue( ciphers.contains( "DES" ) );
+ assertTrue( ciphers.contains( "DESede" ) );
+ assertTrue( ciphers.contains( "TripleDES" ) );
+ assertTrue( ciphers.contains( "ARCFOUR" ) );
+ assertTrue( ciphers.contains( "RC4" ) );
+ assertTrue( ciphers.contains( "AES" ) );
+ }
+
+
+ /**
+ * Tests that the message digest types used by Kerberos exist, namely
+ * SHA1 and MD5.
+ */
+ public void testMessageDigestTypes()
+ {
+ String[] names = getCryptoImpls( "MessageDigest" );
+ List ciphers = Arrays.asList( names );
+
+ assertTrue( ciphers.contains( "MD5" ) );
+ assertTrue( ciphers.contains( "SHA1" ) );
+ }
+
+
+ /**
+ * Tests that the MAC types used by Kerberos exist, namely
+ * HmacMD5 and HmacSHA1.
+ */
+ public void testMacTypes()
+ {
+ String[] names = getCryptoImpls( "Mac" );
+ List ciphers = Arrays.asList( names );
+
+ assertTrue( ciphers.contains( "HmacMD5" ) );
+ assertTrue( ciphers.contains( "HmacSHA1" ) );
+ }
+
+
+ /**
+ * Tests that DES keys can be generated from bytes.
+ *
+ * @throws Exception
+ */
+ public void generateDes() throws Exception
+ {
+ byte[] desKeyData =
+ { ( byte ) 0x01, ( byte ) 0x02, ( byte ) 0x03, ( byte ) 0x04, ( byte ) 0x05, ( byte ) 0x06, ( byte ) 0x07,
+ ( byte ) 0x08 };
+ DESKeySpec desKeySpec = new DESKeySpec( desKeyData );
+ SecretKeyFactory keyFactory = SecretKeyFactory.getInstance( "DES" );
+ SecretKey desKey = keyFactory.generateSecret( desKeySpec );
+ assertEquals( "DES key size", 8, desKey.getEncoded().length );
+ assertTrue( DESKeySpec.isParityAdjusted( desKey.getEncoded(), 0 ) );
+ }
+
+
+ /**
+ * Tests that a CBC-mode DES cipher can be initialized.
+ *
+ * @throws Exception
+ */
+ public void testDesCipher() throws Exception
+ {
+ KeyGenerator keygen = KeyGenerator.getInstance( "DES" );
+ SecretKey desKey = keygen.generateKey();
+
+ Cipher ecipher = Cipher.getInstance( "DES/CBC/NoPadding" );
+ ecipher.init( Cipher.ENCRYPT_MODE, desKey );
+ assertEquals( "Block size", 8, ecipher.getBlockSize() );
+ }
+
+
+ /**
+ * Tests that a CBC-mode Triple-DES cipher can be initialized.
+ *
+ * @throws Exception
+ */
+ public void testTripleDesCipher() throws Exception
+ {
+ KeyGenerator keygen = KeyGenerator.getInstance( "DESede" );
+ SecretKey desKey = keygen.generateKey();
+
+ Cipher ecipher = Cipher.getInstance( "DESede/CBC/NoPadding" );
+ ecipher.init( Cipher.ENCRYPT_MODE, desKey );
+ assertEquals( "Block size", 8, ecipher.getBlockSize() );
+ }
+
+
+ /**
+ * Tests that a CBC-mode Triple-DES cipher can be initialized.
+ *
+ * @throws Exception
+ */
+ public void testArcFourCipher() throws Exception
+ {
+ KeyGenerator keygen = KeyGenerator.getInstance( "ARCFOUR" );
+ SecretKey desKey = keygen.generateKey();
+
+ Cipher ecipher = Cipher.getInstance( "ARCFOUR" );
+ ecipher.init( Cipher.ENCRYPT_MODE, desKey );
+ assertEquals( "Block size", 0, ecipher.getBlockSize() );
+ }
+
+
+ /**
+ * Tests that a CTS-mode AES cipher can be initialized
+ * with an AES-128 key.
+ *
+ * @throws Exception
+ */
+ public void testAes128Cipher() throws Exception
+ {
+ KeyGenerator keyGenerator = KeyGenerator.getInstance( "AES" );
+ keyGenerator.init( 128 );
+
+ SecretKey key = keyGenerator.generateKey();
+
+ Cipher ecipher = Cipher.getInstance( "AES/CTS/NoPadding" );
+ ecipher.init( Cipher.ENCRYPT_MODE, key );
+ assertEquals( "Block size", 16, ecipher.getBlockSize() );
+ }
+
+
+ /**
+ * Tests that a CTS-mode AES cipher can be initialized
+ * with an AES-256 key.
+ *
+ * @throws Exception
+ */
+ public void testAes256Cipher() throws Exception
+ {
+ KeyGenerator keyGenerator = KeyGenerator.getInstance( "AES" );
+ keyGenerator.init( 256 );
+
+ SecretKey key = keyGenerator.generateKey();
+
+ try
+ {
+ Cipher ecipher = Cipher.getInstance( "AES/CTS/NoPadding" );
+ ecipher.init( Cipher.ENCRYPT_MODE, key );
+ assertEquals( "Block size", 16, ecipher.getBlockSize() );
+ }
+ catch ( InvalidKeyException ike )
+ {
+ // Without unlimited-strength crypto this will throw an exception.
+ }
+ }
+
+
+ /**
+ * Tests the generation of an HMAC-MD5 MAC.
+ *
+ * @throws Exception
+ */
+ public void testGenerateHmacMd5() throws Exception
+ {
+ KeyGenerator kg = KeyGenerator.getInstance( "HmacMD5" );
+ SecretKey sk = kg.generateKey();
+
+ Mac mac = Mac.getInstance( "HmacMD5" );
+ mac.init( sk );
+ byte[] result = mac.doFinal( "Hello world!".getBytes() );
+
+ assertEquals( "HmacMD5 size", 16, result.length );
+ }
+
+
+ /**
+ * Tests the generation of an HMAC-SHA1 MAC.
+ *
+ * @throws Exception
+ */
+ public void testGenerateHmacSha1() throws Exception
+ {
+ KeyGenerator kg = KeyGenerator.getInstance( "HmacSHA1" );
+ SecretKey sk = kg.generateKey();
+
+ Mac mac = Mac.getInstance( "HmacSHA1" );
+ mac.init( sk );
+ byte[] result = mac.doFinal( "Hi There".getBytes() );
+
+ assertEquals( "HmacSHA1 size", 20, result.length );
+ }
+
+
+ /**
+ * This method returns the available implementations for a service type.
+ *
+ * @param serviceType The type of the service.
+ * @return Array of the service types as Strings.
+ */
+ private static String[] getCryptoImpls( String serviceType )
+ {
+ Set<String> result = new HashSet<String>();
+
+ Provider[] providers = Security.getProviders();
+ for ( int i = 0; i < providers.length; i++ )
+ {
+ // Get services provided by each provider
+ Set keys = providers[i].keySet();
+ for ( Iterator it = keys.iterator(); it.hasNext(); )
+ {
+ String key = ( String ) it.next();
+ key = key.split( " " )[0];
+
+ if ( key.startsWith( serviceType + "." ) )
+ {
+ result.add( key.substring( serviceType.length() + 1 ) );
+ }
+ else if ( key.startsWith( "Alg.Alias." + serviceType + "." ) )
+ {
+ // This is an alias
+ result.add( key.substring( serviceType.length() + 11 ) );
+ }
+ }
+ }
+ return ( String[] ) result.toArray( new String[result.size()] );
+ }
+}
diff --git a/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NFoldTest.java b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NFoldTest.java
new file mode 100644
index 0000000..aae9e88
--- /dev/null
+++ b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/NFoldTest.java
@@ -0,0 +1,306 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.util.Arrays;
+
+import junit.framework.TestCase;
+
+
+/**
+ * Tests the use of "n-folding" using test vectors from RFC 3961,
+ * "Encryption and Checksum Specifications for Kerberos 5."
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class NFoldTest extends TestCase
+{
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFold1()
+ {
+ int n = 64;
+ String passPhrase = "012345";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 192, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0xbe, ( byte ) 0x07, ( byte ) 0x26, ( byte ) 0x31, ( byte ) 0x27, ( byte ) 0x6b, ( byte ) 0x19,
+ ( byte ) 0x55 };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFold2()
+ {
+ int n = 56;
+ String passPhrase = "password";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 448, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0x78, ( byte ) 0xa0, ( byte ) 0x7b, ( byte ) 0x6c, ( byte ) 0xaf, ( byte ) 0x85, ( byte ) 0xfa };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFold3()
+ {
+ int n = 64;
+ String passPhrase = "Rough Consensus, and Running Code";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 2112, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0xbb, ( byte ) 0x6e, ( byte ) 0xd3, ( byte ) 0x08, ( byte ) 0x70, ( byte ) 0xb7, ( byte ) 0xf0,
+ ( byte ) 0xe0 };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFold4()
+ {
+ int n = 168;
+ String passPhrase = "password";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 1344, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0x59, ( byte ) 0xe4, ( byte ) 0xa8, ( byte ) 0xca, ( byte ) 0x7c, ( byte ) 0x03, ( byte ) 0x85,
+ ( byte ) 0xc3, ( byte ) 0xc3, ( byte ) 0x7b, ( byte ) 0x3f, ( byte ) 0x6d, ( byte ) 0x20,
+ ( byte ) 0x00, ( byte ) 0x24, ( byte ) 0x7c, ( byte ) 0xb6, ( byte ) 0xe6, ( byte ) 0xbd,
+ ( byte ) 0x5b, ( byte ) 0x3e };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFold5()
+ {
+ int n = 192;
+ String passPhrase = "MASSACHVSETTS INSTITVTE OF TECHNOLOGY";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 7104, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0xdb, ( byte ) 0x3b, ( byte ) 0x0d, ( byte ) 0x8f, ( byte ) 0x0b, ( byte ) 0x06, ( byte ) 0x1e,
+ ( byte ) 0x60, ( byte ) 0x32, ( byte ) 0x82, ( byte ) 0xb3, ( byte ) 0x08, ( byte ) 0xa5,
+ ( byte ) 0x08, ( byte ) 0x41, ( byte ) 0x22, ( byte ) 0x9a, ( byte ) 0xd7, ( byte ) 0x98,
+ ( byte ) 0xfa, ( byte ) 0xb9, ( byte ) 0x54, ( byte ) 0x0c, ( byte ) 0x1b };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFold6()
+ {
+ int n = 168;
+ String passPhrase = "Q";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 168, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0x51, ( byte ) 0x8a, ( byte ) 0x54, ( byte ) 0xa2, ( byte ) 0x15, ( byte ) 0xa8, ( byte ) 0x45,
+ ( byte ) 0x2a, ( byte ) 0x51, ( byte ) 0x8a, ( byte ) 0x54, ( byte ) 0xa2, ( byte ) 0x15,
+ ( byte ) 0xa8, ( byte ) 0x45, ( byte ) 0x2a, ( byte ) 0x51, ( byte ) 0x8a, ( byte ) 0x54,
+ ( byte ) 0xa2, ( byte ) 0x15 };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFold7()
+ {
+ int n = 168;
+ String passPhrase = "ba";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 336, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0xfb, ( byte ) 0x25, ( byte ) 0xd5, ( byte ) 0x31, ( byte ) 0xae, ( byte ) 0x89, ( byte ) 0x74,
+ ( byte ) 0x49, ( byte ) 0x9f, ( byte ) 0x52, ( byte ) 0xfd, ( byte ) 0x92, ( byte ) 0xea,
+ ( byte ) 0x98, ( byte ) 0x57, ( byte ) 0xc4, ( byte ) 0xba, ( byte ) 0x24, ( byte ) 0xcf,
+ ( byte ) 0x29, ( byte ) 0x7e };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFoldKerberos64()
+ {
+ int n = 64;
+ String passPhrase = "kerberos";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 64, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0x6b, ( byte ) 0x65, ( byte ) 0x72, ( byte ) 0x62, ( byte ) 0x65, ( byte ) 0x72, ( byte ) 0x6f,
+ ( byte ) 0x73 };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFoldKerberos128()
+ {
+ int n = 128;
+ String passPhrase = "kerberos";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 128, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0x6b, ( byte ) 0x65, ( byte ) 0x72, ( byte ) 0x62, ( byte ) 0x65, ( byte ) 0x72, ( byte ) 0x6f,
+ ( byte ) 0x73, ( byte ) 0x7b, ( byte ) 0x9b, ( byte ) 0x5b, ( byte ) 0x2b, ( byte ) 0x93,
+ ( byte ) 0x13, ( byte ) 0x2b, ( byte ) 0x93 };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFoldKerberos168()
+ {
+ int n = 168;
+ String passPhrase = "kerberos";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 1344, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0x83, ( byte ) 0x72, ( byte ) 0xc2, ( byte ) 0x36, ( byte ) 0x34, ( byte ) 0x4e, ( byte ) 0x5f,
+ ( byte ) 0x15, ( byte ) 0x50, ( byte ) 0xcd, ( byte ) 0x07, ( byte ) 0x47, ( byte ) 0xe1,
+ ( byte ) 0x5d, ( byte ) 0x62, ( byte ) 0xca, ( byte ) 0x7a, ( byte ) 0x5a, ( byte ) 0x3b,
+ ( byte ) 0xce, ( byte ) 0xa4 };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Tests an n-fold test vector from RFC 3961.
+ */
+ public void testNFoldKerberos256()
+ {
+ int n = 256;
+ String passPhrase = "kerberos";
+
+ int k = passPhrase.getBytes().length * 8;
+ int lcm = NFold.getLcm( n, k );
+ assertEquals( "LCM", 256, lcm );
+
+ byte[] nFoldValue = NFold.nFold( n, passPhrase.getBytes() );
+
+ byte[] testVector =
+ { ( byte ) 0x6b, ( byte ) 0x65, ( byte ) 0x72, ( byte ) 0x62, ( byte ) 0x65, ( byte ) 0x72, ( byte ) 0x6f,
+ ( byte ) 0x73, ( byte ) 0x7b, ( byte ) 0x9b, ( byte ) 0x5b, ( byte ) 0x2b, ( byte ) 0x93,
+ ( byte ) 0x13, ( byte ) 0x2b, ( byte ) 0x93, ( byte ) 0x5c, ( byte ) 0x9b, ( byte ) 0xdc,
+ ( byte ) 0xda, ( byte ) 0xd9, ( byte ) 0x5c, ( byte ) 0x98, ( byte ) 0x99, ( byte ) 0xc4,
+ ( byte ) 0xca, ( byte ) 0xe4, ( byte ) 0xde, ( byte ) 0xe6, ( byte ) 0xd6, ( byte ) 0xca, ( byte ) 0xe4 };
+ assertTrue( Arrays.equals( nFoldValue, testVector ) );
+ }
+
+
+ /**
+ * Test one's complement addition (addition with end-around carry). Note
+ * that for purposes of n-folding, we do not actually complement the
+ * result of the addition.
+ */
+ public void testSum()
+ {
+ byte[] n1 =
+ { ( byte ) 0x86, ( byte ) 0x5E };
+ byte[] n2 =
+ { ( byte ) 0xAC, ( byte ) 0x60 };
+ byte[] n3 =
+ { ( byte ) 0x71, ( byte ) 0x2A };
+ byte[] n4 =
+ { ( byte ) 0x81, ( byte ) 0xB5 };
+
+ byte[] sum = NFold.sum( n1, n2, n1.length * 8 );
+ sum = NFold.sum( sum, n3, sum.length * 8 );
+ sum = NFold.sum( sum, n4, sum.length * 8 );
+
+ byte[] result = new byte[]
+ { ( byte ) 0x25, ( byte ) 0x9F };
+ assertTrue( Arrays.equals( sum, result ) );
+ }
+}
diff --git a/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java
new file mode 100644
index 0000000..47a5692
--- /dev/null
+++ b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/crypto/encryption/RandomKeyFactoryTest.java
@@ -0,0 +1,195 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.crypto.encryption;
+
+
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.DESKeySpec;
+
+import junit.framework.TestCase;
+
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+
+
+/**
+ * Test cases for random-to-key functions for DES-, DES3-, AES-, and RC4-based
+ * encryption types.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class RandomKeyFactoryTest extends TestCase
+{
+ /**
+ * Tests that random DES keys can be generated.
+ *
+ * @throws Exception
+ */
+ public void testGenerateDesKey() throws Exception
+ {
+ KeyGenerator keygen = KeyGenerator.getInstance( "DES" );
+ SecretKey key = keygen.generateKey();
+ assertEquals( "DES key size", 8, key.getEncoded().length );
+ assertTrue( DESKeySpec.isParityAdjusted( key.getEncoded(), 0 ) );
+ }
+
+
+ /**
+ * Tests that random Triple-DES keys can be generated.
+ *
+ * @throws Exception
+ */
+ public void testGenerateTripleDesKey() throws Exception
+ {
+ KeyGenerator keygen = KeyGenerator.getInstance( "DESede" );
+ SecretKey key = keygen.generateKey();
+ assertEquals( "DESede key size", 24, key.getEncoded().length );
+ }
+
+
+ /**
+ * Tests that random AES128 keys can be generated.
+ *
+ * @throws Exception
+ */
+ public void testGenerateAes128Key() throws Exception
+ {
+ KeyGenerator keygen = KeyGenerator.getInstance( "AES" );
+ keygen.init( 128 );
+ SecretKey key = keygen.generateKey();
+ assertEquals( "AES key size", 16, key.getEncoded().length );
+ }
+
+
+ /**
+ * Tests that random AES256 keys can be generated.
+ *
+ * @throws Exception
+ */
+ public void testGenerateAes256Key() throws Exception
+ {
+ KeyGenerator keygen = KeyGenerator.getInstance( "AES" );
+ keygen.init( 256 );
+ SecretKey key = keygen.generateKey();
+ assertEquals( "AES key size", 32, key.getEncoded().length );
+ }
+
+
+ /**
+ * Tests that random ARCFOUR keys can be generated.
+ *
+ * @throws Exception
+ */
+ public void testGenerateArcFourKey() throws Exception
+ {
+ KeyGenerator keygen = KeyGenerator.getInstance( "ARCFOUR" );
+ SecretKey key = keygen.generateKey();
+ assertEquals( "ARCFOUR key size", 16, key.getEncoded().length );
+ }
+
+
+ /**
+ * Tests that random RC4 keys can be generated.
+ *
+ * @throws Exception
+ */
+ public void testGenerateRc4Key() throws Exception
+ {
+ KeyGenerator keygen = KeyGenerator.getInstance( "RC4" );
+ SecretKey key = keygen.generateKey();
+ assertEquals( "RC4 key size", 16, key.getEncoded().length );
+ }
+
+
+ /**
+ * Tests that random key generation can be performed by the factory for multiple cipher types.
+ *
+ * @throws Exception
+ */
+ public void testRandomKeyFactory() throws Exception
+ {
+ Map<EncryptionType, EncryptionKey> map = RandomKeyFactory.getRandomKeys();
+
+ EncryptionKey kerberosKey = map.get( EncryptionType.DES_CBC_MD5 );
+
+ EncryptionType keyType = kerberosKey.getKeyType();
+ int keyLength = kerberosKey.getKeyValue().length;
+
+ assertEquals( keyType, EncryptionType.DES_CBC_MD5 );
+ assertEquals( keyLength, 8 );
+
+ kerberosKey = map.get( EncryptionType.DES3_CBC_SHA1_KD );
+ keyType = kerberosKey.getKeyType();
+ keyLength = kerberosKey.getKeyValue().length;
+
+ assertEquals( keyType, EncryptionType.DES3_CBC_SHA1_KD );
+ assertEquals( keyLength, 24 );
+
+ kerberosKey = map.get( EncryptionType.RC4_HMAC );
+ keyType = kerberosKey.getKeyType();
+ keyLength = kerberosKey.getKeyValue().length;
+
+ assertEquals( keyType, EncryptionType.RC4_HMAC );
+ assertEquals( keyLength, 16 );
+
+ kerberosKey = map.get( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
+ keyType = kerberosKey.getKeyType();
+ keyLength = kerberosKey.getKeyValue().length;
+
+ assertEquals( keyType, EncryptionType.AES128_CTS_HMAC_SHA1_96 );
+ assertEquals( keyLength, 16 );
+
+ kerberosKey = map.get( EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+ keyType = kerberosKey.getKeyType();
+ keyLength = kerberosKey.getKeyValue().length;
+
+ assertEquals( keyType, EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+ assertEquals( keyLength, 32 );
+ }
+
+
+ /**
+ * Tests that random key generation can be performed by the factory for a specified cipher type.
+ *
+ * @throws Exception
+ */
+ public void testRandomKeyFactoryOnlyDes() throws Exception
+ {
+ Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes.add( EncryptionType.DES_CBC_MD5 );
+
+ Map<EncryptionType, EncryptionKey> map = RandomKeyFactory.getRandomKeys( encryptionTypes );
+
+ assertEquals( "List length", 1, map.values().size() );
+
+ EncryptionKey kerberosKey = map.get( EncryptionType.DES_CBC_MD5 );
+
+ EncryptionType keyType = kerberosKey.getKeyType();
+ int keyLength = kerberosKey.getKeyValue().length;
+
+ assertEquals( keyType, EncryptionType.DES_CBC_MD5 );
+ assertEquals( keyLength, 8 );
+ }
+}
diff --git a/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/keytab/KeytabTest.java b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/keytab/KeytabTest.java
new file mode 100644
index 0000000..d1c369d
--- /dev/null
+++ b/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/keytab/KeytabTest.java
@@ -0,0 +1,180 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.keytab;
+
+
+import java.security.InvalidKeyException;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+import java.util.TimeZone;
+
+import javax.crypto.spec.DESKeySpec;
+
+import junit.framework.TestCase;
+
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
+import org.apache.mina.common.ByteBuffer;
+
+
+/**
+ * Tests 'keytab' formatted files.
+ *
+ * All values are in network byte order. All text is ASCII.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class KeytabTest extends TestCase
+{
+ private static final byte[] keytab1 = new byte[]
+ { ( byte ) 0x05, ( byte ) 0x02, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x3C, ( byte ) 0x00,
+ ( byte ) 0x02, ( byte ) 0x00, ( byte ) 0x0B, ( byte ) 0x45, ( byte ) 0x58, ( byte ) 0x41, ( byte ) 0x4D,
+ ( byte ) 0x50, ( byte ) 0x4C, ( byte ) 0x45, ( byte ) 0x2E, ( byte ) 0x43, ( byte ) 0x4F, ( byte ) 0x4D,
+ ( byte ) 0x00, ( byte ) 0x04, ( byte ) 0x6C, ( byte ) 0x64, ( byte ) 0x61, ( byte ) 0x70, ( byte ) 0x00,
+ ( byte ) 0x10, ( byte ) 0x77, ( byte ) 0x77, ( byte ) 0x77, ( byte ) 0x2E, ( byte ) 0x76, ( byte ) 0x65,
+ ( byte ) 0x72, ( byte ) 0x69, ( byte ) 0x73, ( byte ) 0x69, ( byte ) 0x67, ( byte ) 0x6E, ( byte ) 0x2E,
+ ( byte ) 0x63, ( byte ) 0x6F, ( byte ) 0x6D, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x01,
+ ( byte ) 0x45, ( byte ) 0xD9, ( byte ) 0x60, ( byte ) 0xBE, ( byte ) 0x01, ( byte ) 0x00, ( byte ) 0x03,
+ ( byte ) 0x00, ( byte ) 0x08, ( byte ) 0xD5, ( byte ) 0xE6, ( byte ) 0xC4, ( byte ) 0xD0, ( byte ) 0xFE,
+ ( byte ) 0x25, ( byte ) 0x07, ( byte ) 0x0D };
+
+ private static final byte[] keytab2 = new byte[]
+ { ( byte ) 0x05, ( byte ) 0x02, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x3C, ( byte ) 0x00,
+ ( byte ) 0x02, ( byte ) 0x00, ( byte ) 0x0B, ( byte ) 0x45, ( byte ) 0x58, ( byte ) 0x41, ( byte ) 0x4D,
+ ( byte ) 0x50, ( byte ) 0x4C, ( byte ) 0x45, ( byte ) 0x2E, ( byte ) 0x43, ( byte ) 0x4F, ( byte ) 0x4D,
+ ( byte ) 0x00, ( byte ) 0x04, ( byte ) 0x48, ( byte ) 0x54, ( byte ) 0x54, ( byte ) 0x50, ( byte ) 0x00,
+ ( byte ) 0x10, ( byte ) 0x77, ( byte ) 0x77, ( byte ) 0x77, ( byte ) 0x2E, ( byte ) 0x76, ( byte ) 0x65,
+ ( byte ) 0x72, ( byte ) 0x69, ( byte ) 0x73, ( byte ) 0x69, ( byte ) 0x67, ( byte ) 0x6E, ( byte ) 0x2E,
+ ( byte ) 0x63, ( byte ) 0x6F, ( byte ) 0x6D, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x01,
+ ( byte ) 0x45, ( byte ) 0xD7, ( byte ) 0x96, ( byte ) 0x79, ( byte ) 0x04, ( byte ) 0x00, ( byte ) 0x03,
+ ( byte ) 0x00, ( byte ) 0x08, ( byte ) 0x13, ( byte ) 0xD9, ( byte ) 0x19, ( byte ) 0x98, ( byte ) 0x23,
+ ( byte ) 0x8F, ( byte ) 0x9E, ( byte ) 0x31 };
+
+ private static final TimeZone UTC_TIME_ZONE = TimeZone.getTimeZone( "UTC" );
+
+ private static final SimpleDateFormat dateFormat = new SimpleDateFormat( "yyyyMMddHHmmss'Z'" );
+
+ static
+ {
+ dateFormat.setTimeZone( UTC_TIME_ZONE );
+ }
+
+
+ /**
+ * Read the first keytab test bytes and check for the presence of a valid DES key.
+ *
+ * @throws Exception
+ */
+ public void testReadKeytab1() throws Exception
+ {
+ Keytab keytab = Keytab.read( keytab1 );
+
+ assertTrue( "Keytab version", Arrays.equals( Keytab.VERSION_52, keytab.getKeytabVersion() ) );
+ assertEquals( "Entries size", 1, keytab.getEntries().size() );
+
+ KeytabEntry entry = keytab.getEntries().get( 0 );
+ EncryptionKey key = entry.getKey();
+
+ try
+ {
+ assertTrue( DESKeySpec.isParityAdjusted( key.getKeyValue(), 0 ) );
+ }
+ catch ( InvalidKeyException ike )
+ {
+ fail( "Key is invalid." );
+ }
+ }
+
+
+ /**
+ * Read the second keytab test bytes and check for the presence of a valid DES key.
+ *
+ * @throws Exception
+ */
+ public void testReadKeytab2() throws Exception
+ {
+ Keytab keytab = Keytab.read( keytab2 );
+
+ assertTrue( "Keytab version", Arrays.equals( Keytab.VERSION_52, keytab.getKeytabVersion() ) );
+ assertEquals( "Entries size", 1, keytab.getEntries().size() );
+
+ KeytabEntry entry = keytab.getEntries().get( 0 );
+ EncryptionKey key = entry.getKey();
+
+ try
+ {
+ assertTrue( DESKeySpec.isParityAdjusted( key.getKeyValue(), 0 ) );
+ }
+ catch ( InvalidKeyException ike )
+ {
+ fail( "Key is invalid." );
+ }
+ }
+
+
+ /**
+ * Test the writing of a keytab file.
+ *
+ * @throws Exception
+ */
+ public void testWriteKeytab() throws Exception
+ {
+ List<KeytabEntry> entries = new ArrayList<KeytabEntry>();
+
+ entries.add( getEntry1() );
+ entries.add( getEntry1() );
+
+ Keytab writer = Keytab.getInstance();
+ writer.setEntries( entries );
+ ByteBuffer buffer = writer.write();
+ assertEquals( "Expected file size.", 130, buffer.limit() );
+ }
+
+
+ private KeytabEntry getEntry1() throws ParseException
+ {
+ String principalName = "HTTP/www.verisign.com@EXAMPLE.COM";
+ long principalType = 1;
+
+ String zuluTime = "20070217235745Z";
+ Date date = null;
+ synchronized ( dateFormat )
+ {
+ date = dateFormat.parse( zuluTime );
+ }
+
+ KerberosTime timeStamp = new KerberosTime( date );
+
+ byte keyVersion = 1;
+ String passPhrase = "secret";
+ Map<EncryptionType, EncryptionKey> keys = KerberosKeyFactory.getKerberosKeys( principalName, passPhrase );
+ EncryptionKey key = keys.get( EncryptionType.DES_CBC_MD5 );
+
+ return new KeytabEntry( principalName, principalType, timeStamp, keyVersion, key );
+ }
+}
diff --git a/mitosis/pom.xml b/mitosis/pom.xml
index 0d9db7e..eb6109f 100644
--- a/mitosis/pom.xml
+++ b/mitosis/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>mitosis</artifactId>
<name>ApacheDS replication</name>
diff --git a/mitosis/src/main/java/org/apache/directory/mitosis/common/Constants.java b/mitosis/src/main/java/org/apache/directory/mitosis/common/Constants.java
index b1123fb..f388616 100644
--- a/mitosis/src/main/java/org/apache/directory/mitosis/common/Constants.java
+++ b/mitosis/src/main/java/org/apache/directory/mitosis/common/Constants.java
@@ -56,12 +56,6 @@
public static final String ENTRY_DELETED = "entryDeleted";
/**
- * The OID of <tt>objectClass</tt> class.
- */
- public static final String OBJECT_CLASS_OID = "2.5.4.0";
-
-
- /**
* A {@link SearchResultFilter} that filters out the entries whose
* {@link #ENTRY_DELETED} attribute is <tt>true</tt>.
*/
diff --git a/mitosis/src/main/java/org/apache/directory/mitosis/operation/AddAttributeOperation.java b/mitosis/src/main/java/org/apache/directory/mitosis/operation/AddAttributeOperation.java
index 2957ecd..5dc981c 100644
--- a/mitosis/src/main/java/org/apache/directory/mitosis/operation/AddAttributeOperation.java
+++ b/mitosis/src/main/java/org/apache/directory/mitosis/operation/AddAttributeOperation.java
@@ -25,8 +25,10 @@
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.shared.ldap.message.AttributesImpl;
+import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.mitosis.common.CSN;
@@ -62,6 +64,7 @@
{
Attributes attrs = new AttributesImpl( true );
attrs.put( getAttribute() );
- nexus.modify( getName(), DirContext.ADD_ATTRIBUTE, attrs );
+ ModificationItemImpl[] items = ModifyOperationContext.createModItems( attrs, DirContext.ADD_ATTRIBUTE );
+ nexus.modify( new ModifyOperationContext( getName(), items ) );
}
}
diff --git a/mitosis/src/main/java/org/apache/directory/mitosis/operation/AddEntryOperation.java b/mitosis/src/main/java/org/apache/directory/mitosis/operation/AddEntryOperation.java
index 956497c..359540d 100644
--- a/mitosis/src/main/java/org/apache/directory/mitosis/operation/AddEntryOperation.java
+++ b/mitosis/src/main/java/org/apache/directory/mitosis/operation/AddEntryOperation.java
@@ -28,6 +28,10 @@
import org.apache.directory.mitosis.common.CSN;
import org.apache.directory.mitosis.operation.support.EntryUtil;
import org.apache.directory.mitosis.store.ReplicationStore;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.DeleteOperationContext;
+import org.apache.directory.server.core.interceptor.context.ListOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -77,10 +81,12 @@
{
return;
}
+
EntryUtil.createGlueEntries( nexus, normalizedName, false );
// Replace the entry if an entry with the same name exists.
- Attributes oldEntry = nexus.lookup( normalizedName );
+ Attributes oldEntry = nexus.lookup( new LookupOperationContext( normalizedName ) );
+
if ( oldEntry != null )
{
recursiveDelete( nexus, normalizedName, registry );
@@ -92,7 +98,7 @@
// when we put a new one.
entry.remove( NamespaceTools.getRdnAttribute( rdn ) );
entry.put( NamespaceTools.getRdnAttribute( rdn ), NamespaceTools.getRdnValue( rdn ) );
- nexus.add( normalizedName, entry );
+ nexus.add( new AddOperationContext( normalizedName, entry ) );
}
@@ -100,10 +106,10 @@
private void recursiveDelete( PartitionNexus nexus, LdapDN normalizedName, AttributeTypeRegistry registry )
throws NamingException
{
- NamingEnumeration<SearchResult> ne = nexus.list( normalizedName );
+ NamingEnumeration<SearchResult> ne = nexus.list( new ListOperationContext( normalizedName ) );
if ( !ne.hasMore() )
{
- nexus.delete( normalizedName );
+ nexus.delete( new DeleteOperationContext( normalizedName ) );
return;
}
@@ -115,6 +121,6 @@
recursiveDelete( nexus, dn, registry );
}
- nexus.delete( normalizedName );
+ nexus.delete( new DeleteOperationContext( normalizedName ) );
}
}
diff --git a/mitosis/src/main/java/org/apache/directory/mitosis/operation/DeleteAttributeOperation.java b/mitosis/src/main/java/org/apache/directory/mitosis/operation/DeleteAttributeOperation.java
index 807e7b7..5540926 100644
--- a/mitosis/src/main/java/org/apache/directory/mitosis/operation/DeleteAttributeOperation.java
+++ b/mitosis/src/main/java/org/apache/directory/mitosis/operation/DeleteAttributeOperation.java
@@ -25,8 +25,10 @@
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.shared.ldap.message.AttributesImpl;
+import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.mitosis.common.CSN;
@@ -62,6 +64,8 @@
{
Attributes attrs = new AttributesImpl( true );
attrs.put( getAttribute() );
- nexus.modify( getName(), DirContext.REMOVE_ATTRIBUTE, attrs );
+ ModificationItemImpl[] items = ModifyOperationContext.createModItems( attrs, DirContext.REMOVE_ATTRIBUTE );
+
+ nexus.modify( new ModifyOperationContext( getName(), items ) );
}
}
diff --git a/mitosis/src/main/java/org/apache/directory/mitosis/operation/OperationFactory.java b/mitosis/src/main/java/org/apache/directory/mitosis/operation/OperationFactory.java
index 42c4b9f..bb30bd6 100644
--- a/mitosis/src/main/java/org/apache/directory/mitosis/operation/OperationFactory.java
+++ b/mitosis/src/main/java/org/apache/directory/mitosis/operation/OperationFactory.java
@@ -33,7 +33,13 @@
import javax.naming.directory.SearchResult;
import org.apache.directory.server.core.DirectoryServiceConfiguration;
+import org.apache.directory.server.core.interceptor.context.EntryOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.filter.PresenceNode;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.ModificationItemImpl;
@@ -153,39 +159,15 @@
* sets {@link Constants#ENTRY_DELETED} to "false" to resurrect the
* entry the modified attributes belong to.
*/
- public Operation newModify( LdapDN normalizedName, int modOp, Attributes attributes )
+ public Operation newModify( OperationContext opContext )
{
+ ModificationItemImpl[] items = ((ModifyOperationContext)opContext).getModItems();
+ LdapDN normalizedName = opContext.getDn();
+
CSN csn = newCSN();
CompositeOperation result = new CompositeOperation( csn );
- NamingEnumeration e = attributes.getAll();
- // Transform into multiple {@link AttributeOperation}s.
- while ( e.hasMoreElements() )
- {
- Attribute attr = ( Attribute ) e.nextElement();
- result.add( newModify( csn, normalizedName, modOp, attr ) );
- }
-
- // Resurrect the entry in case it is deleted.
- result.add( new ReplaceAttributeOperation( csn, normalizedName, new AttributeImpl( Constants.ENTRY_DELETED,
- "false" ) ) );
-
- return addDefaultOperations( result, null, normalizedName );
- }
-
-
- /**
- * Returns a new {@link Operation} that performs "modify" operation.
- *
- * @return a {@link CompositeOperation} that consists of one or more
- * {@link AttributeOperation}s and one additional operation that
- * sets {@link Constants#ENTRY_DELETED} to "false" to resurrect the
- * entry the modified attributes belong to.
- */
- public Operation newModify( LdapDN normalizedName, ModificationItemImpl[] items )
- {
- CSN csn = newCSN();
- CompositeOperation result = new CompositeOperation( csn );
- final int length = items.length;
+ int length = items.length;
+
// Transform into multiple {@link AttributeOperation}s.
for ( int i = 0; i < length; i++ )
{
@@ -273,7 +255,8 @@
// Retrieve all subtree including the base entry
SearchControls ctrl = new SearchControls();
ctrl.setSearchScope( SearchControls.SUBTREE_SCOPE );
- NamingEnumeration e = nexus.search( oldName, environment, new PresenceNode( Constants.OBJECT_CLASS_OID ), ctrl );
+ NamingEnumeration e = nexus.search(
+ new SearchOperationContext( oldName, environment, new PresenceNode( SchemaConstants.OBJECT_CLASS_AT_OID ), ctrl ) );
while ( e.hasMore() )
{
@@ -322,9 +305,9 @@
*/
private void checkBeforeAdd( LdapDN newEntryName ) throws NamingException
{
- if ( nexus.hasEntry( newEntryName ) )
+ if ( nexus.hasEntry( new EntryOperationContext( newEntryName ) ) )
{
- Attributes entry = nexus.lookup( newEntryName );
+ Attributes entry = nexus.lookup( new LookupOperationContext( newEntryName ) );
Attribute deleted = entry.get( Constants.ENTRY_DELETED );
Object value = deleted == null ? null : deleted.get();
diff --git a/mitosis/src/main/java/org/apache/directory/mitosis/operation/ReplaceAttributeOperation.java b/mitosis/src/main/java/org/apache/directory/mitosis/operation/ReplaceAttributeOperation.java
index 4a84340..0f45343 100644
--- a/mitosis/src/main/java/org/apache/directory/mitosis/operation/ReplaceAttributeOperation.java
+++ b/mitosis/src/main/java/org/apache/directory/mitosis/operation/ReplaceAttributeOperation.java
@@ -25,8 +25,10 @@
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.shared.ldap.message.AttributesImpl;
+import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.mitosis.common.CSN;
@@ -62,6 +64,8 @@
{
Attributes attrs = new AttributesImpl( true );
attrs.put( getAttribute() );
- nexus.modify( getName(), DirContext.REPLACE_ATTRIBUTE, attrs );
+ ModificationItemImpl[] items = ModifyOperationContext.createModItems( attrs, DirContext.REPLACE_ATTRIBUTE );
+
+ nexus.modify( new ModifyOperationContext( getName(), items ) );
}
}
diff --git a/mitosis/src/main/java/org/apache/directory/mitosis/operation/support/EntryUtil.java b/mitosis/src/main/java/org/apache/directory/mitosis/operation/support/EntryUtil.java
index b0c9ec5..da3ce6b 100644
--- a/mitosis/src/main/java/org/apache/directory/mitosis/operation/support/EntryUtil.java
+++ b/mitosis/src/main/java/org/apache/directory/mitosis/operation/support/EntryUtil.java
@@ -25,7 +25,11 @@
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.EntryOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
import org.apache.directory.server.core.partition.PartitionNexus;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
@@ -40,7 +44,7 @@
@SuppressWarnings("unchecked")
public static boolean isEntryUpdatable( PartitionNexus nexus, LdapDN name, CSN newCSN ) throws NamingException
{
- Attributes entry = nexus.lookup( name );
+ Attributes entry = nexus.lookup( new LookupOperationContext( name ) );
if ( entry == null )
{
@@ -92,7 +96,7 @@
{
try
{
- if ( nexus.hasEntry( name ) )
+ if ( nexus.hasEntry( new EntryOperationContext( name ) ) )
{
return;
}
@@ -113,13 +117,13 @@
entry.put( rdnAttribute, rdnValue );
//// Add objectClass attribute.
- Attribute objectClassAttr = new AttributeImpl( "objectClass" );
- objectClassAttr.add( "top" );
- objectClassAttr.add( "extensibleObject" );
+ Attribute objectClassAttr = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClassAttr.add( SchemaConstants.TOP_OC );
+ objectClassAttr.add( SchemaConstants.EXTENSIBLE_OBJECT_OC );
entry.put( objectClassAttr );
// And add it to the nexus.
- nexus.add( name, entry );
+ nexus.add( new AddOperationContext( name, entry ) );
}
diff --git a/mitosis/src/main/java/org/apache/directory/mitosis/service/ReplicationService.java b/mitosis/src/main/java/org/apache/directory/mitosis/service/ReplicationService.java
index d4d8800..d0dd135 100644
--- a/mitosis/src/main/java/org/apache/directory/mitosis/service/ReplicationService.java
+++ b/mitosis/src/main/java/org/apache/directory/mitosis/service/ReplicationService.java
@@ -56,15 +56,21 @@
import org.apache.directory.server.core.interceptor.BaseInterceptor;
import org.apache.directory.server.core.interceptor.Interceptor;
import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.DeleteOperationContext;
+import org.apache.directory.server.core.interceptor.context.GetMatchedNameOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
import org.apache.directory.server.core.invocation.InvocationStack;
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapNameNotFoundException;
import org.apache.directory.shared.ldap.filter.ExprNode;
import org.apache.directory.shared.ldap.filter.FilterParser;
import org.apache.directory.shared.ldap.filter.FilterParserImpl;
import org.apache.directory.shared.ldap.filter.PresenceNode;
-import org.apache.directory.shared.ldap.message.ModificationItemImpl;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.mina.common.IoAcceptor;
import org.apache.mina.filter.LoggingFilter;
@@ -134,6 +140,10 @@
public class ReplicationService extends BaseInterceptor
{
private static final Logger log = LoggerFactory.getLogger( ReplicationService.class );
+
+ /** The service name */
+ public static final String NAME = "replicationService";
+
private static final String ENTRY_CSN_OID = "1.3.6.1.4.1.18060.0.4.1.2.30";
private static final String ENTRY_DELETED_OID = "1.3.6.1.4.1.18060.0.4.1.2.31";
@@ -269,7 +279,7 @@
*/
public void purgeAgedData() throws NamingException
{
- Attributes rootDSE = nexus.getRootDSE();
+ Attributes rootDSE = nexus.getRootDSE( null );
Attribute namingContextsAttr = rootDSE.get( "namingContexts" );
if ( namingContextsAttr == null || namingContextsAttr.size() == 0 )
{
@@ -327,7 +337,8 @@
ctrl.setSearchScope( SearchControls.SUBTREE_SCOPE );
ctrl.setReturningAttributes( new String[] { "entryCSN", "entryDeleted" } );
- NamingEnumeration e = nexus.search( contextName, directoryServiceConfiguration.getEnvironment(), filter, ctrl );
+ NamingEnumeration e = nexus.search(
+ new SearchOperationContext( contextName, directoryServiceConfiguration.getEnvironment(), filter, ctrl ) );
List<LdapDN> names = new ArrayList<LdapDN>();
try
@@ -353,9 +364,9 @@
LdapDN name = it.next();
try
{
- Attributes entry = nexus.lookup( name );
+ Attributes entry = nexus.lookup( new LookupOperationContext( name ) );
log.info( "Purge: " + name + " (" + entry + ')' );
- nexus.delete( name );
+ nexus.delete( new DeleteOperationContext( name ) );
}
catch ( NamingException ex )
{
@@ -365,9 +376,9 @@
}
- public void add( NextInterceptor nextInterceptor, LdapDN normalizedName, Attributes entry ) throws NamingException
+ public void add( NextInterceptor nextInterceptor, OperationContext addContext ) throws NamingException
{
- Operation op = operationFactory.newAdd( normalizedName, entry );
+ Operation op = operationFactory.newAdd( addContext.getDn(), ((AddOperationContext)addContext).getEntry() );
op.execute( nexus, store, attrRegistry );
}
@@ -379,16 +390,9 @@
}
- public void modify( NextInterceptor next, LdapDN name, int modOp, Attributes attrs ) throws NamingException
+ public void modify( NextInterceptor next, OperationContext modifyContext ) throws NamingException
{
- Operation op = operationFactory.newModify( name, modOp, attrs );
- op.execute( nexus, store, attrRegistry );
- }
-
-
- public void modify( NextInterceptor next, LdapDN name, ModificationItemImpl[] items ) throws NamingException
- {
- Operation op = operationFactory.newModify( name, items );
+ Operation op = operationFactory.newModify( modifyContext );
op.execute( nexus, store, attrRegistry );
}
@@ -416,10 +420,10 @@
}
- public boolean hasEntry( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public boolean hasEntry( NextInterceptor nextInterceptor, OperationContext entryContext ) throws NamingException
{
// Ask others first.
- boolean hasEntry = nextInterceptor.hasEntry( name );
+ boolean hasEntry = nextInterceptor.hasEntry( entryContext );
// If the entry exists,
if ( hasEntry )
@@ -427,7 +431,7 @@
// Check DELETED attribute.
try
{
- Attributes entry = nextInterceptor.lookup( name );
+ Attributes entry = nextInterceptor.lookup( new LookupOperationContext( entryContext.getDn() ) );
hasEntry = !isDeleted( entry );
}
catch ( NameNotFoundException e )
@@ -441,39 +445,38 @@
}
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name ) throws NamingException
+ public Attributes lookup( NextInterceptor nextInterceptor, OperationContext lookupContext ) throws NamingException
{
- Attributes result = nextInterceptor.lookup( name );
- ensureNotDeleted( name, result );
- return result;
- }
-
-
- public Attributes lookup( NextInterceptor nextInterceptor, LdapDN name, String[] attrIds ) throws NamingException
- {
- boolean found = false;
+ LookupOperationContext ctx = ((LookupOperationContext)lookupContext);
- // Look for 'entryDeleted' attribute is in attrIds.
- for ( int i = 0; i < attrIds.length; i++ )
+ if ( ctx.getAttrsId() != null )
{
- if ( Constants.ENTRY_DELETED.equals( attrIds[i] ) )
+ boolean found = false;
+
+ String[] attrIds = ctx.getAttrsIdArray();
+
+ // Look for 'entryDeleted' attribute is in attrIds.
+ for ( String attrId:attrIds )
{
- found = true;
- break;
+ if ( Constants.ENTRY_DELETED.equals( attrId ) )
+ {
+ found = true;
+ break;
+ }
+ }
+
+ // If not exists, add one.
+ if ( !found )
+ {
+ String[] newAttrIds = new String[attrIds.length + 1];
+ System.arraycopy( attrIds, 0, newAttrIds, 0, attrIds.length );
+ newAttrIds[attrIds.length] = Constants.ENTRY_DELETED;
+ ctx.setAttrsId( newAttrIds );
}
}
-
- // If not exists, add one.
- if ( !found )
- {
- String[] newAttrIds = new String[attrIds.length + 1];
- System.arraycopy( attrIds, 0, newAttrIds, 0, attrIds.length );
- newAttrIds[attrIds.length] = Constants.ENTRY_DELETED;
- attrIds = newAttrIds;
- }
-
- Attributes result = nextInterceptor.lookup( name, attrIds );
- ensureNotDeleted( name, result );
+
+ Attributes result = nextInterceptor.lookup( lookupContext );
+ ensureNotDeleted( ctx.getDn(), result );
return result;
}
@@ -482,12 +485,13 @@
{
DirContext ctx = ( DirContext ) InvocationStack.getInstance().peek().getCaller();
NamingEnumeration e = nextInterceptor.search(
+ new SearchOperationContext(
baseName, ctx.getEnvironment(),
- new PresenceNode( Constants.OBJECT_CLASS_OID ),
- new SearchControls() );
+ new PresenceNode( SchemaConstants.OBJECT_CLASS_AT_OID ),
+ new SearchControls() ) );
return new SearchResultFilteringEnumeration( e, new SearchControls(), InvocationStack.getInstance().peek(),
- Constants.DELETED_ENTRIES_FILTER );
+ Constants.DELETED_ENTRIES_FILTER, "List replication filter" );
}
@@ -503,9 +507,10 @@
searchControls.setReturningAttributes( newAttrIds );
}
- NamingEnumeration e = nextInterceptor.search( baseName, environment, filter, searchControls );
+ NamingEnumeration e = nextInterceptor.search(
+ new SearchOperationContext( baseName, environment, filter, searchControls ) );
return new SearchResultFilteringEnumeration( e, searchControls, InvocationStack.getInstance().peek(),
- Constants.DELETED_ENTRIES_FILTER );
+ Constants.DELETED_ENTRIES_FILTER, "Search Replication filter" );
}
@@ -513,8 +518,8 @@
{
if ( isDeleted( entry ) )
{
- LdapNameNotFoundException e = new LdapNameNotFoundException( "Deleted entry: " + name );
- e.setResolvedName( nexus.getMatchedName( name ) );
+ LdapNameNotFoundException e = new LdapNameNotFoundException( "Deleted entry: " + name.getUpName() );
+ e.setResolvedName( nexus.getMatchedName( new GetMatchedNameOperationContext( name ) ) );
throw e;
}
}
diff --git a/mitosis/src/main/java/org/apache/directory/mitosis/service/protocol/handler/ReplicationClientContextHandler.java b/mitosis/src/main/java/org/apache/directory/mitosis/service/protocol/handler/ReplicationClientContextHandler.java
index 90fa13c..6144ea2 100644
--- a/mitosis/src/main/java/org/apache/directory/mitosis/service/protocol/handler/ReplicationClientContextHandler.java
+++ b/mitosis/src/main/java/org/apache/directory/mitosis/service/protocol/handler/ReplicationClientContextHandler.java
@@ -53,6 +53,8 @@
import org.apache.directory.mitosis.service.protocol.message.LoginMessage;
import org.apache.directory.mitosis.store.ReplicationLogIterator;
import org.apache.directory.mitosis.store.ReplicationStore;
+import org.apache.directory.server.core.interceptor.context.SearchOperationContext;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.filter.PresenceNode;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.mina.common.IdleStatus;
@@ -310,7 +312,7 @@
private void sendAllEntries( ReplicationContext ctx ) throws NamingException
{
- Attributes rootDSE = ctx.getServiceConfiguration().getPartitionNexus().getRootDSE();
+ Attributes rootDSE = ctx.getServiceConfiguration().getPartitionNexus().getRootDSE( null );
Attribute namingContextsAttr = rootDSE.get( "namingContexts" );
if ( namingContextsAttr == null || namingContextsAttr.size() == 0 )
@@ -351,9 +353,10 @@
// Retrieve all subtree including the base entry
SearchControls ctrl = new SearchControls();
ctrl.setSearchScope( SearchControls.SUBTREE_SCOPE );
- NamingEnumeration e = ctx.getServiceConfiguration().getPartitionNexus().search( contextName,
+ NamingEnumeration e = ctx.getServiceConfiguration().getPartitionNexus().search(
+ new SearchOperationContext( contextName,
ctx.getServiceConfiguration().getEnvironment(),
- new PresenceNode( org.apache.directory.mitosis.common.Constants.OBJECT_CLASS_OID ), ctrl );
+ new PresenceNode( SchemaConstants.OBJECT_CLASS_AT_OID ), ctrl ) );
try
{
diff --git a/mitosis/src/main/resources/META-INF/LICENSE.txt b/mitosis/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..c13db16
--- /dev/null
+++ b/mitosis/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,301 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/mitosis/src/main/resources/META-INF/NOTICE.txt b/mitosis/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..b994cd5
--- /dev/null
+++ b/mitosis/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,13 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
+This product uses Quartz.
+(http://www.opensymphony.com/quartz/)
diff --git a/pom.xml b/pom.xml
index 33893de..c425a21 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,12 +5,12 @@
<parent>
<groupId>org.apache.directory</groupId>
<artifactId>build</artifactId>
- <version>1.0.6</version>
+ <version>1.0.7-SNAPSHOT</version>
</parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
<name>ApacheDS</name>
<packaging>pom</packaging>
@@ -60,24 +60,30 @@
<dependency>
<groupId>org.apache.directory.shared</groupId>
<artifactId>shared-asn1-codec</artifactId>
- <version>0.9.6-SNAPSHOT</version>
+ <version>0.9.7-SNAPSHOT</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.directory.shared</groupId>
+ <artifactId>shared-ldap-constants</artifactId>
+ <version>0.9.7-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.apache.directory.daemon</groupId>
<artifactId>daemon-bootstrappers</artifactId>
- <version>1.1.0-SNAPSHOT</version>
+ <version>1.1.1-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.apache.mina</groupId>
<artifactId>mina-core</artifactId>
- <version>1.0.1</version>
+ <version>1.0.2</version>
</dependency>
<dependency>
<groupId>org.apache.mina</groupId>
<artifactId>mina-filter-ssl</artifactId>
- <version>1.0.1</version>
+ <version>1.0.2</version>
</dependency>
<dependency>
@@ -141,11 +147,6 @@
<version>3.8.1</version>
</dependency>
<dependency>
- <groupId>bouncycastle</groupId>
- <artifactId>lcrypto-jdk14</artifactId>
- <version>131</version>
- </dependency>
- <dependency>
<groupId>quartz</groupId>
<artifactId>quartz</artifactId>
<version>1.5.2</version>
@@ -206,13 +207,14 @@
<dependency>
<groupId>org.apache.directory.shared</groupId>
<artifactId>shared-ldap</artifactId>
- <version>0.9.6-SNAPSHOT</version>
+ <version>0.9.7-SNAPSHOT</version>
</dependency>
</dependencies>
<modules>
<!-- module>maven-osgi-plugin</module-->
+ <module>bootstrap-extract</module>
<module>bootstrap-partition</module>
<module>bootstrap-plugin</module>
<module>schema-extras</module>
diff --git a/protocol-changepw/pom.xml b/protocol-changepw/pom.xml
index d24ea20..047a968 100644
--- a/protocol-changepw/pom.xml
+++ b/protocol-changepw/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-protocol-changepw</artifactId>
<name>ApacheDS Protocol Change Password</name>
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java
index 9e7683a..eb89852 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/ChangePasswordServer.java
@@ -52,8 +52,17 @@
private IoHandler handler;
- public ChangePasswordServer(ChangePasswordConfiguration config, IoAcceptor acceptor, IoServiceConfig serviceConfig,
- PrincipalStore store)
+
+ /**
+ * Creates a new instance of ChangePasswordServer.
+ *
+ * @param config
+ * @param acceptor
+ * @param serviceConfig
+ * @param store
+ */
+ public ChangePasswordServer( ChangePasswordConfiguration config, IoAcceptor acceptor,
+ IoServiceConfig serviceConfig, PrincipalStore store )
{
this.config = config;
this.acceptor = acceptor;
@@ -77,12 +86,21 @@
}
+ /**
+ * Returns whether configuration being proposed as new is really different.
+ *
+ * @param newConfig
+ * @return Whether configuration being proposed as new is really different.
+ */
public boolean isDifferent( Dictionary newConfig )
{
return config.isDifferent( newConfig );
}
+ /**
+ * Destroys this instance of {@link ChangePasswordServer}.
+ */
public void destroy()
{
acceptor.unbind( new InetSocketAddress( config.getIpPort() ) );
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/exceptions/ErrorType.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/exceptions/ErrorType.java
index 87a2da2..262752a 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/exceptions/ErrorType.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/exceptions/ErrorType.java
@@ -34,43 +34,78 @@
*/
public final class ErrorType implements Comparable
{
- /*
- * Enumeration elements are constructed once upon class loading.
- * Order of appearance here determines the order of compareTo.
+ /**
+ * Constant for the "Request failed due to being malformed" error type.
*/
public static final ErrorType KRB5_KPASSWD_MALFORMED = new ErrorType( 1, "Request failed due to being malformed." );
+
+ /**
+ * Constant for the "Request failed due to a hard error in processing the request" error type.
+ */
public static final ErrorType KRB5_KPASSWD_HARDERROR = new ErrorType( 2,
"Request failed due to a hard error in processing the request." );
+
+ /**
+ * Constant for the "Request failed due to an error in authentication processing" error type.
+ */
public static final ErrorType KRB5_KPASSWD_AUTHERROR = new ErrorType( 3,
"Request failed due to an error in authentication processing." );
+
+ /**
+ * Constant for the "Request failed due to a soft error in processing the request" error type.
+ */
public static final ErrorType KRB5_KPASSWD_SOFTERROR = new ErrorType( 4,
"Request failed due to a soft error in processing the request." );
+
+ /**
+ * Constant for the "Requestor not authorized" error type.
+ */
public static final ErrorType KRB5_KPASSWD_ACCESSDENIED = new ErrorType( 5, "Requestor not authorized." );
+
+ /**
+ * Constant for the "Protocol version unsupported" error type.
+ */
public static final ErrorType KRB5_KPASSWD_BAD_VERSION = new ErrorType( 6, "Protocol version unsupported." );
+
+ /**
+ * Constant for the "Initial flag required" error type.
+ */
public static final ErrorType KRB5_KPASSWD_INITIAL_FLAG_NEEDED = new ErrorType( 7, "Initial flag required." );
+
+ /**
+ * Constant for the "Request failed for an unknown reason" error type.
+ */
public static final ErrorType KRB5_KPASSWD_UNKNOWN_ERROR = new ErrorType( 8,
"Request failed for an unknown reason." );
- /** Array for building a List of VALUES. */
+ /**
+ * Array for building a List of VALUES.
+ */
private static final ErrorType[] values =
{ KRB5_KPASSWD_MALFORMED, KRB5_KPASSWD_HARDERROR, KRB5_KPASSWD_AUTHERROR, KRB5_KPASSWD_SOFTERROR,
KRB5_KPASSWD_ACCESSDENIED, KRB5_KPASSWD_BAD_VERSION, KRB5_KPASSWD_INITIAL_FLAG_NEEDED,
KRB5_KPASSWD_UNKNOWN_ERROR };
- /** a list of all the error type constants */
+ /**
+ * A list of all the error type constants.
+ */
public static final List VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
- /** the name of the error type */
+ /**
+ * The name of the error type.
+ */
private final String name;
- /** the value/code for the error type */
+ /**
+ * The value/code for the error type.
+ */
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
- private ErrorType(int ordinal, String name)
+ private ErrorType( int ordinal, String name )
{
this.ordinal = ordinal;
this.name = name;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordDataDecoder.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordDataDecoder.java
index 4b017c4..0c91819 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordDataDecoder.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordDataDecoder.java
@@ -41,6 +41,13 @@
*/
public class ChangePasswordDataDecoder
{
+ /**
+ * Decodes bytes into a ChangePasswordData.
+ *
+ * @param encodedChangePasswdData
+ * @return The {@link ChangePasswordData}.
+ * @throws IOException
+ */
public ChangePasswordData decodeChangePasswordData( byte[] encodedChangePasswdData ) throws IOException
{
ASN1InputStream ais = new ASN1InputStream( encodedChangePasswdData );
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordErrorEncoder.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordErrorEncoder.java
index 1deb897..440a230 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordErrorEncoder.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordErrorEncoder.java
@@ -35,6 +35,13 @@
*/
public class ChangePasswordErrorEncoder
{
+ /**
+ * Encodes a {@link ChangePasswordError} into a {@link ByteBuffer}.
+ *
+ * @param buf
+ * @param message
+ * @throws IOException
+ */
public void encode( ByteBuffer buf, ChangePasswordError message ) throws IOException
{
// Build error message bytes
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordReplyEncoder.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordReplyEncoder.java
index e1e32e7..c3b4f7a 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordReplyEncoder.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordReplyEncoder.java
@@ -37,6 +37,13 @@
*/
public class ChangePasswordReplyEncoder
{
+ /**
+ * Encodes a {@link ChangePasswordReply} into a {@link ByteBuffer}.
+ *
+ * @param buf
+ * @param message
+ * @throws IOException
+ */
public void encode( ByteBuffer buf, ChangePasswordReply message ) throws IOException
{
// Build application reply bytes
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestDecoder.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestDecoder.java
index d31c478..c31b488 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestDecoder.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/io/ChangePasswordRequestDecoder.java
@@ -37,6 +37,13 @@
*/
public class ChangePasswordRequestDecoder
{
+ /**
+ * Decodes a {@link ByteBuffer} into a {@link ChangePasswordRequest}.
+ *
+ * @param buf
+ * @return The {@link ChangePasswordRequest}.
+ * @throws IOException
+ */
public ChangePasswordRequest decode( ByteBuffer buf ) throws IOException
{
ChangePasswordRequestModifier modifier = new ChangePasswordRequestModifier();
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/AbstractPasswordMessage.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/AbstractPasswordMessage.java
index 2d5df33..8af8566 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/AbstractPasswordMessage.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/AbstractPasswordMessage.java
@@ -26,7 +26,9 @@
*/
abstract public class AbstractPasswordMessage
{
- // ChangePassword protocol version number
+ /**
+ * ChangePassword protocol version number.
+ */
public static final int PVNO = 1;
private short messageLength;
@@ -34,7 +36,7 @@
private short authHeaderLength;
- protected AbstractPasswordMessage(short messageLength, short versionNumber, short authHeaderLength)
+ protected AbstractPasswordMessage( short messageLength, short versionNumber, short authHeaderLength )
{
this.messageLength = messageLength;
this.versionNumber = versionNumber;
@@ -42,18 +44,33 @@
}
+ /**
+ * Returns the message length.
+ *
+ * @return The message length.
+ */
public short getMessageLength()
{
return messageLength;
}
+ /**
+ * Returns the version number.
+ *
+ * @return The version number.
+ */
public short getVersionNumber()
{
return versionNumber;
}
+ /**
+ * Returns the length of the AuthHeader.
+ *
+ * @return The length of the AuthHeader.
+ */
public short getAuthHeaderLength()
{
return authHeaderLength;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/AbstractPasswordMessageModifier.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/AbstractPasswordMessageModifier.java
index 6709301..83c606c 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/AbstractPasswordMessageModifier.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/AbstractPasswordMessageModifier.java
@@ -31,18 +31,33 @@
protected short authHeaderLength;
+ /**
+ * Sets the message length.
+ *
+ * @param messageLength
+ */
public void setMessageLength( short messageLength )
{
this.messageLength = messageLength;
}
+ /**
+ * Sets the protocol version number.
+ *
+ * @param versionNumber
+ */
public void setProtocolVersionNumber( short versionNumber )
{
this.versionNumber = versionNumber;
}
+ /**
+ * Sets the AuthHeader length.
+ *
+ * @param authHeaderLength
+ */
public void setAuthHeaderLength( short authHeaderLength )
{
this.authHeaderLength = authHeaderLength;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordError.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordError.java
index 69660d7..5a0b84f 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordError.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordError.java
@@ -32,8 +32,16 @@
private ErrorMessage errorMessage;
- public ChangePasswordError(short messageLength, short versionNumber, short authHeaderLength,
- ErrorMessage errorMessage)
+ /**
+ * Creates a new instance of ChangePasswordError.
+ *
+ * @param messageLength
+ * @param versionNumber
+ * @param authHeaderLength
+ * @param errorMessage
+ */
+ public ChangePasswordError( short messageLength, short versionNumber, short authHeaderLength,
+ ErrorMessage errorMessage )
{
super( messageLength, versionNumber, authHeaderLength );
@@ -41,6 +49,11 @@
}
+ /**
+ * Returns the {@link ErrorMessage}.
+ *
+ * @return The {@link ErrorMessage}.
+ */
public ErrorMessage getErrorMessage()
{
return errorMessage;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordErrorModifier.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordErrorModifier.java
index 9ab9359..960c976 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordErrorModifier.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordErrorModifier.java
@@ -32,12 +32,22 @@
private ErrorMessage errorMessage;
+ /**
+ * Returns the {@link ChangePasswordError}.
+ *
+ * @return The {@link ChangePasswordError}.
+ */
public ChangePasswordError getChangePasswordError()
{
return new ChangePasswordError( messageLength, versionNumber, authHeaderLength, errorMessage );
}
+ /**
+ * Sets the {@link ErrorMessage}.
+ *
+ * @param errorMessage
+ */
public void setErrorMessage( ErrorMessage errorMessage )
{
this.errorMessage = errorMessage;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordReply.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordReply.java
index 1295d43..3346f94 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordReply.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordReply.java
@@ -34,8 +34,17 @@
private PrivateMessage privateMessage;
- public ChangePasswordReply(short messageLength, short versionNumber, short authHeaderLength,
- ApplicationReply applicationReply, PrivateMessage privateMessage)
+ /**
+ * Creates a new instance of ChangePasswordReply.
+ *
+ * @param messageLength
+ * @param versionNumber
+ * @param authHeaderLength
+ * @param applicationReply
+ * @param privateMessage
+ */
+ public ChangePasswordReply( short messageLength, short versionNumber, short authHeaderLength,
+ ApplicationReply applicationReply, PrivateMessage privateMessage )
{
super( messageLength, versionNumber, authHeaderLength );
@@ -44,12 +53,22 @@
}
+ /**
+ * Returns the {@link ApplicationReply}.
+ *
+ * @return The {@link ApplicationReply}.
+ */
public ApplicationReply getApplicationReply()
{
return applicationReply;
}
+ /**
+ * Returns the {@link PrivateMessage}.
+ *
+ * @return The {@link PrivateMessage}.
+ */
public PrivateMessage getPrivateMessage()
{
return privateMessage;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordReplyModifier.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordReplyModifier.java
index 494e3e3..5e94388 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordReplyModifier.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordReplyModifier.java
@@ -34,6 +34,11 @@
private PrivateMessage privateMessage;
+ /**
+ * Returns the {@link ChangePasswordReply}.
+ *
+ * @return The {@link ChangePasswordReply}.
+ */
public ChangePasswordReply getChangePasswordReply()
{
return new ChangePasswordReply( messageLength, versionNumber, authHeaderLength, applicationReply,
@@ -41,12 +46,22 @@
}
+ /**
+ * Sets the {@link ApplicationReply}.
+ *
+ * @param applicationReply
+ */
public void setApplicationReply( ApplicationReply applicationReply )
{
this.applicationReply = applicationReply;
}
+ /**
+ * Sets the {@link PrivateMessage}.
+ *
+ * @param privateMessage
+ */
public void setPrivateMessage( PrivateMessage privateMessage )
{
this.privateMessage = privateMessage;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordRequest.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordRequest.java
index 2d2ed7f..3fdde4b 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordRequest.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordRequest.java
@@ -34,8 +34,17 @@
private PrivateMessage privateMessage;
- public ChangePasswordRequest(short messageLength, short versionNumber, short authHeaderLength,
- ApplicationRequest authHeader, PrivateMessage privateMessage)
+ /**
+ * Creates a new instance of ChangePasswordRequest.
+ *
+ * @param messageLength
+ * @param versionNumber
+ * @param authHeaderLength
+ * @param authHeader
+ * @param privateMessage
+ */
+ public ChangePasswordRequest( short messageLength, short versionNumber, short authHeaderLength,
+ ApplicationRequest authHeader, PrivateMessage privateMessage )
{
super( messageLength, versionNumber, authHeaderLength );
@@ -44,12 +53,22 @@
}
+ /**
+ * Returns the {@link ApplicationRequest}.
+ *
+ * @return The {@link ApplicationRequest}.
+ */
public ApplicationRequest getAuthHeader()
{
return authHeader;
}
+ /**
+ * Returns the {@link PrivateMessage}.
+ *
+ * @return The {@link PrivateMessage}.
+ */
public PrivateMessage getPrivateMessage()
{
return privateMessage;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordRequestModifier.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordRequestModifier.java
index b45d259..7b1e05a 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordRequestModifier.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/messages/ChangePasswordRequestModifier.java
@@ -34,18 +34,33 @@
private PrivateMessage privateMessage;
+ /**
+ * Returns the {@link ChangePasswordRequest}.
+ *
+ * @return The {@link ChangePasswordRequest}.
+ */
public ChangePasswordRequest getChangePasswordMessage()
{
return new ChangePasswordRequest( messageLength, versionNumber, authHeaderLength, authHeader, privateMessage );
}
+ /**
+ * Sets the AuthHeader.
+ *
+ * @param authHeader
+ */
public void setAuthHeader( ApplicationRequest authHeader )
{
this.authHeader = authHeader;
}
+ /**
+ * Sets the {@link PrivateMessage}.
+ *
+ * @param privateMessage
+ */
public void setPrivateMessage( PrivateMessage privateMessage )
{
this.privateMessage = privateMessage;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolCodecFactory.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolCodecFactory.java
index 8af4612..2e4c91b 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolCodecFactory.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolCodecFactory.java
@@ -35,6 +35,11 @@
private static final ChangePasswordProtocolCodecFactory INSTANCE = new ChangePasswordProtocolCodecFactory();
+ /**
+ * Returns the singleton instance of {@link ChangePasswordProtocolCodecFactory}.
+ *
+ * @return The singleton instance of {@link ChangePasswordProtocolCodecFactory}.
+ */
public static ChangePasswordProtocolCodecFactory getInstance()
{
return INSTANCE;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.java
index 4546437..fd6bf5b 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/protocol/ChangePasswordProtocolHandler.java
@@ -29,6 +29,8 @@
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.changepw.ChangePasswordConfiguration;
+import org.apache.directory.server.changepw.exceptions.ChangePasswordException;
+import org.apache.directory.server.changepw.exceptions.ErrorType;
import org.apache.directory.server.changepw.messages.ChangePasswordErrorModifier;
import org.apache.directory.server.changepw.messages.ChangePasswordRequest;
import org.apache.directory.server.changepw.service.ChangePasswordChain;
@@ -61,7 +63,13 @@
private String contextKey = "context";
- public ChangePasswordProtocolHandler(ChangePasswordConfiguration config, PrincipalStore store)
+ /**
+ * Creates a new instance of ChangePasswordProtocolHandler.
+ *
+ * @param config
+ * @param store
+ */
+ public ChangePasswordProtocolHandler( ChangePasswordConfiguration config, PrincipalStore store )
{
this.config = config;
this.store = store;
@@ -124,11 +132,16 @@
session.write( changepwContext.getReply() );
}
- catch ( Exception e )
+ catch ( KerberosException ke )
{
- log.error( e.getMessage() );
-
- KerberosException ke = ( KerberosException ) e;
+ if ( log.isDebugEnabled() )
+ {
+ log.debug( ke.getMessage(), ke );
+ }
+ else
+ {
+ log.warn( ke.getMessage() );
+ }
ErrorMessage errorMessage = getErrorMessage( config.getServicePrincipal(), ke );
@@ -137,6 +150,13 @@
session.write( modifier.getChangePasswordError() );
}
+ catch ( Exception e )
+ {
+ log.error( "Unexpected exception: " + e.getMessage(), e );
+
+ session.write( getErrorMessage( config.getServicePrincipal(), new ChangePasswordException(
+ ErrorType.KRB5_KPASSWD_UNKNOWN_ERROR ) ) );
+ }
}
@@ -149,7 +169,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
@@ -176,7 +196,8 @@
{
short resultCode = ( short ) exception.getErrorCode();
- byte[] resultString = { (byte) 0x00 };
+ byte[] resultString =
+ { ( byte ) 0x00 };
if ( exception.getExplanatoryData() == null || exception.getExplanatoryData().length == 0 )
{
@@ -186,7 +207,7 @@
}
catch ( UnsupportedEncodingException uee )
{
- log.error( uee.getMessage() );
+ log.error( uee.getMessage() );
}
}
else
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/BuildReply.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/BuildReply.java
index 4b07a89..0059aec 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/BuildReply.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/BuildReply.java
@@ -25,6 +25,8 @@
import org.apache.directory.server.changepw.exceptions.ChangePasswordException;
import org.apache.directory.server.changepw.exceptions.ErrorType;
import org.apache.directory.server.changepw.messages.ChangePasswordReplyModifier;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.application.ApplicationReply;
import org.apache.directory.server.kerberos.shared.messages.application.PrivateMessage;
@@ -37,7 +39,6 @@
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.HostAddress;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
import org.slf4j.Logger;
@@ -55,13 +56,14 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
Authenticator authenticator = changepwContext.getAuthenticator();
Ticket ticket = changepwContext.getTicket();
- LockBox lockBox = changepwContext.getLockBox();
+ CipherTextHandler cipherTextHandler = changepwContext.getCipherTextHandler();
// begin building reply
@@ -82,7 +84,7 @@
try
{
- encPrivPart = lockBox.seal( subSessionKey, privPart );
+ encPrivPart = cipherTextHandler.seal( subSessionKey, privPart, KeyUsage.NUMBER13 );
}
catch ( KerberosException ke )
{
@@ -105,7 +107,7 @@
try
{
- encRepPart = lockBox.seal( ticket.getSessionKey(), repPart );
+ encRepPart = cipherTextHandler.seal( ticket.getSessionKey(), repPart, KeyUsage.NUMBER12 );
}
catch ( KerberosException ke )
{
@@ -126,7 +128,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ChangePasswordChain.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ChangePasswordChain.java
index 4235047..c34b5d7 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ChangePasswordChain.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ChangePasswordChain.java
@@ -37,6 +37,9 @@
private static final Logger log = LoggerFactory.getLogger( ChangePasswordChain.class );
+ /**
+ * Creates a new instance of ChangePasswordChain.
+ */
public ChangePasswordChain()
{
if ( log.isDebugEnabled() )
@@ -57,7 +60,6 @@
addLast( "monitorContext", new MonitorContext() );
}
- addLast( "checkPasswordPolicy", new CheckPasswordPolicy() );
addLast( "processPasswordChange", new ProcessPasswordChange() );
addLast( "buildReply", new BuildReply() );
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ChangePasswordContext.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ChangePasswordContext.java
index 11fe616..3efdb69 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ChangePasswordContext.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ChangePasswordContext.java
@@ -24,11 +24,11 @@
import org.apache.directory.server.changepw.ChangePasswordConfiguration;
import org.apache.directory.server.changepw.messages.AbstractPasswordMessage;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.replay.ReplayCache;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.directory.server.kerberos.shared.store.PrincipalStore;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
@@ -52,7 +52,7 @@
private Authenticator authenticator;
private PrincipalStoreEntry serverEntry;
private ReplayCache replayCache;
- private LockBox lockBox;
+ private CipherTextHandler cipherTextHandler;
private String password;
@@ -165,20 +165,20 @@
/**
- * @return Returns the lockBox.
+ * @return Returns the {@link CipherTextHandler}.
*/
- public LockBox getLockBox()
+ public CipherTextHandler getCipherTextHandler()
{
- return lockBox;
+ return cipherTextHandler;
}
/**
- * @param lockBox The lockBox to set.
+ * @param cipherTextHandler The {@link CipherTextHandler} to set.
*/
- public void setLockBox( LockBox lockBox )
+ public void setCipherTextHandler( CipherTextHandler cipherTextHandler )
{
- this.lockBox = lockBox;
+ this.cipherTextHandler = cipherTextHandler;
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/CheckPasswordPolicy.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/CheckPasswordPolicy.java
index 43b573b..503f73f 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/CheckPasswordPolicy.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/CheckPasswordPolicy.java
@@ -48,6 +48,7 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
@@ -202,8 +203,8 @@
StringBuffer sb = new StringBuffer( "Password violates policy: " );
boolean isFirst = true;
-
- for ( String violation:violations )
+
+ for ( String violation : violations )
{
if ( isFirst )
{
@@ -213,7 +214,7 @@
{
sb.append( ", " );
}
-
+
sb.append( violation );
}
@@ -221,7 +222,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ConfigureChangePasswordChain.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ConfigureChangePasswordChain.java
index 6787cc9..da0eaab 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ConfigureChangePasswordChain.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ConfigureChangePasswordChain.java
@@ -20,9 +20,9 @@
package org.apache.directory.server.changepw.service;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.replay.InMemoryReplayCache;
import org.apache.directory.server.kerberos.shared.replay.ReplayCache;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
@@ -34,22 +34,23 @@
public class ConfigureChangePasswordChain implements IoHandlerCommand
{
private static final ReplayCache replayCache = new InMemoryReplayCache();
- private static final LockBox lockBox = new LockBox();
+ private static final CipherTextHandler cipherTextHandler = new CipherTextHandler();
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
changepwContext.setReplayCache( replayCache );
- changepwContext.setLockBox( lockBox );
+ changepwContext.setCipherTextHandler( cipherTextHandler );
next.execute( session, message );
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ExtractPassword.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ExtractPassword.java
index cad68bd..692f194 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ExtractPassword.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ExtractPassword.java
@@ -28,12 +28,13 @@
import org.apache.directory.server.changepw.messages.ChangePasswordRequest;
import org.apache.directory.server.changepw.value.ChangePasswordData;
import org.apache.directory.server.changepw.value.ChangePasswordDataModifier;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.EncKrbPrivPart;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
import org.slf4j.Logger;
@@ -51,13 +52,14 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
ChangePasswordRequest request = ( ChangePasswordRequest ) changepwContext.getRequest();
Authenticator authenticator = changepwContext.getAuthenticator();
- LockBox lockBox = changepwContext.getLockBox();
+ CipherTextHandler cipherTextHandler = changepwContext.getCipherTextHandler();
// TODO - check ticket is for service authorized to change passwords
// ticket.getServerPrincipal().getName().equals(config.getChangepwPrincipal().getName()));
@@ -74,7 +76,8 @@
try
{
- privatePart = ( EncKrbPrivPart ) lockBox.unseal( EncKrbPrivPart.class, subSessionKey, encReqPrivPart );
+ privatePart = ( EncKrbPrivPart ) cipherTextHandler.unseal( EncKrbPrivPart.class, subSessionKey,
+ encReqPrivPart, KeyUsage.NUMBER13 );
}
catch ( KerberosException ke )
{
@@ -112,7 +115,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/GetAuthHeader.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/GetAuthHeader.java
index 37c8e1e..2f37197 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/GetAuthHeader.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/GetAuthHeader.java
@@ -37,6 +37,7 @@
{
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
@@ -52,7 +53,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java
index 95713b1..df9545d 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorContext.java
@@ -24,6 +24,7 @@
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
@@ -49,13 +50,15 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
if ( log.isDebugEnabled() )
{
try
{
- ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
+ ChangePasswordContext changepwContext = ( ChangePasswordContext ) session
+ .getAttribute( getContextKey() );
PrincipalStore store = changepwContext.getStore();
ApplicationRequest authHeader = changepwContext.getAuthHeader();
@@ -91,15 +94,18 @@
sb.append( "\n\t" + "caddr contains sender " + caddrContainsSender );
KerberosPrincipal ticketServerPrincipal = ticket.getServerPrincipal();
- PrincipalStoreEntry ticketPrincipal = changepwContext.getServerEntry();
+ sb.append( "\n\t" + "Ticket principal " + ticketServerPrincipal );
- sb.append( "\n\t" + "principal " + ticketServerPrincipal );
+ PrincipalStoreEntry ticketPrincipal = changepwContext.getServerEntry();
sb.append( "\n\t" + "cn " + ticketPrincipal.getCommonName() );
sb.append( "\n\t" + "realm " + ticketPrincipal.getRealmName() );
- sb.append( "\n\t" + "principal " + ticketPrincipal.getPrincipal() );
+ sb.append( "\n\t" + "Service principal " + ticketPrincipal.getPrincipal() );
sb.append( "\n\t" + "SAM type " + ticketPrincipal.getSamType() );
- sb.append( "\n\t" + "Key type " + ticketPrincipal.getEncryptionKey().getKeyType() );
- sb.append( "\n\t" + "Key version " + ticketPrincipal.getEncryptionKey().getKeyVersion() );
+
+ EncryptionType encryptionType = ticket.getEncPart().getEncryptionType();
+ int keyVersion = ticketPrincipal.getKeyMap().get( encryptionType ).getKeyVersion();
+ sb.append( "\n\t" + "Ticket key type " + encryptionType );
+ sb.append( "\n\t" + "Service key version " + keyVersion );
log.debug( sb.toString() );
}
@@ -114,7 +120,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorReply.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorReply.java
index f7c2217..0d62fb5 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorReply.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorReply.java
@@ -40,13 +40,15 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
if ( log.isDebugEnabled() )
{
try
{
- ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
+ ChangePasswordContext changepwContext = ( ChangePasswordContext ) session
+ .getAttribute( getContextKey() );
ChangePasswordReply reply = ( ChangePasswordReply ) changepwContext.getReply();
ApplicationReply appReply = reply.getApplicationReply();
@@ -70,7 +72,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorRequest.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorRequest.java
index ef457c6..0f3cec8 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorRequest.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/MonitorRequest.java
@@ -38,13 +38,15 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
if ( log.isDebugEnabled() )
{
try
{
- ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
+ ChangePasswordContext changepwContext = ( ChangePasswordContext ) session
+ .getAttribute( getContextKey() );
ChangePasswordRequest request = ( ChangePasswordRequest ) changepwContext.getRequest();
short authHeaderLength = request.getAuthHeaderLength();
@@ -70,7 +72,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java
index 78afca9..afb3e8f 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/ProcessPasswordChange.java
@@ -20,7 +20,7 @@
package org.apache.directory.server.changepw.service;
-import javax.security.auth.kerberos.KerberosKey;
+import javax.naming.NamingException;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.changepw.exceptions.ChangePasswordException;
@@ -34,6 +34,8 @@
/**
+ * An {@link IoHandlerCommand} for storing the new password.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
@@ -44,31 +46,33 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
PrincipalStore store = changepwContext.getStore();
Authenticator authenticator = changepwContext.getAuthenticator();
- String password = changepwContext.getPassword();
+ String newPassword = changepwContext.getPassword();
+ KerberosPrincipal clientPrincipal = authenticator.getClientPrincipal();
// usec and seq-number must be present per MS but aren't in legacy kpasswd
// seq-number must have same value as authenticator
// ignore r-address
- // generate key from password
- KerberosPrincipal clientPrincipal = authenticator.getClientPrincipal();
- KerberosKey newKey = new KerberosKey( clientPrincipal, password.toCharArray(), "DES" );
-
- // store password in database
try
{
- String principalName = store.changePassword( clientPrincipal, newKey );
+ String principalName = store.changePassword( clientPrincipal, newPassword );
log.debug( "Successfully modified principal {}", principalName );
}
+ catch ( NamingException ne )
+ {
+ log.warn( ne.getMessage(), ne );
+ throw new ChangePasswordException( ErrorType.KRB5_KPASSWD_SOFTERROR, ne.getExplanation().getBytes() );
+ }
catch ( Exception e )
{
- log.error( e.getMessage(), e );
+ log.error( "Unexpected exception.", e );
throw new ChangePasswordException( ErrorType.KRB5_KPASSWD_HARDERROR );
}
@@ -76,7 +80,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java
index c92dee6..6f2f68b 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/service/VerifyServiceTicketAuthHeader.java
@@ -22,12 +22,14 @@
import java.net.InetAddress;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.replay.ReplayCache;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.directory.server.kerberos.shared.service.VerifyAuthHeader;
import org.apache.mina.common.IoSession;
@@ -40,21 +42,25 @@
{
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
ChangePasswordContext changepwContext = ( ChangePasswordContext ) session.getAttribute( getContextKey() );
ApplicationRequest authHeader = changepwContext.getAuthHeader();
Ticket ticket = changepwContext.getTicket();
- EncryptionKey serverKey = changepwContext.getServerEntry().getEncryptionKey();
+
+ EncryptionType encryptionType = ticket.getEncPart().getEncryptionType();
+ EncryptionKey serverKey = changepwContext.getServerEntry().getKeyMap().get( encryptionType );
+
long clockSkew = changepwContext.getConfig().getAllowableClockSkew();
ReplayCache replayCache = changepwContext.getReplayCache();
boolean emptyAddressesAllowed = changepwContext.getConfig().isEmptyAddressesAllowed();
InetAddress clientAddress = changepwContext.getClientAddress();
- LockBox lockBox = changepwContext.getLockBox();
+ CipherTextHandler cipherTextHandler = changepwContext.getCipherTextHandler();
Authenticator authenticator = verifyAuthHeader( authHeader, ticket, serverKey, clockSkew, replayCache,
- emptyAddressesAllowed, clientAddress, lockBox );
+ emptyAddressesAllowed, clientAddress, cipherTextHandler, KeyUsage.NUMBER11 );
changepwContext.setAuthenticator( authenticator );
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/value/ChangePasswordData.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/value/ChangePasswordData.java
index 1f53f20..909f98a 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/value/ChangePasswordData.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/value/ChangePasswordData.java
@@ -34,7 +34,14 @@
private String realm;
- public ChangePasswordData(byte[] password, PrincipalName principalName, String realm)
+ /**
+ * Creates a new instance of ChangePasswordData.
+ *
+ * @param password
+ * @param principalName
+ * @param realm
+ */
+ public ChangePasswordData( byte[] password, PrincipalName principalName, String realm )
{
this.password = password;
this.principalName = principalName;
@@ -42,18 +49,33 @@
}
+ /**
+ * Returns the password as bytes.
+ *
+ * @return The password as bytes.
+ */
public byte[] getPassword()
{
return password;
}
+ /**
+ * Returns the principal name.
+ *
+ * @return The principal name.
+ */
public PrincipalName getPrincipalName()
{
return principalName;
}
+ /**
+ * Returns the realm.
+ *
+ * @return The realm.
+ */
public String getRealm()
{
return realm;
diff --git a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/value/ChangePasswordDataModifier.java b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/value/ChangePasswordDataModifier.java
index 707c2f8..cfc8728 100644
--- a/protocol-changepw/src/main/java/org/apache/directory/server/changepw/value/ChangePasswordDataModifier.java
+++ b/protocol-changepw/src/main/java/org/apache/directory/server/changepw/value/ChangePasswordDataModifier.java
@@ -34,24 +34,44 @@
private String realm;
+ /**
+ * Returns the {@link ChangePasswordData}.
+ *
+ * @return The {@link ChangePasswordData}.
+ */
public ChangePasswordData getChangePasswdData()
{
return new ChangePasswordData( password, principalName, realm );
}
+ /**
+ * Sets the bytes of the new password.
+ *
+ * @param password
+ */
public void setNewPassword( byte[] password )
{
this.password = password;
}
+ /**
+ * Sets the target principal name whose password is to be changed.
+ *
+ * @param principalName
+ */
public void setTargetName( PrincipalName principalName )
{
this.principalName = principalName;
}
+ /**
+ * Sets the target realm of the principal whose password is to be changed.
+ *
+ * @param realm
+ */
public void setTargetRealm( String realm )
{
this.realm = realm;
diff --git a/protocol-changepw/src/main/resources/META-INF/LICENSE.txt b/protocol-changepw/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..1b3e9c7
--- /dev/null
+++ b/protocol-changepw/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,300 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
diff --git a/protocol-changepw/src/main/resources/META-INF/NOTICE.txt b/protocol-changepw/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/protocol-changepw/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/protocol-changepw/src/test/java/org/apache/directory/server/changepw/service/CheckPasswordPolicyTest.java b/protocol-changepw/src/test/java/org/apache/directory/server/changepw/service/CheckPasswordPolicyTest.java
index a501b17..66611e6 100644
--- a/protocol-changepw/src/test/java/org/apache/directory/server/changepw/service/CheckPasswordPolicyTest.java
+++ b/protocol-changepw/src/test/java/org/apache/directory/server/changepw/service/CheckPasswordPolicyTest.java
@@ -22,8 +22,6 @@
import javax.security.auth.kerberos.KerberosPrincipal;
-import org.apache.directory.server.changepw.service.CheckPasswordPolicy;
-
import junit.framework.TestCase;
@@ -42,6 +40,9 @@
private CheckPasswordPolicy policy = new CheckPasswordPolicy();
+ /**
+ * Tests that a good password is valid according to all policy checks.
+ */
public void testGoodPassword()
{
String username = "Enrique Rodriguez";
@@ -53,6 +54,9 @@
}
+ /**
+ * Tests that a bad password fails all validity checks.
+ */
public void testBadPassword()
{
String username = "Erin Randall";
@@ -64,6 +68,9 @@
}
+ /**
+ * Tests variations of a password where the password includes tokens of the username.
+ */
public void testPrincipalAsUsername()
{
String username = new KerberosPrincipal( "erodriguez@EXAMPLE.COM" ).getName();
diff --git a/protocol-dhcp/pom.xml b/protocol-dhcp/pom.xml
index 8dc8536..0f0aeec 100644
--- a/protocol-dhcp/pom.xml
+++ b/protocol-dhcp/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-protocol-dhcp</artifactId>
<name>ApacheDS Protocol Dhcp</name>
diff --git a/protocol-dhcp/src/main/resources/META-INF/LICENSE.txt b/protocol-dhcp/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..c13db16
--- /dev/null
+++ b/protocol-dhcp/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,301 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/protocol-dhcp/src/main/resources/META-INF/NOTICE.txt b/protocol-dhcp/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/protocol-dhcp/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/protocol-dns/pom.xml b/protocol-dns/pom.xml
index 53c30be..88e6e56 100644
--- a/protocol-dns/pom.xml
+++ b/protocol-dns/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-protocol-dns</artifactId>
<name>ApacheDS Protocol Dns</name>
diff --git a/protocol-dns/src/main/java/org/apache/directory/server/dns/store/DnsAttribute.java b/protocol-dns/src/main/java/org/apache/directory/server/dns/store/DnsAttribute.java
index eea1455..37b9bda 100644
--- a/protocol-dns/src/main/java/org/apache/directory/server/dns/store/DnsAttribute.java
+++ b/protocol-dns/src/main/java/org/apache/directory/server/dns/store/DnsAttribute.java
@@ -32,9 +32,6 @@
* Apache DNS Schema Attributes
*/
- /** the apachedns schema common name for an Apache DNS entry */
- public static final String CN = "cn";
-
/**
* An abstract DNS record objectClass used to build other specific structural
* objectclasses for different record types
diff --git a/protocol-dns/src/main/java/org/apache/directory/server/dns/store/operations/GetRecords.java b/protocol-dns/src/main/java/org/apache/directory/server/dns/store/operations/GetRecords.java
index b63859f..e152c12 100644
--- a/protocol-dns/src/main/java/org/apache/directory/server/dns/store/operations/GetRecords.java
+++ b/protocol-dns/src/main/java/org/apache/directory/server/dns/store/operations/GetRecords.java
@@ -45,6 +45,7 @@
import org.apache.directory.server.dns.messages.ResourceRecordModifier;
import org.apache.directory.server.dns.store.DnsAttribute;
import org.apache.directory.server.protocol.shared.store.ContextOperation;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
/**
@@ -188,7 +189,7 @@
}
else
{
- modifier.setDnsType( getType( attrs.get( "objectclass" ) ) );
+ modifier.setDnsType( getType( attrs.get( SchemaConstants.OBJECT_CLASS_AT ) ) );
}
// class defaults to SOA CLASS
diff --git a/protocol-dns/src/main/resources/META-INF/LICENSE.txt b/protocol-dns/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..7b0065c
--- /dev/null
+++ b/protocol-dns/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,302 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
+
diff --git a/protocol-dns/src/main/resources/META-INF/NOTICE.txt b/protocol-dns/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..b885656
--- /dev/null
+++ b/protocol-dns/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,10 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
diff --git a/protocol-kerberos/pom.xml b/protocol-kerberos/pom.xml
index be85d18..0388a2b 100644
--- a/protocol-kerberos/pom.xml
+++ b/protocol-kerberos/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-protocol-kerberos</artifactId>
<name>ApacheDS Protocol Kerberos</name>
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java
index 9e06754..486981c 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcConfiguration.java
@@ -27,6 +27,7 @@
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.protocol.shared.ServiceConfiguration;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
/**
@@ -375,7 +376,7 @@
{
for ( EncryptionType type : EncryptionType.VALUES )
{
- if ( type.toString().equalsIgnoreCase( enc ) )
+ if ( type.getName().equalsIgnoreCase( enc ) )
{
encTypes.add( type );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcContext.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcContext.java
index ea649d1..f70e2f2 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcContext.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcContext.java
@@ -22,9 +22,10 @@
import java.net.InetAddress;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.KdcRequest;
import org.apache.directory.server.kerberos.shared.messages.KerberosMessage;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.directory.server.kerberos.shared.store.PrincipalStore;
@@ -41,7 +42,8 @@
private KdcRequest request;
private KerberosMessage reply;
private InetAddress clientAddress;
- private LockBox lockBox;
+ private CipherTextHandler cipherTextHandler;
+ private EncryptionType encryptionType;
/**
@@ -135,19 +137,41 @@
/**
- * @return Returns the lockBox.
+ * @return Returns the {@link CipherTextHandler}.
*/
- public LockBox getLockBox()
+ public CipherTextHandler getCipherTextHandler()
{
- return lockBox;
+ return cipherTextHandler;
}
/**
- * @param lockBox The lockBox to set.
+ * @param cipherTextHandler The {@link CipherTextHandler} to set.
*/
- public void setLockBox( LockBox lockBox )
+ public void setCipherTextHandler( CipherTextHandler cipherTextHandler )
{
- this.lockBox = lockBox;
+ this.cipherTextHandler = cipherTextHandler;
+ }
+
+
+ /**
+ * Returns the encryption type to use for this session.
+ *
+ * @return The encryption type.
+ */
+ public EncryptionType getEncryptionType()
+ {
+ return encryptionType;
+ }
+
+
+ /**
+ * Sets the encryption type to use for this session.
+ *
+ * @param encryptionType The encryption type to set.
+ */
+ public void setEncryptionType( EncryptionType encryptionType )
+ {
+ this.encryptionType = encryptionType;
}
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java
index 27e158c..05b41cf 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KerberosServer.java
@@ -73,7 +73,7 @@
try
{
- handler = new KerberosProtocolHandler( new KdcConfiguration(), this.store );
+ handler = new KerberosProtocolHandler( config, this.store );
acceptor.bind( new InetSocketAddress( port ), handler, serviceConfig );
@@ -87,8 +87,7 @@
/**
- * Compares whether a {@link Dictionary} of configuration is different
- * from the currently used configuration.
+ * Returns whether configuration being proposed as new is really different.
*
* @param newConfig
* @return <code>True</true> if the configuration is different.
@@ -100,7 +99,7 @@
/**
- * Destroys this instance of the service.
+ * Destroys this instance of KerberosServer.
*/
public void destroy()
{
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorContext.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorContext.java
index 8a1240b..bd1989e 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorContext.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorContext.java
@@ -37,6 +37,7 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
KdcContext kdcContext = ( KdcContext ) session.getAttribute( getContextKey() );
@@ -52,7 +53,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorReply.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorReply.java
index 418da5d..54e0c45 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorReply.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorReply.java
@@ -39,6 +39,7 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
KdcContext kdcContext = ( KdcContext ) session.getAttribute( getContextKey() );
@@ -82,7 +83,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java
index 528cddf..3f020ad 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/MonitorRequest.java
@@ -39,6 +39,7 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
KdcContext kdcContext = ( KdcContext ) session.getAttribute( getContextKey() );
@@ -62,7 +63,7 @@
}
- public String getEncryptionTypes( KdcRequest request )
+ protected String getEncryptionTypes( KdcRequest request )
{
EncryptionType[] etypes = request.getEType();
@@ -82,7 +83,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectChecksumType.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectChecksumType.java
deleted file mode 100644
index 053df41..0000000
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectChecksumType.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.directory.server.kerberos.kdc;
-
-
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
-import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
-import org.apache.mina.common.IoSession;
-import org.apache.mina.handler.chain.IoHandlerCommand;
-
-
-/**
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$, $Date$
- */
-public class SelectChecksumType implements IoHandlerCommand
-{
- public void execute( NextCommand next, IoSession session, Object message ) throws Exception
- {
- boolean isAllowedChecksumType = true;
-
- if ( !isAllowedChecksumType )
- {
- throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
- }
-
- next.execute( session, message );
- }
-
-
- protected boolean isAllowedChecksumType( ChecksumType requestedType, ChecksumType[] configuredTypes )
- {
- for ( int ii = 0; ii < configuredTypes.length; ii++ )
- {
- if ( requestedType == configuredTypes[ii] )
- {
- return true;
- }
- }
-
- return false;
- }
-}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectEncryptionType.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectEncryptionType.java
index 0a341a5..9d313e2 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectEncryptionType.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/SelectEncryptionType.java
@@ -25,6 +25,8 @@
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
@@ -33,8 +35,12 @@
*/
public class SelectEncryptionType implements IoHandlerCommand
{
+ /** The log for this class. */
+ private static final Logger log = LoggerFactory.getLogger( SelectEncryptionType.class );
+
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
KdcContext kdcContext = ( KdcContext ) session.getAttribute( getContextKey() );
@@ -44,11 +50,15 @@
EncryptionType bestType = getBestEncryptionType( requestedTypes, config.getEncryptionTypes() );
+ log.debug( "Session will use encryption type " + bestType );
+
if ( bestType == null )
{
throw new KerberosException( ErrorType.KDC_ERR_ETYPE_NOSUPP );
}
+ kdcContext.setEncryptionType( bestType );
+
next.execute( session, message );
}
@@ -70,7 +80,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationServiceChain.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationServiceChain.java
index b012d8c..36b518d 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationServiceChain.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationServiceChain.java
@@ -21,6 +21,7 @@
import org.apache.directory.server.kerberos.kdc.MonitorRequest;
+import org.apache.directory.server.kerberos.kdc.SelectEncryptionType;
import org.apache.directory.server.kerberos.kdc.preauthentication.PreAuthenticationChain;
import org.apache.mina.handler.chain.IoHandlerChain;
@@ -31,10 +32,14 @@
*/
public class AuthenticationServiceChain extends IoHandlerChain
{
+ /**
+ * Creates a new instance of AuthenticationServiceChain.
+ */
public AuthenticationServiceChain()
{
addLast( "monitorRequest", new MonitorRequest() );
addLast( "configureAuthenticationChain", new ConfigureAuthenticationChain() );
+ addLast( "selectEncryptionType", new SelectEncryptionType() );
addLast( "getClientEntry", new GetClientEntry() );
addLast( "verifyPolicy", new VerifyPolicy() );
addLast( "preAuthenticationChain", new PreAuthenticationChain() );
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/BuildReply.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/BuildReply.java
index d436efc..b70606d 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/BuildReply.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/BuildReply.java
@@ -74,7 +74,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/ConfigureAuthenticationChain.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/ConfigureAuthenticationChain.java
index 1001be0..1296680 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/ConfigureAuthenticationChain.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/ConfigureAuthenticationChain.java
@@ -20,16 +20,9 @@
package org.apache.directory.server.kerberos.kdc.authentication;
-import java.util.Map;
-
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.Crc32Checksum;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.RsaMd4Checksum;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.RsaMd5Checksum;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.Sha1Checksum;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.replay.InMemoryReplayCache;
import org.apache.directory.server.kerberos.shared.replay.ReplayCache;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
@@ -41,28 +34,23 @@
public class ConfigureAuthenticationChain implements IoHandlerCommand
{
private static final ReplayCache replayCache = new InMemoryReplayCache();
- private static final LockBox lockBox = new LockBox();
+ private static final CipherTextHandler cipherTextHandler = new CipherTextHandler();
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
AuthenticationContext authContext = ( AuthenticationContext ) session.getAttribute( getContextKey() );
authContext.setReplayCache( replayCache );
- authContext.setLockBox( lockBox );
-
- Map checksumEngines = authContext.getChecksumEngines();
- checksumEngines.put( ChecksumType.CRC32, new Crc32Checksum() );
- checksumEngines.put( ChecksumType.RSA_MD4, new RsaMd4Checksum() );
- checksumEngines.put( ChecksumType.RSA_MD5, new RsaMd5Checksum() );
- checksumEngines.put( ChecksumType.SHA1, new Sha1Checksum() );
+ authContext.setCipherTextHandler( cipherTextHandler );
next.execute( session, message );
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GenerateTicket.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GenerateTicket.java
index 6cd8e4e..df7c3e5 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GenerateTicket.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GenerateTicket.java
@@ -23,6 +23,9 @@
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.KdcRequest;
@@ -35,7 +38,6 @@
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.TicketFlags;
import org.apache.directory.server.kerberos.shared.messages.value.TransitedEncoding;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
import org.slf4j.Logger;
@@ -53,14 +55,18 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
AuthenticationContext authContext = ( AuthenticationContext ) session.getAttribute( getContextKey() );
KdcRequest request = authContext.getRequest();
- LockBox lockBox = authContext.getLockBox();
+ CipherTextHandler cipherTextHandler = authContext.getCipherTextHandler();
KerberosPrincipal serverPrincipal = request.getServerPrincipal();
- EncryptionKey serverKey = authContext.getServerEntry().getEncryptionKey();
+
+ EncryptionType encryptionType = authContext.getEncryptionType();
+ EncryptionKey serverKey = authContext.getServerEntry().getKeyMap().get( encryptionType );
+
KerberosPrincipal ticketPrincipal = request.getServerPrincipal();
EncTicketPartModifier newTicketBody = new EncTicketPartModifier();
KdcConfiguration config = authContext.getConfig();
@@ -138,9 +144,9 @@
endif
*/
- if ( tempRtime == 0 )
+ if ( tempRtime == 0 || request.getRtime() == null )
{
- tempRtime = Long.MAX_VALUE;
+ tempRtime = request.getTill().getTime();
}
else
{
@@ -172,7 +178,7 @@
EncTicketPart ticketPart = newTicketBody.getEncTicketPart();
- EncryptedData encryptedData = lockBox.seal( serverKey, ticketPart );
+ EncryptedData encryptedData = cipherTextHandler.seal( serverKey, ticketPart, KeyUsage.NUMBER2 );
Ticket newTicket = new Ticket( ticketPrincipal, encryptedData );
newTicket.setEncTicketPart( ticketPart );
@@ -188,7 +194,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GetSessionKey.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GetSessionKey.java
index 755f497..137e110 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GetSessionKey.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/GetSessionKey.java
@@ -20,41 +20,33 @@
package org.apache.directory.server.kerberos.kdc.authentication;
-import java.security.SecureRandom;
-
-import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
-import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.apache.directory.server.kerberos.shared.service.DesStringToKey;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
import org.apache.mina.common.IoSession;
+import org.apache.mina.handler.chain.IoHandlerCommand;
/**
+ * Get a session key for this session.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class GetSessionKey extends DesStringToKey
+public class GetSessionKey implements IoHandlerCommand
{
- private static final SecureRandom random = new SecureRandom();
+ private String contextKey = "context";
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
AuthenticationContext authContext = ( AuthenticationContext ) session.getAttribute( getContextKey() );
- authContext.setSessionKey( getNewSessionKey() );
+ authContext.setSessionKey( RandomKeyFactory.getRandomKey( authContext.getEncryptionType() ) );
next.execute( session, message );
}
- private EncryptionKey getNewSessionKey()
+ protected String getContextKey()
{
- byte[] confounder = new byte[8];
-
- // SecureRandom.nextBytes is already synchronized
- random.nextBytes( confounder );
-
- byte[] subSessionKey = getKey( new String( confounder ) );
-
- return new EncryptionKey( EncryptionType.DES_CBC_MD5, subSessionKey );
+ return ( this.contextKey );
}
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/SealReply.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/SealReply.java
index 62eec76..68f6955 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/SealReply.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/SealReply.java
@@ -20,10 +20,11 @@
package org.apache.directory.server.kerberos.kdc.authentication;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.messages.AuthenticationReply;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
@@ -36,22 +37,23 @@
{
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
AuthenticationContext authContext = ( AuthenticationContext ) session.getAttribute( getContextKey() );
AuthenticationReply reply = ( AuthenticationReply ) authContext.getReply();
EncryptionKey clientKey = authContext.getClientKey();
- LockBox lockBox = authContext.getLockBox();
+ CipherTextHandler cipherTextHandler = authContext.getCipherTextHandler();
- EncryptedData encryptedData = lockBox.seal( clientKey, reply );
+ EncryptedData encryptedData = cipherTextHandler.seal( clientKey, reply, KeyUsage.NUMBER3 );
reply.setEncPart( encryptedData );
next.execute( session, message );
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/VerifyPolicy.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/VerifyPolicy.java
index dcc71e2..9813b00 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/VerifyPolicy.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/VerifyPolicy.java
@@ -27,8 +27,6 @@
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
/**
@@ -37,10 +35,8 @@
*/
public class VerifyPolicy implements IoHandlerCommand
{
- /** the log for this class */
-// private static final Logger log = LoggerFactory.getLogger( VerifyPolicy.class );
private String contextKey = "context";
-
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
@@ -61,11 +57,12 @@
{
throw new KerberosException( ErrorType.KDC_ERR_CLIENT_REVOKED );
}
- next.execute( session, message );
+
+ next.execute( session, message );
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/PreAuthenticationChain.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/PreAuthenticationChain.java
index b1766e3..24821f8 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/PreAuthenticationChain.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/PreAuthenticationChain.java
@@ -28,6 +28,9 @@
*/
public class PreAuthenticationChain extends IoHandlerChain
{
+ /**
+ * Creates a new instance of PreAuthenticationChain.
+ */
public PreAuthenticationChain()
{
addLast( "verifySam", new VerifySam() );
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifierBase.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifierBase.java
index d638de9..04edf8b 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifierBase.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifierBase.java
@@ -40,12 +40,15 @@
{
private String contextKey = "context";
- public String getContextKey()
- {
- return ( this.contextKey );
- }
- public byte[] preparePreAuthenticationError()
+ /**
+ * Prepares a pre-authentication error message containing required
+ * encryption types.
+ *
+ * @param encryptionTypes
+ * @return The error message as bytes.
+ */
+ public byte[] preparePreAuthenticationError( EncryptionType[] encryptionTypes )
{
PreAuthenticationData[] paDataSequence = new PreAuthenticationData[2];
@@ -55,8 +58,11 @@
paDataSequence[0] = modifier.getPreAuthenticationData();
- EncryptionTypeInfoEntry[] entries = new EncryptionTypeInfoEntry[1];
- entries[0] = new EncryptionTypeInfoEntry( EncryptionType.DES_CBC_MD5, null );
+ EncryptionTypeInfoEntry[] entries = new EncryptionTypeInfoEntry[encryptionTypes.length];
+ for ( int ii = 0; ii < encryptionTypes.length; ii++ )
+ {
+ entries[ii] = new EncryptionTypeInfoEntry( encryptionTypes[ii], null );
+ }
byte[] encTypeInfo = null;
@@ -84,4 +90,10 @@
return null;
}
}
+
+
+ protected String getContextKey()
+ {
+ return ( this.contextKey );
+ }
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
index 218efda..ce623a6 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifyEncryptedTimestamp.java
@@ -24,6 +24,9 @@
import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
import org.apache.directory.server.kerberos.kdc.authentication.AuthenticationContext;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.io.decoder.EncryptedDataDecoder;
@@ -33,7 +36,6 @@
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationData;
import org.apache.directory.server.kerberos.shared.messages.value.PreAuthenticationDataType;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.mina.common.IoSession;
import org.slf4j.Logger;
@@ -62,7 +64,7 @@
log.debug( "Verifying using encrypted timestamp." );
KdcConfiguration config = authContext.getConfig();
KdcRequest request = authContext.getRequest();
- LockBox lockBox = authContext.getLockBox();
+ CipherTextHandler cipherTextHandler = authContext.getCipherTextHandler();
PrincipalStoreEntry clientEntry = authContext.getClientEntry();
String clientName = clientEntry.getPrincipal().getName();
@@ -76,7 +78,8 @@
+ " has no SAM type: proceeding with standard pre-authentication" );
}
- clientKey = clientEntry.getEncryptionKey();
+ EncryptionType encryptionType = authContext.getEncryptionType();
+ clientKey = clientEntry.getKeyMap().get( encryptionType );
if ( clientKey == null )
{
@@ -89,7 +92,8 @@
if ( preAuthData == null )
{
- throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError() );
+ throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED,
+ preparePreAuthenticationError( config.getEncryptionTypes() ) );
}
EncryptedTimeStamp timestamp = null;
@@ -113,14 +117,15 @@
throw new KerberosException( ErrorType.KRB_AP_ERR_BAD_INTEGRITY );
}
- timestamp = ( EncryptedTimeStamp ) lockBox.unseal( EncryptedTimeStamp.class, clientKey,
- dataValue );
+ timestamp = ( EncryptedTimeStamp ) cipherTextHandler.unseal( EncryptedTimeStamp.class,
+ clientKey, dataValue, KeyUsage.NUMBER1 );
}
}
if ( timestamp == null )
{
- throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError() );
+ throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED,
+ preparePreAuthenticationError( config.getEncryptionTypes() ) );
}
if ( !timestamp.getTimeStamp().isInClockSkew( config.getAllowableClockSkew() ) )
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifySam.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifySam.java
index 4d0c01d..ba7b98f 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifySam.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/preauthentication/VerifySam.java
@@ -22,6 +22,7 @@
import javax.security.auth.kerberos.KerberosKey;
+import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
import org.apache.directory.server.kerberos.kdc.authentication.AuthenticationContext;
import org.apache.directory.server.kerberos.sam.SamException;
import org.apache.directory.server.kerberos.sam.SamSubsystem;
@@ -60,6 +61,8 @@
log.debug( "Verifying using SAM subsystem." );
AuthenticationContext authContext = ( AuthenticationContext ) session.getAttribute( getContextKey() );
KdcRequest request = authContext.getRequest();
+ KdcConfiguration config = authContext.getConfig();
+
PrincipalStoreEntry clientEntry = authContext.getClientEntry();
String clientName = clientEntry.getPrincipal().getName();
@@ -77,7 +80,7 @@
if ( preAuthData == null || preAuthData.length == 0 )
{
- throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError() );
+ throw new KerberosException( ErrorType.KDC_ERR_PREAUTH_REQUIRED, preparePreAuthenticationError( config.getEncryptionTypes() ) );
}
try
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/BuildReply.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/BuildReply.java
index e424658..09ce3e6 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/BuildReply.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/BuildReply.java
@@ -71,7 +71,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/ConfigureTicketGrantingChain.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/ConfigureTicketGrantingChain.java
index f2082fe..49e1392 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/ConfigureTicketGrantingChain.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/ConfigureTicketGrantingChain.java
@@ -20,9 +20,9 @@
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.replay.InMemoryReplayCache;
import org.apache.directory.server.kerberos.shared.replay.ReplayCache;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
@@ -34,7 +34,7 @@
public class ConfigureTicketGrantingChain implements IoHandlerCommand
{
private static final ReplayCache replayCache = new InMemoryReplayCache();
- private static final LockBox lockBox = new LockBox();
+ private static final CipherTextHandler cipherTextHandler = new CipherTextHandler();
private String contextKey = "context";
@@ -43,13 +43,13 @@
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
tgsContext.setReplayCache( replayCache );
- tgsContext.setLockBox( lockBox );
+ tgsContext.setCipherTextHandler( cipherTextHandler );
next.execute( session, message );
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GenerateTicket.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GenerateTicket.java
index f17f0f0..24f369c 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GenerateTicket.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GenerateTicket.java
@@ -27,6 +27,9 @@
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.KdcRequest;
@@ -40,7 +43,6 @@
import org.apache.directory.server.kerberos.shared.messages.value.KdcOptions;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.TicketFlags;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
@@ -53,6 +55,7 @@
{
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
@@ -60,9 +63,12 @@
KdcRequest request = tgsContext.getRequest();
Ticket tgt = tgsContext.getTgt();
Authenticator authenticator = tgsContext.getAuthenticator();
- LockBox lockBox = tgsContext.getLockBox();
+ CipherTextHandler cipherTextHandler = tgsContext.getCipherTextHandler();
KerberosPrincipal ticketPrincipal = request.getServerPrincipal();
- EncryptionKey serverKey = tgsContext.getRequestPrincipalEntry().getEncryptionKey();
+
+ EncryptionType encryptionType = tgsContext.getEncryptionType();
+ EncryptionKey serverKey = tgsContext.getRequestPrincipalEntry().getKeyMap().get( encryptionType );
+
KdcConfiguration config = tgsContext.getConfig();
EncryptionKey sessionKey = tgsContext.getSessionKey();
@@ -77,8 +83,8 @@
if ( request.getEncAuthorizationData() != null )
{
- AuthorizationData authData = ( AuthorizationData ) lockBox.unseal( AuthorizationData.class, authenticator
- .getSubSessionKey(), request.getEncAuthorizationData() );
+ AuthorizationData authData = ( AuthorizationData ) cipherTextHandler.unseal( AuthorizationData.class,
+ authenticator.getSubSessionKey(), request.getEncAuthorizationData(), KeyUsage.NUMBER4 );
authData.add( tgt.getAuthorizationData() );
newTicketBody.setAuthorizationData( authData );
}
@@ -105,7 +111,7 @@
throw new KerberosException( ErrorType.KDC_ERR_SVC_UNAVAILABLE );
}
- EncryptedData encryptedData = lockBox.seal( serverKey, ticketPart );
+ EncryptedData encryptedData = cipherTextHandler.seal( serverKey, ticketPart, KeyUsage.NUMBER2 );
Ticket newTicket = new Ticket( ticketPrincipal, encryptedData );
newTicket.setEncTicketPart( ticketPart );
@@ -116,12 +122,6 @@
}
- public String getContextKey()
- {
- return ( this.contextKey );
- }
-
-
private void processFlags( KdcConfiguration config, KdcRequest request, Ticket tgt,
EncTicketPartModifier newTicketBody ) throws KerberosException
{
@@ -274,7 +274,7 @@
new_tkt.starttime+client.max_life,
new_tkt.starttime+server.max_life,
*/
- List minimizer = new ArrayList();
+ List<KerberosTime> minimizer = new ArrayList<KerberosTime>();
minimizer.add( till );
minimizer.add( new KerberosTime( now.getTime() + config.getMaximumTicketLifetime() ) );
minimizer.add( tgt.getEndTime() );
@@ -315,7 +315,7 @@
new_tkt.starttime+server.max_rlife,
*/
// TODO - client and server configurable; requires store
- List minimizer = new ArrayList();
+ List<KerberosTime> minimizer = new ArrayList<KerberosTime>();
/*
* 'rtime' KerberosTime is OPTIONAL
@@ -327,7 +327,7 @@
minimizer.add( new KerberosTime( now.getTime() + config.getMaximumRenewableLifetime() ) );
minimizer.add( tgt.getRenewTill() );
- newTicketBody.setRenewTill( ( KerberosTime ) Collections.min( minimizer ) );
+ newTicketBody.setRenewTill( Collections.min( minimizer ) );
}
}
@@ -363,4 +363,10 @@
newTicketBody.setSessionKey( tgt.getSessionKey() );
newTicketBody.setTransitedEncoding( tgt.getTransitedEncoding() );
}
+
+
+ protected String getContextKey()
+ {
+ return ( this.contextKey );
+ }
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java
index 55f7cd8..ff9c48a 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetAuthHeader.java
@@ -44,6 +44,7 @@
{
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
@@ -59,12 +60,6 @@
}
- public String getContextKey()
- {
- return ( this.contextKey );
- }
-
-
protected ApplicationRequest getAuthHeader( KdcRequest request ) throws KerberosException, IOException
{
byte[] undecodedAuthHeader = null;
@@ -88,4 +83,10 @@
return authHeader;
}
+
+
+ protected String getContextKey()
+ {
+ return ( this.contextKey );
+ }
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java
index 3d3b8d3..943bfc1 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/GetSessionKey.java
@@ -20,41 +20,33 @@
package org.apache.directory.server.kerberos.kdc.ticketgrant;
-import java.security.SecureRandom;
-
-import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
-import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.apache.directory.server.kerberos.shared.service.DesStringToKey;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
import org.apache.mina.common.IoSession;
+import org.apache.mina.handler.chain.IoHandlerCommand;
/**
+ * Get a session key for this session.
+ *
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev$, $Date$
*/
-public class GetSessionKey extends DesStringToKey
+public class GetSessionKey implements IoHandlerCommand
{
- private static final SecureRandom random = new SecureRandom();
+ private String contextKey = "context";
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
- tgsContext.setSessionKey( getNewSessionKey() );
+ tgsContext.setSessionKey( RandomKeyFactory.getRandomKey( tgsContext.getEncryptionType() ) );
next.execute( session, message );
}
- private EncryptionKey getNewSessionKey()
+ protected String getContextKey()
{
- byte[] confounder = new byte[8];
-
- // SecureRandom.nextBytes is already synchronized
- random.nextBytes( confounder );
-
- byte[] subSessionKey = getKey( new String( confounder ) );
-
- return new EncryptionKey( EncryptionType.DES_CBC_MD5, subSessionKey );
+ return ( this.contextKey );
}
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
index 7906018..b4d2002 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/MonitorContext.java
@@ -25,6 +25,7 @@
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.messages.value.HostAddress;
@@ -49,6 +50,7 @@
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
if ( log.isDebugEnabled() )
@@ -92,8 +94,6 @@
sb.append( "\n\t" + "realm " + requestPrincipal.getRealmName() );
sb.append( "\n\t" + "principal " + requestPrincipal.getPrincipal() );
sb.append( "\n\t" + "SAM type " + requestPrincipal.getSamType() );
- sb.append( "\n\t" + "Key type " + requestPrincipal.getEncryptionKey().getKeyType() );
- sb.append( "\n\t" + "Key version " + requestPrincipal.getEncryptionKey().getKeyVersion() );
KerberosPrincipal ticketServerPrincipal = tgsContext.getTgt().getServerPrincipal();
PrincipalStoreEntry ticketPrincipal = tgsContext.getTicketPrincipalEntry();
@@ -103,8 +103,11 @@
sb.append( "\n\t" + "realm " + ticketPrincipal.getRealmName() );
sb.append( "\n\t" + "principal " + ticketPrincipal.getPrincipal() );
sb.append( "\n\t" + "SAM type " + ticketPrincipal.getSamType() );
- sb.append( "\n\t" + "Key type " + ticketPrincipal.getEncryptionKey().getKeyType() );
- sb.append( "\n\t" + "Key version " + ticketPrincipal.getEncryptionKey().getKeyVersion() );
+
+ EncryptionType encryptionType = tgsContext.getTgt().getEncPart().getEncryptionType();
+ int keyVersion = ticketPrincipal.getKeyMap().get( encryptionType ).getKeyVersion();
+ sb.append( "\n\t" + "Ticket key type " + encryptionType );
+ sb.append( "\n\t" + "Service key version " + keyVersion );
log.debug( sb.toString() );
}
@@ -119,7 +122,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java
index f30cfdb..8c8be92 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/SealReply.java
@@ -20,11 +20,12 @@
package org.apache.directory.server.kerberos.kdc.ticketgrant;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.messages.TicketGrantReply;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
@@ -37,24 +38,25 @@
{
private String contextKey = "context";
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
TicketGrantReply reply = ( TicketGrantReply ) tgsContext.getReply();
Ticket tgt = tgsContext.getTgt();
- LockBox lockBox = tgsContext.getLockBox();
+ CipherTextHandler cipherTextHandler = tgsContext.getCipherTextHandler();
Authenticator authenticator = tgsContext.getAuthenticator();
EncryptedData encryptedData;
if ( authenticator.getSubSessionKey() != null )
{
- encryptedData = lockBox.seal( authenticator.getSubSessionKey(), reply );
+ encryptedData = cipherTextHandler.seal( authenticator.getSubSessionKey(), reply, KeyUsage.NUMBER9 );
}
else
{
- encryptedData = lockBox.seal( tgt.getSessionKey(), reply );
+ encryptedData = cipherTextHandler.seal( tgt.getSessionKey(), reply, KeyUsage.NUMBER8 );
}
reply.setEncPart( encryptedData );
@@ -63,7 +65,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java
index ab1b9c8..3420054 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingServiceChain.java
@@ -22,6 +22,7 @@
import org.apache.directory.server.kerberos.kdc.MonitorReply;
import org.apache.directory.server.kerberos.kdc.MonitorRequest;
+import org.apache.directory.server.kerberos.kdc.SelectEncryptionType;
import org.apache.mina.handler.chain.IoHandlerChain;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -39,6 +40,9 @@
private static final Logger log = LoggerFactory.getLogger( TicketGrantingServiceChain.class );
+ /**
+ * Creates a new instance of TicketGrantingServiceChain.
+ */
public TicketGrantingServiceChain()
{
if ( log.isDebugEnabled() )
@@ -47,6 +51,7 @@
}
addLast( "configureTicketGrantingChain", new ConfigureTicketGrantingChain() );
+ addLast( "selectEncryptionType", new SelectEncryptionType() );
addLast( "getAuthHeader", new GetAuthHeader() );
addLast( "verifyTgt", new VerifyTgt() );
addLast( "getTicketPrincipalEntry", new GetTicketPrincipalEntry() );
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
index 4852965..17bb7b0 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyBodyChecksum.java
@@ -20,14 +20,19 @@
package org.apache.directory.server.kerberos.kdc.ticketgrant;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumHandler;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
-import org.apache.directory.server.kerberos.shared.crypto.checksum.RsaMd5Checksum;
-import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
-import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.messages.value.Checksum;
import org.apache.mina.common.IoSession;
import org.apache.mina.handler.chain.IoHandlerCommand;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
@@ -36,44 +41,52 @@
*/
public class VerifyBodyChecksum implements IoHandlerCommand
{
+ /** the log for this class */
+ private static final Logger log = LoggerFactory.getLogger( VerifyBodyChecksum.class );
+
+ private ChecksumHandler checksumHandler = new ChecksumHandler();
private String contextKey = "context";
+ /** a map of the default encryption types to the encryption engine class names */
+ private static final Map<EncryptionType, ChecksumType> DEFAULT_CHECKSUMS;
+
+ static
+ {
+ Map<EncryptionType, ChecksumType> map = new HashMap<EncryptionType, ChecksumType>();
+
+ map.put( EncryptionType.DES_CBC_MD5, ChecksumType.RSA_MD5 );
+ map.put( EncryptionType.DES3_CBC_SHA1_KD, ChecksumType.HMAC_SHA1_DES3_KD );
+ map.put( EncryptionType.RC4_HMAC, ChecksumType.HMAC_MD5 );
+ map.put( EncryptionType.AES128_CTS_HMAC_SHA1_96, ChecksumType.HMAC_SHA1_96_AES128 );
+ map.put( EncryptionType.AES256_CTS_HMAC_SHA1_96, ChecksumType.HMAC_SHA1_96_AES256 );
+
+ DEFAULT_CHECKSUMS = Collections.unmodifiableMap( map );
+ }
+
+
public void execute( NextCommand next, IoSession session, Object message ) throws Exception
{
TicketGrantingContext tgsContext = ( TicketGrantingContext ) session.getAttribute( getContextKey() );
byte[] bodyBytes = tgsContext.getRequest().getBodyBytes();
- Checksum checksum = tgsContext.getAuthenticator().getChecksum();
+ Checksum authenticatorChecksum = tgsContext.getAuthenticator().getChecksum();
- verifyChecksum( checksum, bodyBytes );
+ EncryptionType encryptionType = tgsContext.getEncryptionType();
+ ChecksumType allowedChecksumType = DEFAULT_CHECKSUMS.get( encryptionType );
+
+ if ( !allowedChecksumType.equals( authenticatorChecksum.getChecksumType() ) )
+ {
+ log.warn( "Allowed checksum type '" + allowedChecksumType + "' did not match authenticator checksum type '"
+ + authenticatorChecksum.getChecksumType() + "'." );
+ }
+
+ checksumHandler.verifyChecksum( authenticatorChecksum, bodyBytes, null, KeyUsage.NUMBER8 );
next.execute( session, message );
}
- public String getContextKey()
+ private String getContextKey()
{
return ( this.contextKey );
}
-
-
- private void verifyChecksum( Checksum checksum, byte[] bytes ) throws KerberosException
- {
- if ( checksum == null )
- {
- throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
- }
-
- if ( !checksum.getChecksumType().equals( ChecksumType.RSA_MD5 ) )
- {
- throw new KerberosException( ErrorType.KDC_ERR_SUMTYPE_NOSUPP );
- }
-
- ChecksumEngine digester = new RsaMd5Checksum();
- Checksum newChecksum = new Checksum( digester.checksumType(), digester.calculateChecksum( bytes ) );
-
- if ( !newChecksum.equals( checksum ) )
- {
- throw new KerberosException( ErrorType.KRB_AP_ERR_MODIFIED );
- }
- }
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
index c4eb213..14c2626 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/VerifyTgtAuthHeader.java
@@ -22,12 +22,14 @@
import java.net.InetAddress;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.replay.ReplayCache;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
import org.apache.directory.server.kerberos.shared.service.VerifyAuthHeader;
import org.apache.mina.common.IoSession;
@@ -44,15 +46,18 @@
ApplicationRequest authHeader = tgsContext.getAuthHeader();
Ticket tgt = tgsContext.getTgt();
- EncryptionKey serverKey = tgsContext.getTicketPrincipalEntry().getEncryptionKey();
+
+ EncryptionType encryptionType = tgt.getEncPart().getEncryptionType();
+ EncryptionKey serverKey = tgsContext.getTicketPrincipalEntry().getKeyMap().get( encryptionType );
+
long clockSkew = tgsContext.getConfig().getAllowableClockSkew();
ReplayCache replayCache = tgsContext.getReplayCache();
boolean emptyAddressesAllowed = tgsContext.getConfig().isEmptyAddressesAllowed();
InetAddress clientAddress = tgsContext.getClientAddress();
- LockBox lockBox = tgsContext.getLockBox();
+ CipherTextHandler cipherTextHandler = tgsContext.getCipherTextHandler();
Authenticator authenticator = verifyAuthHeader( authHeader, tgt, serverKey, clockSkew, replayCache,
- emptyAddressesAllowed, clientAddress, lockBox );
+ emptyAddressesAllowed, clientAddress, cipherTextHandler, KeyUsage.NUMBER7 );
tgsContext.setAuthenticator( authenticator );
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java
index b75229a..63e02cd 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolCodecFactory.java
@@ -34,6 +34,11 @@
private static final KerberosProtocolCodecFactory INSTANCE = new KerberosProtocolCodecFactory();
+ /**
+ * Returns the singleton {@link KerberosProtocolCodecFactory}.
+ *
+ * @return The singleton {@link KerberosProtocolCodecFactory}.
+ */
public static KerberosProtocolCodecFactory getInstance()
{
return INSTANCE;
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
index 59a2260..6085b1a 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/protocol/KerberosProtocolHandler.java
@@ -64,7 +64,13 @@
private String contextKey = "context";
- public KerberosProtocolHandler(KdcConfiguration config, PrincipalStore store)
+ /**
+ * Creates a new instance of KerberosProtocolHandler.
+ *
+ * @param config
+ * @param store
+ */
+ public KerberosProtocolHandler( KdcConfiguration config, PrincipalStore store )
{
this.config = config;
this.store = store;
@@ -164,19 +170,31 @@
case 11:
case 13:
- log.error( "Kerberos error: " + ErrorType.KRB_AP_ERR_BADDIRECTION.getMessage() );
+ throw new KerberosException( ErrorType.KRB_AP_ERR_BADDIRECTION );
default:
- log.error( "Kerberos error: " + ErrorType.KRB_AP_ERR_MSG_TYPE.getMessage() );
+ throw new KerberosException( ErrorType.KRB_AP_ERR_MSG_TYPE );
}
}
+ catch ( KerberosException ke )
+ {
+ if ( log.isDebugEnabled() )
+ {
+ log.debug( ke.getMessage(), ke );
+ }
+ else
+ {
+ log.warn( ke.getMessage() );
+ }
+
+ session.write( getErrorMessage( config.getServicePrincipal(), ke ) );
+ }
catch ( Exception e )
{
- log.error( e.getMessage() );
+ log.error( "Unexpected exception: " + e.getMessage(), e );
- KerberosException ke = ( KerberosException ) e;
-
- session.write( getErrorMessage( config.getServicePrincipal(), ke ) );
+ session.write( getErrorMessage( config.getServicePrincipal(), new KerberosException(
+ ErrorType.KDC_ERR_SVC_UNAVAILABLE ) ) );
}
}
@@ -190,7 +208,7 @@
}
- public ErrorMessage getErrorMessage( KerberosPrincipal principal, KerberosException exception )
+ protected ErrorMessage getErrorMessage( KerberosPrincipal principal, KerberosException exception )
{
ErrorMessageModifier modifier = new ErrorMessageModifier();
@@ -207,7 +225,7 @@
}
- public String getContextKey()
+ protected String getContextKey()
{
return ( this.contextKey );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java
index a6b0fe2..6659175 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamSubsystem.java
@@ -22,11 +22,13 @@
import java.util.HashMap;
import java.util.Hashtable;
+import java.util.Map;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.security.auth.kerberos.KerberosKey;
+import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
@@ -42,10 +44,11 @@
/** the property key base used for SAM algorithm verifiers */
public static final String PROPKEY_BASE = "kerberos.sam.type.";
+ /** the SAM subsystem instance */
public static SamSubsystem instance;
/** a map of verifiers so we do not need to create a new one every time */
- private final HashMap verifiers = new HashMap();
+ private final Map<SamType, SamVerifier> verifiers = new HashMap<SamType, SamVerifier>();
/** the key integrity checker used by the subsystem for all sam types */
private KeyIntegrityChecker keyChecker;
@@ -115,7 +118,7 @@
String key = PROPKEY_BASE + entry.getSamType().getOrdinal();
- Hashtable env = new Hashtable();
+ Hashtable<Object, Object> env = new Hashtable<Object, Object>();
try
{
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java
index 002c837..a7c6043 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/SamVerifier.java
@@ -48,11 +48,17 @@
*/
public interface SamVerifier
{
- /** Starts one of many pluggable SAM type subsystem*/
+ /**
+ * Starts one of many pluggable SAM type subsystem.
+ *
+ * @throws SamException
+ */
void startup() throws SamException;
- /** Shuts down one of many pluggable SAM type subsystem*/
+ /**
+ * Shuts down one of many pluggable SAM type subsystem.
+ */
void shutdown();
@@ -62,9 +68,9 @@
* and supplies it to the verifier to check generated keys to conduct the
* verification workflow.
*
- * @param keyChecker the integrity checker that validates whether or not a
+ * @param keyChecker The integrity checker that validates whether or not a
* key can decrypt-decode preauth data (an encryped-encoded generalized
- * timestamp)
+ * timestamp).
*/
void setIntegrityChecker( KeyIntegrityChecker keyChecker );
@@ -72,8 +78,10 @@
/**
* Verifies the single use password supplied.
*
- * @param principal the kerberos principal to use
- * @param sad single-use authentication data (encrypted generalized timestamp)
+ * @param principal The kerberos principal to use.
+ * @param sad Single-use authentication data (encrypted generalized timestamp).
+ * @return The {@link KerberosKey}.
+ * @throws SamException
*/
KerberosKey verify( KerberosPrincipal principal, byte[] sad ) throws SamException;
@@ -81,11 +89,15 @@
/**
* Gets the registered SAM algorithm type implemented by this SamVerifier.
*
- * @return the type value for the SAM algorithm used to verify the SUP.
+ * @return The type value for the SAM algorithm used to verify the SUP.
*/
SamType getSamType();
- /** sets the user context where users are stored for the primary realm */
+ /**
+ * Sets the user context where users are stored for the primary realm.
+ *
+ * @param userContext
+ */
void setUserContext( DirContext userContext );
}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java
index c7c0e2c..2ad3673 100644
--- a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/sam/TimestampChecker.java
@@ -24,14 +24,15 @@
import javax.security.auth.kerberos.KerberosKey;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.io.decoder.EncryptedDataDecoder;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedTimeStamp;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
-import org.apache.directory.server.kerberos.shared.service.LockBox;
/**
@@ -41,7 +42,7 @@
public class TimestampChecker implements KeyIntegrityChecker
{
private static final long FIVE_MINUTES = 300000;
- private static final LockBox lockBox = new LockBox();
+ private static final CipherTextHandler cipherTextHandler = new CipherTextHandler();
public boolean checkKeyIntegrity( byte[] encryptedData, KerberosKey kerberosKey )
@@ -57,8 +58,8 @@
// Decrypt the EncryptedData structure to get the PA-ENC-TS-ENC
// Decode the decrypted timestamp into our timestamp object.
- EncryptedTimeStamp timestamp = ( EncryptedTimeStamp ) lockBox.unseal( EncryptedTimeStamp.class, key,
- sadValue );
+ EncryptedTimeStamp timestamp = ( EncryptedTimeStamp ) cipherTextHandler.unseal( EncryptedTimeStamp.class, key,
+ sadValue, KeyUsage.NUMBER1 );
// Since we got here we must have a valid timestamp structure that we can
// validate to be within a five minute skew.
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/shared/interceptors/KeyDerivationService.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/shared/interceptors/KeyDerivationService.java
new file mode 100644
index 0000000..91e5c99
--- /dev/null
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/shared/interceptors/KeyDerivationService.java
@@ -0,0 +1,363 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.interceptors;
+
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+
+import org.apache.directory.server.core.authn.AuthenticationService;
+import org.apache.directory.server.core.authz.AuthorizationService;
+import org.apache.directory.server.core.authz.DefaultAuthorizationService;
+import org.apache.directory.server.core.collective.CollectiveAttributeService;
+import org.apache.directory.server.core.event.EventService;
+import org.apache.directory.server.core.exception.ExceptionService;
+import org.apache.directory.server.core.interceptor.BaseInterceptor;
+import org.apache.directory.server.core.interceptor.Interceptor;
+import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.LookupOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.server.core.invocation.Invocation;
+import org.apache.directory.server.core.invocation.InvocationStack;
+import org.apache.directory.server.core.normalization.NormalizationService;
+import org.apache.directory.server.core.operational.OperationalAttributeService;
+import org.apache.directory.server.core.partition.PartitionNexusProxy;
+import org.apache.directory.server.core.referral.ReferralService;
+import org.apache.directory.server.core.schema.SchemaService;
+import org.apache.directory.server.core.subtree.SubentryService;
+import org.apache.directory.server.core.trigger.TriggerService;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
+import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
+import org.apache.directory.server.kerberos.shared.io.encoder.EncryptionKeyEncoder;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
+import org.apache.directory.shared.ldap.exception.LdapAuthenticationException;
+import org.apache.directory.shared.ldap.message.AttributeImpl;
+import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.AttributeUtils;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * An {@link Interceptor} that creates symmetric Kerberos keys for users. When a
+ * userPassword is added or modified, the userPassword and krb5PrincipalName are used
+ * to derive Kerberos keys. If the userPassword is the special keyword 'randomKey',
+ * a random key is generated and used as the Kerberos key.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class KeyDerivationService extends BaseInterceptor
+{
+ /** The log for this class. */
+ private static final Logger log = LoggerFactory.getLogger( KeyDerivationService.class );
+
+ /** The service name. */
+ public static final String NAME = "keyDerivationService";
+
+ /**
+ * Define the interceptors to bypass upon user lookup.
+ */
+ private static final Collection USERLOOKUP_BYPASS;
+ static
+ {
+ Set<String> c = new HashSet<String>();
+ c.add( NormalizationService.NAME );
+ c.add( AuthenticationService.NAME );
+ c.add( ReferralService.NAME );
+ c.add( AuthorizationService.NAME );
+ c.add( DefaultAuthorizationService.NAME );
+ c.add( ExceptionService.NAME );
+ c.add( OperationalAttributeService.NAME );
+ c.add( SchemaService.NAME );
+ c.add( SubentryService.NAME );
+ c.add( CollectiveAttributeService.NAME );
+ c.add( EventService.NAME );
+ c.add( TriggerService.NAME );
+ USERLOOKUP_BYPASS = Collections.unmodifiableCollection( c );
+ }
+
+
+ public void add( NextInterceptor next, OperationContext addContext ) throws NamingException
+ {
+ LdapDN normName = addContext.getDn();
+
+ Attributes entry = ( ( AddOperationContext ) addContext ).getEntry();
+
+ if ( entry.get( "userPassword" ) != null && entry.get( KerberosAttribute.PRINCIPAL ) != null )
+ {
+ log.debug( "Adding the entry " + AttributeUtils.toString( entry ) + " for DN = '" + normName.getUpName()
+ + "'" );
+
+ Object firstValue = entry.get( "userPassword" ).get();
+
+ if ( firstValue instanceof String )
+ {
+ log.debug( "Adding Attribute id : 'userPassword', Values : ['" + firstValue + "']" );
+ }
+ else if ( firstValue instanceof byte[] )
+ {
+ String string = StringTools.utf8ToString( ( byte[] ) firstValue );
+
+ StringBuffer sb = new StringBuffer();
+ sb.append( "'" + string + "' ( " );
+ sb.append( StringTools.dumpBytes( ( byte[] ) firstValue ).trim() );
+ log.debug( "Adding Attribute id : 'userPassword', Values : [ " + sb.toString() + " ) ]" );
+ firstValue = string;
+ }
+
+ String userPassword = ( String ) firstValue;
+ String principalName = ( String ) entry.get( KerberosAttribute.PRINCIPAL ).get();
+
+ log.debug( "Got principal " + principalName + " with userPassword " + userPassword );
+
+ Map<EncryptionType, EncryptionKey> keys = generateKeys( principalName, userPassword );
+
+ EncryptionKey key = keys.get( EncryptionType.DES_CBC_MD5 );
+ entry.put( KerberosAttribute.PRINCIPAL, principalName );
+ entry.put( KerberosAttribute.VERSION, Integer.toString( key.getKeyVersion() ) );
+ entry.put( KerberosAttribute.TYPE, Integer.toString( key.getKeyType().getOrdinal() ) );
+
+ entry.put( getKeyAttribute( keys ) );
+
+ log.debug( "Adding modified entry " + AttributeUtils.toString( entry ) + " for DN = '"
+ + normName.getUpName() + "'" );
+
+ // Optionally discard userPassword.
+ }
+
+ next.add( addContext );
+ }
+
+
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
+ {
+ LdapDN name = opContext.getDn();
+ ModifyOperationContext modContext = ( ModifyOperationContext ) opContext;
+
+ ModificationItemImpl[] mods = modContext.getModItems();
+
+ String userPassword = null;
+ String principalName = null;
+
+ for ( int ii = 0; ii < mods.length; ii++ )
+ {
+ Attribute attr = mods[ii].getAttribute();
+
+ if ( log.isDebugEnabled() )
+ {
+ String operation = null;
+
+ switch ( mods[ii].getModificationOp() )
+ {
+ case DirContext.ADD_ATTRIBUTE:
+ operation = "Adding";
+ break;
+ case DirContext.REMOVE_ATTRIBUTE:
+ operation = "Removing";
+ break;
+ case DirContext.REPLACE_ATTRIBUTE:
+ operation = "Replacing";
+ break;
+ }
+
+ log
+ .debug( operation + " for entry '" + name.getUpName() + "' the attribute "
+ + mods[ii].getAttribute() );
+ }
+
+ String attrId = attr.getID();
+
+ if ( attrId.equalsIgnoreCase( "userPassword" ) )
+ {
+ Object firstValue = attr.get();
+
+ if ( firstValue instanceof String )
+ {
+ log.debug( "Adding Attribute id : 'userPassword', Values : ['" + firstValue + "']" );
+ }
+ else if ( firstValue instanceof byte[] )
+ {
+ String string = StringTools.utf8ToString( ( byte[] ) firstValue );
+
+ StringBuffer sb = new StringBuffer();
+ sb.append( "'" + string + "' ( " );
+ sb.append( StringTools.dumpBytes( ( byte[] ) firstValue ).trim() );
+ log.debug( "Adding Attribute id : 'userPassword', Values : [ " + sb.toString() + " ) ]" );
+ firstValue = string;
+ }
+
+ userPassword = ( String ) firstValue;
+ log.debug( "Got userPassword " + userPassword + "." );
+ }
+
+ if ( attrId.equalsIgnoreCase( KerberosAttribute.PRINCIPAL ) )
+ {
+ principalName = ( String ) attr.get();
+ log.debug( "Got principal " + principalName + "." );
+ }
+ }
+
+ if ( userPassword != null && principalName != null )
+ {
+ log.debug( "Got principal " + principalName + " with userPassword " + userPassword );
+
+ List<ModificationItemImpl> newModsList = new ArrayList<ModificationItemImpl>();
+
+ Map<EncryptionType, EncryptionKey> keys = generateKeys( principalName, userPassword );
+
+ EncryptionKey key = keys.get( EncryptionType.DES_CBC_MD5 );
+ newModsList.add( new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, new AttributeImpl(
+ KerberosAttribute.PRINCIPAL, principalName ) ) );
+ newModsList.add( new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, new AttributeImpl(
+ KerberosAttribute.VERSION, Integer.toString( key.getKeyVersion() ) ) ) );
+ newModsList.add( new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, new AttributeImpl(
+ KerberosAttribute.TYPE, Integer.toString( key.getKeyType().getOrdinal() ) ) ) );
+
+ newModsList.add( new ModificationItemImpl( DirContext.REPLACE_ATTRIBUTE, getKeyAttribute( keys ) ) );
+
+ for ( int ii = 0; ii < mods.length; ii++ )
+ {
+ newModsList.add( mods[ii] );
+ }
+
+ mods = ( ModificationItemImpl[] ) newModsList.toArray( mods );
+
+ modContext.setModItems( mods );
+ }
+
+ next.modify( opContext );
+ }
+
+
+ /**
+ * Lookup the principal entry's krb5KeyVersionNumber attribute.
+ *
+ * @param principalDn
+ * @return The principal entry's krb5KeyVersionNumber attribute.
+ * @throws NamingException
+ */
+ protected int lookupKeyVersionNumber( LdapDN principalDn ) throws NamingException
+ {
+ Invocation invocation = InvocationStack.getInstance().peek();
+ PartitionNexusProxy proxy = invocation.getProxy();
+ Attributes userEntry;
+
+ try
+ {
+ LookupOperationContext lookupContext = new LookupOperationContext( new String[]
+ { KerberosAttribute.VERSION } );
+ lookupContext.setDn( principalDn );
+
+ userEntry = proxy.lookup( lookupContext, USERLOOKUP_BYPASS );
+
+ if ( userEntry == null )
+ {
+ throw new LdapAuthenticationException( "Failed to lookup user for authentication: " + principalDn );
+ }
+ }
+ catch ( Exception cause )
+ {
+ log.error( "Authentication error : " + cause.getMessage() );
+ LdapAuthenticationException e = new LdapAuthenticationException();
+ e.setRootCause( e );
+ throw e;
+ }
+
+ Integer keyVersionNumber;
+
+ Attribute keyVersionNumberAttr = userEntry.get( KerberosAttribute.VERSION );
+
+ if ( keyVersionNumberAttr == null )
+ {
+ keyVersionNumber = new Integer( 0 );
+ }
+ else
+ {
+ keyVersionNumber = new Integer( ( String ) keyVersionNumberAttr.get() );
+ }
+
+ return keyVersionNumber.intValue();
+ }
+
+
+ private Attribute getKeyAttribute( Map<EncryptionType, EncryptionKey> keys )
+ {
+ Attribute keyAttribute = new AttributeImpl( KerberosAttribute.KEY );
+
+ Iterator<EncryptionKey> it = keys.values().iterator();
+
+ while ( it.hasNext() )
+ {
+ try
+ {
+ keyAttribute.add( EncryptionKeyEncoder.encode( it.next() ) );
+ }
+ catch ( IOException ioe )
+ {
+ log.error( "Error encoding EncryptionKey.", ioe );
+ }
+ }
+
+ return keyAttribute;
+ }
+
+
+ private Map<EncryptionType, EncryptionKey> generateKeys( String principalName, String userPassword )
+ {
+ if ( userPassword.equalsIgnoreCase( "randomKey" ) )
+ {
+ // Generate random key.
+ try
+ {
+ return RandomKeyFactory.getRandomKeys();
+ }
+ catch ( KerberosException ke )
+ {
+ log.debug( ke.getMessage(), ke );
+ return null;
+ }
+ }
+ else
+ {
+ // Derive key based on password and principal name.
+ return KerberosKeyFactory.getKerberosKeys( principalName, userPassword );
+ }
+ }
+}
diff --git a/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/shared/interceptors/PasswordPolicyService.java b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/shared/interceptors/PasswordPolicyService.java
new file mode 100644
index 0000000..fee538c
--- /dev/null
+++ b/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/shared/interceptors/PasswordPolicyService.java
@@ -0,0 +1,338 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server.kerberos.shared.interceptors;
+
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+
+import org.apache.directory.server.core.interceptor.BaseInterceptor;
+import org.apache.directory.server.core.interceptor.Interceptor;
+import org.apache.directory.server.core.interceptor.NextInterceptor;
+import org.apache.directory.server.core.interceptor.context.AddOperationContext;
+import org.apache.directory.server.core.interceptor.context.ModifyOperationContext;
+import org.apache.directory.server.core.interceptor.context.OperationContext;
+import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.util.AttributeUtils;
+import org.apache.directory.shared.ldap.util.StringTools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+/**
+ * An {@link Interceptor} that enforces password policy for users. Add or modify operations
+ * on the 'userPassword' attribute are checked against a password policy. The password is
+ * rejected if it does not pass the password policy checks. The password MUST be passed to
+ * the core as plaintext.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class PasswordPolicyService extends BaseInterceptor
+{
+ /** The log for this class. */
+ private static final Logger log = LoggerFactory.getLogger( PasswordPolicyService.class );
+
+ /** The service name. */
+ public static final String NAME = "passwordPolicyService";
+
+
+ /**
+ * Check added attributes for a 'userPassword'. If a 'userPassword' is found, apply any
+ * password policy checks.
+ */
+ public void add( NextInterceptor next, OperationContext addContext ) throws NamingException
+ {
+ LdapDN normName = addContext.getDn();
+
+ Attributes entry = ( ( AddOperationContext ) addContext ).getEntry();
+
+ log.debug( "Adding the entry " + AttributeUtils.toString( entry ) + " for DN = '" + normName.getUpName() + "'" );
+
+ Object attr = null;
+
+ if ( entry.get( "userPassword" ) != null )
+ {
+ String userPassword = "";
+ String username = "";
+
+ attr = entry.get( "userPassword" ).get();
+
+ if ( attr instanceof String )
+ {
+ log.debug( "Adding Attribute id : 'userPassword', Values : ['" + attr + "']" );
+ userPassword = ( String ) attr;
+ }
+ else if ( attr instanceof byte[] )
+ {
+ String string = StringTools.utf8ToString( ( byte[] ) attr );
+
+ StringBuffer sb = new StringBuffer();
+ sb.append( "'" + string + "' ( " );
+ sb.append( StringTools.dumpBytes( ( byte[] ) attr ).trim() );
+ log.debug( "Adding Attribute id : 'userPassword', Values : [ " + sb.toString() + " ) ]" );
+
+ userPassword = string;
+ }
+
+ if ( entry.get( "cn" ) != null )
+ {
+ attr = entry.get( "cn" ).get();
+ username = ( String ) attr;
+ }
+
+ // If userPassword fails checks, throw new NamingException.
+ check( username, userPassword );
+ }
+
+ next.add( addContext );
+ }
+
+
+ /**
+ * Check modification items for a 'userPassword'. If a 'userPassword' is found, apply any
+ * password policy checks.
+ */
+ public void modify( NextInterceptor next, OperationContext opContext ) throws NamingException
+ {
+ LdapDN name = opContext.getDn();
+ ModifyOperationContext modContext = ( ModifyOperationContext ) opContext;
+
+ ModificationItemImpl[] mods = modContext.getModItems();
+
+ String operation = null;
+
+ for ( int ii = 0; ii < mods.length; ii++ )
+ {
+ switch ( mods[ii].getModificationOp() )
+ {
+ case DirContext.ADD_ATTRIBUTE:
+ operation = "Adding";
+ break;
+ case DirContext.REMOVE_ATTRIBUTE:
+ operation = "Removing";
+ break;
+ case DirContext.REPLACE_ATTRIBUTE:
+ operation = "Replacing";
+ break;
+ }
+
+ Attribute attr = mods[ii].getAttribute();
+ String id = attr.getID();
+
+ if ( id.equalsIgnoreCase( "userPassword" ) )
+ {
+ Object userPassword = attr.get();
+
+ if ( userPassword != null )
+ {
+ if ( userPassword instanceof String )
+ {
+ log.debug( "Adding Attribute id : 'userPassword', Values : ['" + attr + "']" );
+ }
+ else if ( userPassword instanceof byte[] )
+ {
+ String string = StringTools.utf8ToString( ( byte[] ) userPassword );
+
+ StringBuffer sb = new StringBuffer();
+ sb.append( "'" + string + "' ( " );
+ sb.append( StringTools.dumpBytes( ( byte[] ) userPassword ).trim() );
+ log.debug( "Adding Attribute id : 'userPassword', Values : [ " + sb.toString() + " ) ]" );
+
+ userPassword = string;
+ }
+
+ // if userPassword fails checks, throw new NamingException.
+ check( name.getUpName(), ( String ) userPassword );
+ }
+ }
+
+ log.debug( operation + " for entry '" + name.getUpName() + "' the attribute " + mods[ii].getAttribute() );
+ }
+
+ next.modify( opContext );
+ }
+
+
+ void check( String username, String password ) throws NamingException
+ {
+ int passwordLength = 6;
+ int categoryCount = 2;
+ int tokenSize = 3;
+
+ if ( !isValid( username, password, passwordLength, categoryCount, tokenSize ) )
+ {
+ String explanation = buildErrorMessage( username, password, passwordLength, categoryCount, tokenSize );
+ log.error( explanation );
+
+ throw new NamingException( explanation );
+ }
+ }
+
+
+ /**
+ * Tests that:
+ * The password is at least six characters long.
+ * The password contains a mix of characters.
+ * The password does not contain three letter (or more) tokens from the user's account name.
+ */
+ boolean isValid( String username, String password, int passwordLength, int categoryCount, int tokenSize )
+ {
+ return isValidPasswordLength( password, passwordLength ) && isValidCategoryCount( password, categoryCount )
+ && isValidUsernameSubstring( username, password, tokenSize );
+ }
+
+
+ /**
+ * The password is at least six characters long.
+ */
+ boolean isValidPasswordLength( String password, int passwordLength )
+ {
+ return password.length() >= passwordLength;
+ }
+
+
+ /**
+ * The password contains characters from at least three of the following four categories:
+ * English uppercase characters (A - Z)
+ * English lowercase characters (a - z)
+ * Base 10 digits (0 - 9)
+ * Any non-alphanumeric character (for example: !, $, #, or %)
+ */
+ boolean isValidCategoryCount( String password, int categoryCount )
+ {
+ int uppercase = 0;
+ int lowercase = 0;
+ int digit = 0;
+ int nonAlphaNumeric = 0;
+
+ char[] characters = password.toCharArray();
+
+ for ( int ii = 0; ii < characters.length; ii++ )
+ {
+ if ( Character.isLowerCase( characters[ii] ) )
+ {
+ lowercase = 1;
+ }
+ else
+ {
+ if ( Character.isUpperCase( characters[ii] ) )
+ {
+ uppercase = 1;
+ }
+ else
+ {
+ if ( Character.isDigit( characters[ii] ) )
+ {
+ digit = 1;
+ }
+ else
+ {
+ if ( !Character.isLetterOrDigit( characters[ii] ) )
+ {
+ nonAlphaNumeric = 1;
+ }
+ }
+ }
+ }
+ }
+
+ return ( uppercase + lowercase + digit + nonAlphaNumeric ) >= categoryCount;
+ }
+
+
+ /**
+ * The password does not contain three letter (or more) tokens from the user's account name.
+ *
+ * If the account name is less than three characters long, this check is not performed
+ * because the rate at which passwords would be rejected is too high. For each token that is
+ * three or more characters long, that token is searched for in the password; if it is present,
+ * the password change is rejected. For example, the name "First M. Last" would be split into
+ * three tokens: "First", "M", and "Last". Because the second token is only one character long,
+ * it would be ignored. Therefore, this user could not have a password that included either
+ * "first" or "last" as a substring anywhere in the password. All of these checks are
+ * case-insensitive.
+ */
+ boolean isValidUsernameSubstring( String username, String password, int tokenSize )
+ {
+ String[] tokens = username.split( "[^a-zA-Z]" );
+
+ for ( int ii = 0; ii < tokens.length; ii++ )
+ {
+ if ( tokens[ii].length() >= tokenSize )
+ {
+ if ( password.matches( "(?i).*" + tokens[ii] + ".*" ) )
+ {
+ return false;
+ }
+ }
+ }
+
+ return true;
+ }
+
+
+ private String buildErrorMessage( String username, String password, int passwordLength, int categoryCount,
+ int tokenSize )
+ {
+ List<String> violations = new ArrayList<String>();
+
+ if ( !isValidPasswordLength( password, passwordLength ) )
+ {
+ violations.add( "length too short" );
+ }
+
+ if ( !isValidCategoryCount( password, categoryCount ) )
+ {
+ violations.add( "insufficient character mix" );
+ }
+
+ if ( !isValidUsernameSubstring( username, password, tokenSize ) )
+ {
+ violations.add( "contains portions of username" );
+ }
+
+ StringBuffer sb = new StringBuffer( "Password violates policy: " );
+
+ boolean isFirst = true;
+
+ for ( String violation : violations )
+ {
+ if ( isFirst )
+ {
+ isFirst = false;
+ }
+ else
+ {
+ sb.append( ", " );
+ }
+
+ sb.append( violation );
+ }
+
+ return sb.toString();
+ }
+}
diff --git a/protocol-kerberos/src/main/resources/META-INF/LICENSE.txt b/protocol-kerberos/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..1b3e9c7
--- /dev/null
+++ b/protocol-kerberos/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,300 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
diff --git a/protocol-kerberos/src/main/resources/META-INF/NOTICE.txt b/protocol-kerberos/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/protocol-kerberos/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java b/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java
index 2bbc5d0..b0f2908 100644
--- a/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java
+++ b/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/messages/value/OptionsTest.java
@@ -22,11 +22,11 @@
import java.util.Arrays;
+import junit.framework.TestCase;
+
import org.apache.directory.server.kerberos.shared.messages.value.KdcOptions;
import org.apache.directory.server.kerberos.shared.messages.value.TicketFlags;
-import junit.framework.TestCase;
-
/**
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
@@ -38,6 +38,9 @@
{ ( byte ) 0x50, ( byte ) 0x00, ( byte ) 0x00, ( byte ) 0x10 };
+ /**
+ * Tests converting the ticket flags to a descriptive String.
+ */
public void testToString()
{
TicketFlags flags = new TicketFlags();
@@ -49,6 +52,9 @@
}
+ /**
+ * Tests that setting flags is idempotent.
+ */
public void testDuplicateSetting()
{
TicketFlags flags = new TicketFlags();
@@ -61,6 +67,9 @@
}
+ /**
+ * Tests the basic construction of the {@link KdcOptions}.
+ */
public void testConstruction()
{
KdcOptions options = new KdcOptions( fpriOptions );
diff --git a/protocol-ldap/LICENSE.txt b/protocol-ldap/LICENSE.txt
deleted file mode 100644
index e5130ad..0000000
--- a/protocol-ldap/LICENSE.txt
+++ /dev/null
@@ -1,204 +0,0 @@
-/*
- * Apache License
- * Version 2.0, January 2004
- * http://www.apache.org/licenses/
- *
- * TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
- *
- * 1. Definitions.
- *
- * "License" shall mean the terms and conditions for use, reproduction,
- * and distribution as defined by Sections 1 through 9 of this document.
- *
- * "Licensor" shall mean the copyright owner or entity authorized by
- * the copyright owner that is granting the License.
- *
- * "Legal Entity" shall mean the union of the acting entity and all
- * other entities that control, are controlled by, or are under common
- * control with that entity. For the purposes of this definition,
- * "control" means (i) the power, direct or indirect, to cause the
- * direction or management of such entity, whether by contract or
- * otherwise, or (ii) ownership of fifty percent (50%) or more of the
- * outstanding shares, or (iii) beneficial ownership of such entity.
- *
- * "You" (or "Your") shall mean an individual or Legal Entity
- * exercising permissions granted by this License.
- *
- * "Source" form shall mean the preferred form for making modifications,
- * including but not limited to software source code, documentation
- * source, and configuration files.
- *
- * "Object" form shall mean any form resulting from mechanical
- * transformation or translation of a Source form, including but
- * not limited to compiled object code, generated documentation,
- * and conversions to other media types.
- *
- * "Work" shall mean the work of authorship, whether in Source or
- * Object form, made available under the License, as indicated by a
- * copyright notice that is included in or attached to the work
- * (an example is provided in the Appendix below).
- *
- * "Derivative Works" shall mean any work, whether in Source or Object
- * form, that is based on (or derived from) the Work and for which the
- * editorial revisions, annotations, elaborations, or other modifications
- * represent, as a whole, an original work of authorship. For the purposes
- * of this License, Derivative Works shall not include works that remain
- * separable from, or merely link (or bind by name) to the interfaces of,
- * the Work and Derivative Works thereof.
- *
- * "Contribution" shall mean any work of authorship, including
- * the original version of the Work and any modifications or additions
- * to that Work or Derivative Works thereof, that is intentionally
- * submitted to Licensor for inclusion in the Work by the copyright owner
- * or by an individual or Legal Entity authorized to submit on behalf of
- * the copyright owner. For the purposes of this definition, "submitted"
- * means any form of electronic, verbal, or written communication sent
- * to the Licensor or its representatives, including but not limited to
- * communication on electronic mailing lists, source code control systems,
- * and issue tracking systems that are managed by, or on behalf of, the
- * Licensor for the purpose of discussing and improving the Work, but
- * excluding communication that is conspicuously marked or otherwise
- * designated in writing by the copyright owner as "Not a Contribution."
- *
- * "Contributor" shall mean Licensor and any individual or Legal Entity
- * on behalf of whom a Contribution has been received by Licensor and
- * subsequently incorporated within the Work.
- *
- * 2. Grant of Copyright License. Subject to the terms and conditions of
- * this License, each Contributor hereby grants to You a perpetual,
- * worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- * copyright license to reproduce, prepare Derivative Works of,
- * publicly display, publicly perform, sublicense, and distribute the
- * Work and such Derivative Works in Source or Object form.
- *
- * 3. Grant of Patent License. Subject to the terms and conditions of
- * this License, each Contributor hereby grants to You a perpetual,
- * worldwide, non-exclusive, no-charge, royalty-free, irrevocable
- * (except as stated in this section) patent license to make, have made,
- * use, offer to sell, sell, import, and otherwise transfer the Work,
- * where such license applies only to those patent claims licensable
- * by such Contributor that are necessarily infringed by their
- * Contribution(s) alone or by combination of their Contribution(s)
- * with the Work to which such Contribution(s) was submitted. If You
- * institute patent litigation against any entity (including a
- * cross-claim or counterclaim in a lawsuit) alleging that the Work
- * or a Contribution incorporated within the Work constitutes direct
- * or contributory patent infringement, then any patent licenses
- * granted to You under this License for that Work shall terminate
- * as of the date such litigation is filed.
- *
- * 4. Redistribution. You may reproduce and distribute copies of the
- * Work or Derivative Works thereof in any medium, with or without
- * modifications, and in Source or Object form, provided that You
- * meet the following conditions:
- *
- * (a) You must give any other recipients of the Work or
- * Derivative Works a copy of this License; and
- *
- * (b) You must cause any modified files to carry prominent notices
- * stating that You changed the files; and
- *
- * (c) You must retain, in the Source form of any Derivative Works
- * that You distribute, all copyright, patent, trademark, and
- * attribution notices from the Source form of the Work,
- * excluding those notices that do not pertain to any part of
- * the Derivative Works; and
- *
- * (d) If the Work includes a "NOTICE" text file as part of its
- * distribution, then any Derivative Works that You distribute must
- * include a readable copy of the attribution notices contained
- * within such NOTICE file, excluding those notices that do not
- * pertain to any part of the Derivative Works, in at least one
- * of the following places: within a NOTICE text file distributed
- * as part of the Derivative Works; within the Source form or
- * documentation, if provided along with the Derivative Works; or,
- * within a display generated by the Derivative Works, if and
- * wherever such third-party notices normally appear. The contents
- * of the NOTICE file are for informational purposes only and
- * do not modify the License. You may add Your own attribution
- * notices within Derivative Works that You distribute, alongside
- * or as an addendum to the NOTICE text from the Work, provided
- * that such additional attribution notices cannot be construed
- * as modifying the License.
- *
- * You may add Your own copyright statement to Your modifications and
- * may provide additional or different license terms and conditions
- * for use, reproduction, or distribution of Your modifications, or
- * for any such Derivative Works as a whole, provided Your use,
- * reproduction, and distribution of the Work otherwise complies with
- * the conditions stated in this License.
- *
- * 5. Submission of Contributions. Unless You explicitly state otherwise,
- * any Contribution intentionally submitted for inclusion in the Work
- * by You to the Licensor shall be under the terms and conditions of
- * this License, without any additional terms or conditions.
- * Notwithstanding the above, nothing herein shall supersede or modify
- * the terms of any separate license agreement you may have executed
- * with Licensor regarding such Contributions.
- *
- * 6. Trademarks. This License does not grant permission to use the trade
- * names, trademarks, service marks, or product names of the Licensor,
- * except as required for reasonable and customary use in describing the
- * origin of the Work and reproducing the content of the NOTICE file.
- *
- * 7. Disclaimer of Warranty. Unless required by applicable law or
- * agreed to in writing, Licensor provides the Work (and each
- * Contributor provides its Contributions) on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
- * implied, including, without limitation, any warranties or conditions
- * of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
- * PARTICULAR PURPOSE. You are solely responsible for determining the
- * appropriateness of using or redistributing the Work and assume any
- * risks associated with Your exercise of permissions under this License.
- *
- * 8. Limitation of Liability. In no event and under no legal theory,
- * whether in tort (including negligence), contract, or otherwise,
- * unless required by applicable law (such as deliberate and grossly
- * negligent acts) or agreed to in writing, shall any Contributor be
- * liable to You for damages, including any direct, indirect, special,
- * incidental, or consequential damages of any character arising as a
- * result of this License or out of the use or inability to use the
- * Work (including but not limited to damages for loss of goodwill,
- * work stoppage, computer failure or malfunction, or any and all
- * other commercial damages or losses), even if such Contributor
- * has been advised of the possibility of such damages.
- *
- * 9. Accepting Warranty or Additional Liability. While redistributing
- * the Work or Derivative Works thereof, You may choose to offer,
- * and charge a fee for, acceptance of support, warranty, indemnity,
- * or other liability obligations and/or rights consistent with this
- * License. However, in accepting such obligations, You may act only
- * on Your own behalf and on Your sole responsibility, not on behalf
- * of any other Contributor, and only if You agree to indemnify,
- * defend, and hold each Contributor harmless for any liability
- * incurred by, or claims asserted against, such Contributor by reason
- * of your accepting any such warranty or additional liability.
- *
- * END OF TERMS AND CONDITIONS
- *
- * APPENDIX: How to apply the Apache License to your work.
- *
- * To apply the Apache License to your work, attach the following
- * boilerplate notice, with the fields enclosed by brackets "[]"
- * replaced with your own identifying information. (Don't include
- * the brackets!) The text should be enclosed in the appropriate
- * comment syntax for the file format. We also recommend that a
- * file or class name and description of purpose be included on the
- * same "printed page" as the copyright notice for easier
- * identification within third-party archives.
- *
- * Copyright [yyyy] [name of copyright owner]
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
diff --git a/protocol-ldap/NOTICE.txt b/protocol-ldap/NOTICE.txt
deleted file mode 100644
index 50dbef0..0000000
--- a/protocol-ldap/NOTICE.txt
+++ /dev/null
@@ -1,4 +0,0 @@
-This product includes software developed by
-The Apache Software Foundation (http://www.apache.org/).
-
-
diff --git a/protocol-ldap/pom.xml b/protocol-ldap/pom.xml
index bc7c367..c6c50f9 100644
--- a/protocol-ldap/pom.xml
+++ b/protocol-ldap/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-protocol-ldap</artifactId>
<description>
diff --git a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java
index 0eacbc9..4539661 100644
--- a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java
+++ b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/LdapProtocolProvider.java
@@ -78,6 +78,7 @@
import org.apache.mina.common.IoFilterChain;
import org.apache.mina.common.IoHandler;
import org.apache.mina.common.IoSession;
+import org.apache.mina.filter.LoggingFilter;
import org.apache.mina.filter.SSLFilter;
import org.apache.mina.filter.codec.ProtocolCodecFactory;
import org.apache.mina.filter.codec.ProtocolCodecFilter;
@@ -97,6 +98,10 @@
*/
public class LdapProtocolProvider
{
+ //TM private static long cumul = 0L;
+ //TM private static long count = 0;
+ //TM private static Object lock = new Object();
+
/** the constant service name of this ldap protocol provider **/
public static final String SERVICE_NAME = "ldap";
/** a map of the default request object class name to the handler class name */
@@ -331,7 +336,26 @@
public ProtocolDecoder getDecoder()
{
- return new Asn1CodecDecoder( new MessageDecoder( env ) );
+ //TM long t0 = System.nanoTime();
+
+ ProtocolDecoder decoder = new Asn1CodecDecoder( new MessageDecoder( env ) );
+
+ //TM long t1 = System.nanoTime();
+ //TM System.out.println( "New Asn1Decoder cost : " + (t1-t0) );
+
+ //TM synchronized (lock)
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "New Asn1Decoder cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
+ return decoder;
}
}
diff --git a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyDnHandler.java b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyDnHandler.java
index bde6658..003e4d4 100644
--- a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyDnHandler.java
+++ b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/ModifyDnHandler.java
@@ -26,6 +26,7 @@
import javax.naming.ldap.LdapContext;
import org.apache.directory.server.ldap.SessionRegistry;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.exception.LdapException;
import org.apache.directory.shared.ldap.message.Control;
import org.apache.directory.shared.ldap.message.LdapResult;
@@ -55,6 +56,22 @@
/** Speedup for logs */
private static final boolean IS_DEBUG = log.isDebugEnabled();
+ /**
+ * Deal with a ModifyDN request received from a client.
+ *
+ * A ModifyDN operation has more than one semantic, depending on its parameters.
+ *
+ * In any case, the first argument is the DN entry to be changed. We then
+ * have the new relative DN for this entry.
+ *
+ * Two other arguments can be provided :
+ * - deleteOldRdn : if the old RDN attributes should be removed from the
+ * new entry or not (for instance, if the old RDN was cn=acme, and the new
+ * one is sn=acme, then we may have to remove the cn: acme from the attributes
+ * list)
+ * - newSuperior : this is a move operation. The entry is removed from its
+ * current location, and created in the new one.
+ */
public void messageReceived( IoSession session, Object request ) throws Exception
{
ModifyDnRequest req = ( ModifyDnRequest ) request;
@@ -88,32 +105,18 @@
ctx.addToEnvironment( Context.REFERRAL, "throw" );
}
- ctx.setRequestControls( ( Control[] ) req.getControls().values().toArray( EMPTY_CONTROLS ) );
+ ctx.setRequestControls( req.getControls().values().toArray( EMPTY_CONTROLS ) );
String deleteRDN = String.valueOf( req.getDeleteOldRdn() );
- ctx.addToEnvironment( "java.naming.ldap.deleteRDN", deleteRDN );
+ ctx.addToEnvironment( JndiPropertyConstants.JNDI_LDAP_DELETE_RDN, deleteRDN );
- if ( req.isMove() )
+ LdapDN newSuperior = req.getNewSuperior();
+
+ if ( ( newSuperior != null ) && ( !newSuperior.isEmpty() ) )
{
LdapDN oldDn = req.getName();
LdapDN newDn = null;
- LdapDN newSuperior = req.getNewSuperior();
-
- if ( newSuperior.isEmpty() )
- {
- if ( oldDn.isEmpty() )
- {
- newDn = oldDn;
- }
- else
- {
- newDn = (LdapDN)oldDn.getPrefix( oldDn.size() - 1 );
- }
- }
- else
- {
- newDn = newSuperior;
- }
+ newDn = newSuperior;
if ( req.getNewRdn() != null )
{
diff --git a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchHandler.java b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchHandler.java
index 4f87cf6..29edabf 100644
--- a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchHandler.java
+++ b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchHandler.java
@@ -37,6 +37,8 @@
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.ldap.LdapConfiguration;
import org.apache.directory.server.ldap.SessionRegistry;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapException;
import org.apache.directory.shared.ldap.exception.OperationAbandonedException;
import org.apache.directory.shared.ldap.filter.PresenceNode;
@@ -67,8 +69,12 @@
*/
public class SearchHandler implements MessageHandler
{
+ //TM private static long cumul = 0L;
+ //TM private static long count = 0;
+ //TM private static Object lock = new Object();
+
private static final Logger log = LoggerFactory.getLogger( SearchHandler.class );
- private static final String DEREFALIASES_KEY = "java.naming.ldap.derefAliases";
+ private static final String DEREFALIASES_KEY = JndiPropertyConstants.JNDI_LDAP_DAP_DEREF_ALIASES;
/** Speedup for logs */
private static final boolean IS_DEBUG = log.isDebugEnabled();
@@ -131,7 +137,7 @@
boolean isRootDSEFilter = false;
if ( req.getFilter() instanceof PresenceNode )
{
- isRootDSEFilter = ( ( PresenceNode ) req.getFilter() ).getAttribute().equalsIgnoreCase( "objectClass" );
+ isRootDSEFilter = ( ( PresenceNode ) req.getFilter() ).getAttribute().equalsIgnoreCase( SchemaConstants.OBJECT_CLASS_AT );
}
return isBaseIsRoot && isBaseScope && isRootDSEFilter;
}
@@ -231,6 +237,19 @@
String msg = "Bind failure: Anonymous binds have been disabled!";
result.setErrorMessage( msg );
session.write( req.getResultResponse() );
+ //TM long t1 = System.nanoTime();
+ //TM
+ //TM synchronized (lock)
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
return;
}
@@ -292,6 +311,20 @@
if ( rcode != ResultCodeEnum.SUCCESS )
{
session.write( resp );
+ //TM long t1 = System.nanoTime();
+ //TM
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
return;
}
// if search was fine then we returned all entries so now
@@ -314,6 +347,18 @@
StringBuffer buf = new StringBuffer();
req.getFilter().printToBuffer( buf );
ctx.addNamingListener( req.getBase(), buf.toString(), controls, handler );
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
return;
}
@@ -338,6 +383,18 @@
{
session.write( it.next() );
}
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
return;
}
@@ -350,6 +407,19 @@
{
session.write( it.next() );
}
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
return;
}
}
@@ -369,6 +439,19 @@
while ( e.skipReferral() );
session.write( req.getResultResponse() );
SessionRegistry.getSingleton().removeOutstandingRequest( session, req.getMessageId() );
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
return;
}
catch ( NamingException e )
@@ -387,6 +470,19 @@
*/
if ( e instanceof OperationAbandonedException )
{
+ //TM long t1 = System.nanoTime();
+ //TM synchronized( lock )
+ //TM {
+ //TM cumul += (t1 - t0);
+ //TM count++;
+ //TM
+ //TM if ( count % 1000L == 0)
+ //TM {
+ //TM System.out.println( "Search cost : " + (cumul/count) );
+ //TM cumul = 0L;
+ //TM }
+ //TM }
+
return;
}
diff --git a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchResponseIterator.java b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchResponseIterator.java
index 996d8a4..cb312a5 100644
--- a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchResponseIterator.java
+++ b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/SearchResponseIterator.java
@@ -44,6 +44,7 @@
import org.apache.directory.shared.ldap.message.SearchResponseEntryImpl;
import org.apache.directory.shared.ldap.message.SearchResponseReference;
import org.apache.directory.shared.ldap.message.SearchResponseReferenceImpl;
+import org.apache.directory.shared.ldap.message.ServerSearchResult;
import org.apache.directory.shared.ldap.name.LdapDN;
import org.apache.directory.shared.ldap.util.ExceptionUtils;
import org.apache.mina.common.IoSession;
@@ -94,28 +95,22 @@
{
if ( underlying.hasMore() )
{
- SearchResult result = ( SearchResult ) underlying.next();
+ ServerSearchResult result = ( ServerSearchResult ) underlying.next();
/*
* Now we have to build the prefetched object from the 'result'
* local variable for the following call to next()
*/
Attribute ref = result.getAttributes().get( "ref" );
- if ( !ctx.isReferral( result.getName() )
+
+ if ( !ctx.isReferral( result.getDn() )
|| req.getControls().containsKey( ManageDsaITControl.CONTROL_OID ) )
{
SearchResponseEntry respEntry;
respEntry = new SearchResponseEntryImpl( req.getMessageId() );
respEntry.setAttributes( result.getAttributes() );
- try
- {
- respEntry.setObjectName( new LdapDN( result.getName() ) );
- }
- catch ( InvalidNameException ine )
- {
- log.error( "Invalid object name : " + result.getName(), ine);
- throw new RuntimeException( ine );
- }
+
+ respEntry.setObjectName( result.getDn() );
prefetched = respEntry;
}
diff --git a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
index 55796d2..c66b885 100644
--- a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
+++ b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/ConfigureChain.java
@@ -39,6 +39,7 @@
import javax.security.sasl.Sasl;
import org.apache.directory.server.core.configuration.ConfigurationException;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.store.PrincipalStoreEntry;
import org.apache.directory.server.ldap.LdapConfiguration;
@@ -196,7 +197,7 @@
throw new ConfigurationException( message );
}
- EncryptionKey key = entry.getEncryptionKey();
+ EncryptionKey key = entry.getKeyMap().get( EncryptionType.DES_CBC_MD5 );
byte[] keyBytes = key.getKeyValue();
int type = key.getKeyType().getOrdinal();
int kvno = key.getKeyVersion();
diff --git a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java
index 6cbf667..661f376 100644
--- a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java
+++ b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/bind/GetPrincipal.java
@@ -20,17 +20,22 @@
package org.apache.directory.server.ldap.support.bind;
+import java.io.IOException;
import java.text.ParseException;
+import java.util.Map;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InvalidAttributeValueException;
import javax.naming.directory.SearchResult;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
import org.apache.directory.server.kerberos.shared.messages.value.SamType;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
@@ -194,18 +199,21 @@
modifier.setSamType( SamType.getTypeByOrdinal( Integer.parseInt( samType ) ) );
}
- Object key = attrs.get( KerberosAttribute.KEY ).get();
- byte[] keyBytes = null;
-
- if ( key instanceof String )
+ if ( attrs.get( KerberosAttribute.KEY ) != null )
{
- String msg = "JNDI should not return a string for the kerberos key: JNDI property java.naming.ldap.attributes.binary must include the krb5key attribute.";
- throw new NamingException( msg );
+ Attribute krb5key = attrs.get( KerberosAttribute.KEY );
+ try
+ {
+ Map<EncryptionType, EncryptionKey> keyMap = modifier.reconstituteKeyMap( krb5key );
+ modifier.setKeyMap( keyMap );
+ }
+ catch ( IOException ioe )
+ {
+ throw new InvalidAttributeValueException( "Account Kerberos key attribute '" + KerberosAttribute.KEY
+ + "' contained an invalid value for krb5key." );
+ }
}
- keyBytes = ( byte[] ) key;
- modifier.setKey( keyBytes );
-
modifier.setPrincipal( new KerberosPrincipal( principal ) );
modifier.setEncryptionType( Integer.parseInt( encryptionType ) );
modifier.setKeyVersionNumber( Integer.parseInt( keyVersionNumber ) );
diff --git a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/LaunchDiagnosticUiHandler.java b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/LaunchDiagnosticUiHandler.java
index 4af0270..d1161ca 100644
--- a/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/LaunchDiagnosticUiHandler.java
+++ b/protocol-ldap/src/main/java/org/apache/directory/server/ldap/support/extended/LaunchDiagnosticUiHandler.java
@@ -33,6 +33,7 @@
import javax.swing.JFrame;
import org.apache.directory.server.core.DirectoryService;
+import org.apache.directory.server.core.interceptor.context.EmptyOperationContext;
import org.apache.directory.server.core.jndi.ServerLdapContext;
import org.apache.directory.server.core.partition.Partition;
import org.apache.directory.server.core.partition.PartitionNexus;
@@ -92,8 +93,9 @@
requestor.write( new LaunchDiagnosticUiResponse( req.getMessageId() ) );
PartitionNexus nexus = service.getConfiguration().getPartitionNexus();
- Iterator list = nexus.listSuffixes();
+ Iterator list = nexus.listSuffixes( new EmptyOperationContext() );
int launchedWindowCount = 0;
+
while ( list.hasNext() )
{
LdapDN dn = new LdapDN( ( String ) list.next() );
diff --git a/protocol-ldap/src/main/resources/META-INF/LICENSE.txt b/protocol-ldap/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..1b3e9c7
--- /dev/null
+++ b/protocol-ldap/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,300 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
diff --git a/protocol-ldap/src/main/resources/META-INF/NOTICE.txt b/protocol-ldap/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/protocol-ldap/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/protocol-ntp/pom.xml b/protocol-ntp/pom.xml
index f29a724..dcefb46 100644
--- a/protocol-ntp/pom.xml
+++ b/protocol-ntp/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-protocol-ntp</artifactId>
<name>ApacheDS Protocol Ntp</name>
diff --git a/protocol-ntp/src/main/resources/META-INF/LICENSE.txt b/protocol-ntp/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..1b3e9c7
--- /dev/null
+++ b/protocol-ntp/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,300 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
diff --git a/protocol-ntp/src/main/resources/META-INF/NOTICE.txt b/protocol-ntp/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/protocol-ntp/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/protocol-shared/pom.xml b/protocol-shared/pom.xml
index 824ba35..fd4c081 100644
--- a/protocol-shared/pom.xml
+++ b/protocol-shared/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>apacheds-protocol-shared</artifactId>
diff --git a/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/AbstractBackingStoreTest.java b/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/AbstractBackingStoreTest.java
index 9cc0c00..f206751 100644
--- a/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/AbstractBackingStoreTest.java
+++ b/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/AbstractBackingStoreTest.java
@@ -59,7 +59,9 @@
import org.apache.directory.server.schema.bootstrap.CosineSchema;
import org.apache.directory.server.schema.bootstrap.InetorgpersonSchema;
import org.apache.directory.server.schema.bootstrap.Krb5kdcSchema;
+import org.apache.directory.server.schema.bootstrap.Schema;
import org.apache.directory.server.schema.bootstrap.SystemSchema;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.ldif.Entry;
import org.apache.directory.shared.ldap.ldif.LdifReader;
import org.apache.directory.shared.ldap.message.AttributeImpl;
@@ -147,7 +149,7 @@
{
config = new MutableStartupConfiguration();
- Set schemas = new HashSet();
+ Set<Schema> schemas = new HashSet<Schema>();
schemas.add( new CoreSchema() );
schemas.add( new CosineSchema() );
schemas.add( new ApacheSchema() );
@@ -163,7 +165,7 @@
//config.setBootstrapSchemas( schemas );
- Set partitions = new HashSet();
+ Set<PartitionConfiguration> partitions = new HashSet<PartitionConfiguration>();
partitions.add( getExamplePartition() );
partitions.add( getApachePartition() );
@@ -178,10 +180,10 @@
MutablePartitionConfiguration partConfig = new MutablePartitionConfiguration();
partConfig.setName( "example" );
- HashSet indices = new HashSet();
+ Set<Object> indices = new HashSet<Object>();
indices.add( "dc" );
indices.add( "ou" );
- indices.add( "objectClass" );
+ indices.add( SchemaConstants.OBJECT_CLASS_AT );
indices.add( "krb5PrincipalName" );
indices.add( "uid" );
partConfig.setIndexedAttributes( indices );
@@ -189,8 +191,8 @@
partConfig.setSuffix( "dc=example, dc=com" );
AttributesImpl attrs = new AttributesImpl();
- AttributeImpl objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
+ AttributeImpl objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
objectClass.add( "domain" );
attrs.put( objectClass );
attrs.put( "dc", "example" );
@@ -205,10 +207,10 @@
MutablePartitionConfiguration partConfig = new MutablePartitionConfiguration();
partConfig.setName( "apache" );
- HashSet indices = new HashSet();
+ Set<Object> indices = new HashSet<Object>();
indices.add( "dc" );
indices.add( "ou" );
- indices.add( "objectClass" );
+ indices.add( SchemaConstants.OBJECT_CLASS_AT );
indices.add( "krb5PrincipalName" );
indices.add( "uid" );
partConfig.setIndexedAttributes( indices );
@@ -216,8 +218,8 @@
partConfig.setSuffix( "dc=apache, dc=org" );
AttributesImpl attrs = new AttributesImpl();
- AttributeImpl objectClass = new AttributeImpl( "objectClass" );
- objectClass.add( "top" );
+ AttributeImpl objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ objectClass.add( SchemaConstants.TOP_OC );
objectClass.add( "domain" );
attrs.put( objectClass );
attrs.put( "dc", "apache" );
@@ -316,9 +318,9 @@
String dn = entry.getDn();
Attributes attributes = entry.getAttributes();
- if ( attributes.get( "objectClass" ).contains( "krb5KDCEntry" ) )
+ if ( attributes.get( SchemaConstants.OBJECT_CLASS_AT ).contains( "krb5KDCEntry" ) )
{
- String pw = ( String ) attributes.get( "userpassword" ).get();
+ String pw = ( String ) attributes.get( SchemaConstants.USER_PASSWORD_AT ).get();
String krbPrincipal = ( String ) attributes.get( KerberosAttribute.PRINCIPAL ).get();
KerberosPrincipal principal = new KerberosPrincipal( krbPrincipal );
diff --git a/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/Krb5KdcEntryFilter.java b/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/Krb5KdcEntryFilter.java
index de0d809..4dc65db 100644
--- a/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/Krb5KdcEntryFilter.java
+++ b/protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/Krb5KdcEntryFilter.java
@@ -28,6 +28,7 @@
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -43,9 +44,8 @@
{
private static final Logger log = LoggerFactory.getLogger( Krb5KdcEntryFilter.class );
private static final String KEY_TYPE = "DES";
- private static final String OBJECTCLASS_ATTR = "objectClass";
private static final String KRB5KDCENTRY_OC = "krb5KDCEntry";
- private static final String PASSWORD_ATTR = "userPassword";
+ private static final String PASSWORD_ATTR = SchemaConstants.USER_PASSWORD_AT;
/**
@@ -55,7 +55,7 @@
*/
public boolean filter( File file, String dn, Attributes entry, DirContext ctx ) throws NamingException
{
- if ( entry.get( OBJECTCLASS_ATTR ).contains( KRB5KDCENTRY_OC ) )
+ if ( entry.get( SchemaConstants.OBJECT_CLASS_AT ).contains( KRB5KDCENTRY_OC ) )
{
String krbPrincipal = null;
try
diff --git a/protocol-shared/src/main/resources/META-INF/LICENSE.txt b/protocol-shared/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..7b0065c
--- /dev/null
+++ b/protocol-shared/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,302 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
+
diff --git a/protocol-shared/src/main/resources/META-INF/NOTICE.txt b/protocol-shared/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/protocol-shared/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/sar-plugin/pom.xml b/sar-plugin/pom.xml
index d2dfaee..95ffd98 100644
--- a/sar-plugin/pom.xml
+++ b/sar-plugin/pom.xml
@@ -2,7 +2,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>apacheds-sar-plugin</artifactId>
diff --git a/sar-plugin/src/main/resources/META-INF/LICENSE.txt b/sar-plugin/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..261eeb9
--- /dev/null
+++ b/sar-plugin/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,201 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/sar-plugin/src/main/resources/META-INF/NOTICE.txt b/sar-plugin/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..220f3dd
--- /dev/null
+++ b/sar-plugin/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,13 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product uses Plexus (http://plexus.codehaus.org)
+
+This product is a fork of the Codehaus SAR Mojo
+(http://mojo.codehaus.org/jboss-sar-maven-plugin/)
+NOTE: forked for bug fixes that were not being released by the authors.
diff --git a/schema-bootstrap/pom.xml b/schema-bootstrap/pom.xml
index d750537..70e96a7 100644
--- a/schema-bootstrap/pom.xml
+++ b/schema-bootstrap/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-schema-bootstrap</artifactId>
<name>ApacheDS Bootstrap Schemas</name>
diff --git a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/AbstractBootstrapProducer.java b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/AbstractBootstrapProducer.java
index b63921c..6e8dc82 100755
--- a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/AbstractBootstrapProducer.java
+++ b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/AbstractBootstrapProducer.java
@@ -109,7 +109,7 @@
final SyntaxCheckerRegistry registry;
- protected BootstrapSyntax(String oid, SyntaxCheckerRegistry registry)
+ public BootstrapSyntax(String oid, SyntaxCheckerRegistry registry)
{
super( oid );
this.registry = registry;
@@ -161,7 +161,7 @@
String syntaxOid;
- protected BootstrapMatchingRule(String oid, Registries registries)
+ public BootstrapMatchingRule(String oid, Registries registries)
{
super( oid );
this.syntaxRegistry = registries.getSyntaxRegistry();
@@ -238,7 +238,7 @@
private String syntaxId;
- protected BootstrapAttributeType(String oid, Registries registries)
+ public BootstrapAttributeType(String oid, Registries registries)
{
super( oid );
@@ -434,7 +434,7 @@
* @param oid the OID of the new objectClass
* @param registries the bootstrap registries to use for resolving dependent objects
*/
- protected BootstrapObjectClass(String oid, Registries registries)
+ public BootstrapObjectClass(String oid, Registries registries)
{
super( oid );
diff --git a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApacheComparatorProducer.java b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApacheComparatorProducer.java
index 8f1c4c7..f61d9bd 100644
--- a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApacheComparatorProducer.java
+++ b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApacheComparatorProducer.java
@@ -29,7 +29,8 @@
import org.apache.directory.server.schema.bootstrap.ProducerTypeEnum;
import org.apache.directory.server.schema.registries.Registries;
import org.apache.directory.shared.ldap.schema.ComparableComparator;
-import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+//import org.apache.directory.shared.ldap.util.BigIntegerComparator;
+import org.apache.directory.shared.ldap.util.LongComparator;
/**
@@ -63,7 +64,7 @@
cb.schemaObjectProduced( this, "1.3.6.1.4.1.18060.0.4.1.1.1", comparator );
// For bigIntegerMatch -> 1.3.6.1.4.1.18060.0.4.1.1.2
- comparator = new BigIntegerComparator();
+ comparator = new LongComparator();
cb.schemaObjectProduced( this, "1.3.6.1.4.1.18060.0.4.1.1.2", comparator );
// For jdbmStringMatch -> 1.3.6.1.4.1.18060.0.4.1.1.3
diff --git a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaMatchingRuleProducer.java b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaMatchingRuleProducer.java
index b3d0a4c..bc58e04 100644
--- a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaMatchingRuleProducer.java
+++ b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaMatchingRuleProducer.java
@@ -117,7 +117,7 @@
public String getDescription()
{
- return "Don't know Emmanuel needs to define what this is for.";
+ return "Rule identifier of this DIT structure rule";
}
public String getName()
diff --git a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaSyntaxCheckerProducer.java b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaSyntaxCheckerProducer.java
index 7a5fd82..acfb6fd 100644
--- a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaSyntaxCheckerProducer.java
+++ b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/ApachemetaSyntaxCheckerProducer.java
@@ -23,6 +23,7 @@
import javax.naming.NamingException;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.schema.syntax.NumberSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.NumericOidSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.ObjectClassTypeSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.SyntaxChecker;
@@ -62,5 +63,8 @@
checker = new ObjectClassTypeSyntaxChecker();
cb.schemaObjectProduced( this, checker.getSyntaxOid(), checker );
+
+ checker = new NumberSyntaxChecker();
+ cb.schemaObjectProduced( this, checker.getSyntaxOid(), checker );
}
}
diff --git a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/BootstrapSchemaLoader.java b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/BootstrapSchemaLoader.java
index 44ac7ca..c3520b1 100755
--- a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/BootstrapSchemaLoader.java
+++ b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/BootstrapSchemaLoader.java
@@ -74,6 +74,8 @@
{
private static final Logger log = LoggerFactory.getLogger( BootstrapSchemaLoader.class );
+ private ClassLoader cl = getClass().getClassLoader();
+
/** stores schemas of producers for callback access */
private ThreadLocal<BootstrapSchema> schemas;
/** stores registries associated with producers for callback access */
@@ -98,7 +100,13 @@
registries = new ThreadLocal<Registries>();
}
-
+
+ public BootstrapSchemaLoader( ClassLoader cl )
+ {
+ this();
+ this.cl = cl;
+ }
+
public final void loadWithDependencies( Schema schema, Registries registries ) throws NamingException
{
if ( ! ( schema instanceof BootstrapSchema ) )
@@ -202,7 +210,7 @@
*/
private void register( ProducerTypeEnum type, String id, Object schemaObject ) throws NamingException
{
- BootstrapSchema schema = ( BootstrapSchema ) this.schemas.get();
+ BootstrapSchema schema = this.schemas.get();
DefaultRegistries registries = ( DefaultRegistries ) this.registries.get();
List<String> values = new ArrayList<String>(1);
values.add( schema.getSchemaName() );
@@ -322,7 +330,7 @@
try
{
- clazz = Class.forName( targetClassName );
+ clazz = Class.forName( targetClassName, true, cl );
}
catch ( ClassNotFoundException e )
{
@@ -336,7 +344,7 @@
try
{
- clazz = Class.forName( defaultClassName );
+ clazz = Class.forName( defaultClassName, true, cl );
}
catch ( ClassNotFoundException e )
{
@@ -407,7 +415,7 @@
Schema schema = null;
try
{
- schema = ( Schema ) Class.forName( schemaName ).newInstance();
+ schema = ( Schema ) Class.forName( schemaName, true, cl ).newInstance();
}
catch ( InstantiationException e )
{
diff --git a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/SystemSyntaxCheckerProducer.java b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/SystemSyntaxCheckerProducer.java
index 5146a81..8240eab 100644
--- a/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/SystemSyntaxCheckerProducer.java
+++ b/schema-bootstrap/src/main/java/org/apache/directory/server/schema/bootstrap/SystemSyntaxCheckerProducer.java
@@ -24,9 +24,63 @@
import org.apache.directory.server.schema.bootstrap.ProducerTypeEnum;
import org.apache.directory.server.schema.registries.Registries;
+import org.apache.directory.shared.ldap.schema.syntax.ACIItemSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.AcceptAllSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.AccessPointSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.AttributeTypeDescriptionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.AudioSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.BinarySyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.BitStringSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.BooleanSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.CertificateListSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.CertificatePairSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.CertificateSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.CountrySyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.DITContentRuleDescriptionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.DITStructureRuleDescriptionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.DLSubmitPermissionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.DNSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.DSAQualitySyntaxSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.DSETypeSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.DataQualitySyntaxSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.DeliveryMethodSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.DirectoryStringSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.EnhancedGuideSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.FacsimileTelephoneNumberSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.FaxSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.GeneralizedTimeSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.GuideSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.Ia5StringSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.IntegerSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.JpegSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.LdapSyntaxDescriptionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.MHSORAddressSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.MailPreferenceSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.MasterAndShadowAccessPointSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.MatchingRuleDescriptionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.MatchingRuleUseDescriptionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.NameAndOptionalUIDSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.NameFormDescriptionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.NumericStringSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.ObjectClassDescriptionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.OctetStringSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.OidSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.OtherMailboxSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.PostalAddressSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.PresentationAddressSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.PrintableStringSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.ProtocolInformationSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.SubstringAssertionSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.SubtreeSpecificationSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.SupplierAndConsumerSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.SupplierInformationSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.SupplierOrConsumerSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.SupportedAlgorithmSyntaxChecker;
import org.apache.directory.shared.ldap.schema.syntax.SyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.TelephoneNumberSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.TeletexTerminalIdentifierSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.TelexNumberSyntaxChecker;
+import org.apache.directory.shared.ldap.schema.syntax.UtcTimeSyntaxChecker;
/**
@@ -50,8 +104,6 @@
public void produce( Registries registries, ProducerCallback cb ) throws NamingException
{
- SyntaxChecker syntaxChecker;
-
/*
* We are going to need a syntax checker for each and every one of
* these syntaxes. However right now we're probably not going to be
@@ -78,35 +130,16 @@
* 8 Certificate List N 1.3.6.1.4.1.1466.115.121.1.9
* 9 Certificate Pair N 1.3.6.1.4.1.1466.115.121.1.10
*/
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.1" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.2" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.3" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.4" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = BinarySyntaxChecker.INSTANCE;
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.6" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.7" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.8" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.9" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.10" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.1", new ACIItemSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.2", new AccessPointSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.3", new AttributeTypeDescriptionSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.4", new AudioSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.5", new BinarySyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.6", new BitStringSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.7", new BooleanSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.8", new CertificateSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.9", new CertificateListSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.10", new CertificatePairSyntaxChecker() );
/*
* 10 Country String Y 1.3.6.1.4.1.1466.115.121.1.11
@@ -120,35 +153,16 @@
* 18 DSA Quality Syntax Y 1.3.6.1.4.1.1466.115.121.1.19
* 19 DSE Type Y 1.3.6.1.4.1.1466.115.121.1.20
*/
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.11" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.12" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.13" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.14" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.15" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.16" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.17" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.18" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.19" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.20" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.11", new CountrySyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.12", new DNSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.13", new DataQualitySyntaxSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.14", new DeliveryMethodSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.15", new DirectoryStringSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.16", new DITContentRuleDescriptionSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.17", new DITStructureRuleDescriptionSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.18", new DLSubmitPermissionSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.19", new DSAQualitySyntaxSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.20", new DSETypeSyntaxChecker() );
/* 20 Enhanced Guide Y 1.3.6.1.4.1.1466.115.121.1.21
* 21 Facsimile Telephone Number Y 1.3.6.1.4.1.1466.115.121.1.22
@@ -161,35 +175,16 @@
* 28 Master And Shadow Access Points Y 1.3.6.1.4.1.1466.115.121.1.29
* 29 Matching Rule Description Y 1.3.6.1.4.1.1466.115.121.1.30
*/
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.21" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.22" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.23" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.24" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.25" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.26" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.27" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.28" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.29" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.30" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.21", new EnhancedGuideSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.22", new FacsimileTelephoneNumberSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.23", new FaxSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.24", new GeneralizedTimeSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.25", new GuideSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.26", new Ia5StringSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.27", new IntegerSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.28", new JpegSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.29", new MasterAndShadowAccessPointSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.30", new MatchingRuleDescriptionSyntaxChecker() );
/* 30 Matching Rule Use Description Y 1.3.6.1.4.1.1466.115.121.1.31
* 31 Mail Preference Y 1.3.6.1.4.1.1466.115.121.1.32
@@ -202,35 +197,16 @@
* 38 Other Mailbox Y 1.3.6.1.4.1.1466.115.121.1.39
* 39 Octet String Y 1.3.6.1.4.1.1466.115.121.1.40
*/
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.31" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.32" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.33" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.34" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.35" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.36" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.37" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.38" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.39" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.40" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.31", new MatchingRuleUseDescriptionSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.32", new MailPreferenceSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.33", new MHSORAddressSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.34", new NameAndOptionalUIDSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.35", new NameFormDescriptionSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.36", new NumericStringSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.37", new ObjectClassDescriptionSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.38", new OidSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.39", new OtherMailboxSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.40", new OctetStringSyntaxChecker() );
/*
* 40 Postal Address Y 1.3.6.1.4.1.1466.115.121.1.41
@@ -244,71 +220,44 @@
* 48 Supported Algorithm N 1.3.6.1.4.1.1466.115.121.1.49
* 49 Telephone Number Y 1.3.6.1.4.1.1466.115.121.1.50
*/
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.41" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.42" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.43" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.44" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.45" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.46" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.47" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.48" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.49" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.50" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.41", new PostalAddressSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.42", new ProtocolInformationSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.43", new PresentationAddressSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.44", new PrintableStringSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.45", new SubtreeSpecificationSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.46", new SupplierInformationSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.47", new SupplierOrConsumerSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.48", new SupplierAndConsumerSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.49", new SupportedAlgorithmSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.50", new TelephoneNumberSyntaxChecker() );
/*
* 50 Teletex Terminal Identifier Y 1.3.6.1.4.1.1466.115.121.1.51
* 51 Telex Number Y 1.3.6.1.4.1.1466.115.121.1.52
* 52 UTC Time Y 1.3.6.1.4.1.1466.115.121.1.53
* 53 LDAP Syntax Description Y 1.3.6.1.4.1.1466.115.121.1.54
- * 54 Modify Rights Y 1.3.6.1.4.1.1466.115.121.1.55
- * 55 LDAP BootstrapSchema Definition Y 1.3.6.1.4.1.1466.115.121.1.56
- * 56 LDAP BootstrapSchema Description Y 1.3.6.1.4.1.1466.115.121.1.57
+ * 54 Modify Rights Y 1.3.6.1.4.1.1466.115.121.1.55 (No defined SC yet)
+ * 55 LDAP BootstrapSchema Definition Y 1.3.6.1.4.1.1466.115.121.1.56 (No defined SC yet)
+ * 56 LDAP BootstrapSchema DescriptionY 1.3.6.1.4.1.1466.115.121.1.57 (No defined SC yet)
* 57 Substring Assertion Y 1.3.6.1.4.1.1466.115.121.1.58
*/
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.51" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.51", new TeletexTerminalIdentifierSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.52", new TelexNumberSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.53", new UtcTimeSyntaxChecker() );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.54", new LdapSyntaxDescriptionSyntaxChecker() );
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.52" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.53" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.54" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.55" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.56" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.57" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
-
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.58" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.55",
+ new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.55" ) );
- syntaxChecker = new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.59" );
- cb.schemaObjectProduced( this, syntaxChecker.getSyntaxOid(), syntaxChecker );
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.56",
+ new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.56" ) );
+
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.57",
+ new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.57" ) );
+
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.58", new SubstringAssertionSyntaxChecker() );
+
+ cb.schemaObjectProduced( this, "1.3.6.1.4.1.1466.115.121.1.59",
+ new AcceptAllSyntaxChecker( "1.3.6.1.4.1.1466.115.121.1.59" ) );
}
}
diff --git a/schema-bootstrap/src/main/resources/META-INF/LICENSE.txt b/schema-bootstrap/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..c13db16
--- /dev/null
+++ b/schema-bootstrap/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,301 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/schema-bootstrap/src/main/resources/META-INF/NOTICE.txt b/schema-bootstrap/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..d8b47f5
--- /dev/null
+++ b/schema-bootstrap/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,17 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
+This product includes a distribution of JDBM
+(http://jdbm.sf.net)
+
+This product contains derivatives of schema files forked from OpenLDAP
+(http://openldap.org)
+
diff --git a/schema-bootstrap/src/main/schema/apache.schema b/schema-bootstrap/src/main/schema/apache.schema
index 4759044..3435fef 100644
--- a/schema-bootstrap/src/main/schema/apache.schema
+++ b/schema-bootstrap/src/main/schema/apache.schema
@@ -104,19 +104,22 @@
STRUCTURAL
MUST prefNodeName )
-attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.12 NAME 'prescriptiveACI'
+#attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.12 NAME 'prescriptiveACI'
+attributetype ( 2.5.24.4 NAME 'prescriptiveACI'
DESC 'Access control information that applies to a set of entries'
EQUALITY directoryStringFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
USAGE directoryOperation )
-attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.13 NAME 'entryACI'
+# was attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.13 NAME 'entryACI' ...
+attributetype ( 2.5.24.5 NAME 'entryACI'
DESC 'Access control information that applies to a single entry'
EQUALITY directoryStringFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
USAGE directoryOperation )
-attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.14 NAME 'subentryACI'
+#attributetype ( 1.3.6.1.4.1.18060.0.4.1.2.14 NAME 'subentryACI'
+attributetype ( 2.5.24.6 NAME 'subentryACI'
DESC 'Access control information that applies to a single subentry'
EQUALITY directoryStringFirstComponentMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
diff --git a/schema-bootstrap/src/main/schema/apachemeta.schema b/schema-bootstrap/src/main/schema/apachemeta.schema
index cecf1f8..2db0cc8 100644
--- a/schema-bootstrap/src/main/schema/apachemeta.schema
+++ b/schema-bootstrap/src/main/schema/apachemeta.schema
@@ -70,9 +70,10 @@
# | 1.3.6.1.4.1.18060.0.4.0.2.31 | m-matchingRuleSyntax |
# | 1.3.6.1.4.1.18060.0.4.0.2.32 | m-fqcn |
# | 1.3.6.1.4.1.18060.0.4.0.2.33 | m-bytecode |
-# | 1.3.6.1.4.1.18060.0.4.0.2.34 | x-humanReadible |
+# | 1.3.6.1.4.1.18060.0.4.0.2.34 | x-humanReadable |
# | 1.3.6.1.4.1.18060.0.4.0.2.37 | m-disabled |
# | 1.3.6.1.4.1.18060.0.4.0.2.38 | m-dependencies |
+# | 1.3.6.1.4.1.18060.0.4.0.2.39 | m-length |
# +------------------------------+-----------------------------+
#
# +------------------------------+-----------------------------+
@@ -170,7 +171,7 @@
STRUCTURAL
MAY ( m-name $ m-obsolete $ m-supAttributeType $ m-equality $ m-ordering $
m-substr $ m-syntax $ m-singleValue $ m-collective $
- m-noUserModification $ m-usage )
+ m-noUserModification $ m-usage $ m-length )
)
# --- metaSyntax objectclass --------------------------------------------------
@@ -541,9 +542,9 @@
SINGLE-VALUE
)
-# --- x-humanReadible AttributeType ------------------------------------------------
-attributetype ( 1.3.6.1.4.1.18060.0.4.0.2.34 NAME 'x-humanReadible'
- DESC 'whether or not a syntax is human readible'
+# --- x-humanReadable AttributeType ------------------------------------------------
+attributetype ( 1.3.6.1.4.1.18060.0.4.0.2.34 NAME 'x-humanReadable'
+ DESC 'whether or not a syntax is human readable'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
@@ -564,3 +565,11 @@
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
)
+# --- m-length AttributeType -----------------------------------
+attributetype ( 1.3.6.1.4.1.18060.0.4.0.2.39 NAME 'm-length'
+ DESC 'The maximum length for an attribute value.'
+ EQUALITY caseIgnoreMatch
+ SYNTAX 1.3.6.1.4.1.18060.0.4.0.0.4
+ SINGLE-VALUE
+)
+
diff --git a/schema-extras/pom.xml b/schema-extras/pom.xml
index 9762a3e..f816126 100644
--- a/schema-extras/pom.xml
+++ b/schema-extras/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-schema-extras</artifactId>
<name>ApacheDS Extra Schemas</name>
diff --git a/schema-extras/src/main/resources/META-INF/NOTICE.txt b/schema-extras/src/main/resources/META-INF/NOTICE.txt
index 3be0487..aa97078 100644
--- a/schema-extras/src/main/resources/META-INF/NOTICE.txt
+++ b/schema-extras/src/main/resources/META-INF/NOTICE.txt
@@ -3,3 +3,6 @@
This product includes software developed by
The Apache Software Foundation (http://www.apache.org/).
+
+This product contains schema files forked from OpenLDAP
+(http://openldap.org)
diff --git a/schema-registries/pom.xml b/schema-registries/pom.xml
index e028c02..5aae28e 100644
--- a/schema-registries/pom.xml
+++ b/schema-registries/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-schema-registries</artifactId>
<name>ApacheDS Schema Registries</name>
diff --git a/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultAttributeTypeRegistry.java b/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultAttributeTypeRegistry.java
index fe6323f..536ec1f 100755
--- a/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultAttributeTypeRegistry.java
+++ b/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultAttributeTypeRegistry.java
@@ -29,6 +29,7 @@
import javax.naming.NamingException;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.schema.AttributeType;
import org.apache.directory.shared.ldap.schema.MatchingRule;
import org.apache.directory.shared.ldap.schema.NoOpNormalizer;
@@ -49,6 +50,9 @@
/** static class logger */
private final static Logger log = LoggerFactory.getLogger( DefaultAttributeTypeRegistry.class );
+ /** Speedup for DEBUG mode */
+ private static final boolean IS_DEBUG = log.isDebugEnabled();
+
/** maps an OID to an AttributeType */
private final Map<String,AttributeType> byOid;
/** maps OIDs to a Set of descendants for that OID */
@@ -97,7 +101,8 @@
registerDescendants( attributeType );
byOid.put( attributeType.getOid(), attributeType );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "registed attributeType: " + attributeType );
}
@@ -130,7 +135,7 @@
return;
}
- if ( ancestor.getName() != null && ancestor.getName().equals( "top" ) )
+ if ( ancestor.getName() != null && ancestor.getName().equals( SchemaConstants.TOP_OC ) )
{
return;
}
@@ -157,10 +162,12 @@
}
AttributeType attributeType = ( AttributeType ) byOid.get( id );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "lookup with id" + id + "' of attributeType: " + attributeType );
}
+
return attributeType;
}
@@ -216,7 +223,7 @@
if ( matchingRule == null )
{
- log.warn( "Attribute " + type.getName() + " does not have normalizer : using NoopNormalizer" );
+ log.debug( "Attribute " + type.getName() + " does not have normalizer : using NoopNormalizer" );
oidNormalizer = new OidNormalizer( type.getOid(), new NoOpNormalizer() );
}
else
diff --git a/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultObjectClassRegistry.java b/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultObjectClassRegistry.java
index 653f8ba..9afa6a9 100755
--- a/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultObjectClassRegistry.java
+++ b/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultObjectClassRegistry.java
@@ -41,6 +41,10 @@
{
/** static class logger */
private final static Logger log = LoggerFactory.getLogger( DefaultObjectClassRegistry.class );
+
+ /** Speedup for DEBUG mode */
+ private static final boolean IS_DEBUG = log.isDebugEnabled();
+
/** maps an OID to an ObjectClass */
private final Map<String,ObjectClass> byOid;
/** the registry used to resolve names to OIDs */
@@ -85,7 +89,8 @@
}
byOid.put( objectClass.getOid(), objectClass );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "registered objectClass: " + objectClass );
}
@@ -103,7 +108,8 @@
}
ObjectClass objectClass = ( ObjectClass ) byOid.get( id );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "looked objectClass with OID '" + id + "' and got back " + objectClass );
}
diff --git a/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultOidRegistry.java b/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultOidRegistry.java
index 85a4704..7e944e4 100644
--- a/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultOidRegistry.java
+++ b/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultOidRegistry.java
@@ -45,8 +45,13 @@
{
/** static class logger */
private final static Logger log = LoggerFactory.getLogger( DefaultOidRegistry.class );
+
+ /** Speedup for DEBUG mode */
+ private static final boolean IS_DEBUG = log.isDebugEnabled();
+
/** Maps OID to a name or a list of names if more than one name exists */
private Map byOid = new HashMap();
+
/** Maps several names to an OID */
private Map<String,String> byName = new HashMap<String,String>();
@@ -73,7 +78,8 @@
if ( byName.containsKey( name ) )
{
String oid = ( String ) byName.get( name );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "looked up OID '" + oid + "' with id '" + name + "'" );
}
@@ -91,7 +97,8 @@
if ( !name.equals( lowerCase ) && byName.containsKey( lowerCase ) )
{
String oid = ( String ) byName.get( lowerCase );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "looked up OID '" + oid + "' with id '" + name + "'" );
}
@@ -137,18 +144,21 @@
if ( value instanceof String )
{
- if ( log.isDebugEnabled() )
+ if ( IS_DEBUG )
{
log.debug( "looked up primary name '" + value + "' with OID '" + oid + "'" );
}
+
return ( String ) value;
}
String name = ( String ) ( ( List ) value ).get( 0 );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "looked up primary name '" + name + "' with OID '" + oid + "'" );
}
+
return name;
}
@@ -169,17 +179,20 @@
if ( value instanceof String )
{
List list = Collections.singletonList( value );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "looked up names '" + list + "' for OID '" + oid + "'" );
}
+
return list;
}
- if ( log.isDebugEnabled() )
+ if ( IS_DEBUG )
{
log.debug( "looked up names '" + value + "' for OID '" + oid + "'" );
}
+
return ( List ) value;
}
@@ -292,7 +305,8 @@
}
byOid.put( oid, value );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "registed name '" + name + "' with OID: " + oid );
}
diff --git a/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultSyntaxRegistry.java b/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultSyntaxRegistry.java
index 1331c4b..9611436 100644
--- a/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultSyntaxRegistry.java
+++ b/schema-registries/src/main/java/org/apache/directory/server/schema/registries/DefaultSyntaxRegistry.java
@@ -42,6 +42,10 @@
{
/** static class logger */
private final static Logger log = LoggerFactory.getLogger( DefaultSyntaxRegistry.class );
+
+ /** Speedup for DEBUG mode */
+ private static final boolean IS_DEBUG = log.isDebugEnabled();
+
/** a map of entries using an OID for the key and a Syntax for the value */
private final Map<String,Syntax> byOid;
/** the OID oidRegistry this oidRegistry uses to register new syntax OIDs */
@@ -74,10 +78,12 @@
if ( byOid.containsKey( id ) )
{
Syntax syntax = ( Syntax ) byOid.get( id );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "looked up using id '" + id + "': " + syntax );
}
+
return syntax;
}
@@ -105,7 +111,8 @@
}
byOid.put( syntax.getOid(), syntax );
- if ( log.isDebugEnabled() )
+
+ if ( IS_DEBUG )
{
log.debug( "registered syntax: " + syntax );
}
diff --git a/schema-registries/src/main/resources/META-INF/LICENSE.txt b/schema-registries/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..c13db16
--- /dev/null
+++ b/schema-registries/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,301 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/schema-registries/src/main/resources/META-INF/NOTICE.txt b/schema-registries/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/schema-registries/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/server-installers/NOTICE.txt b/server-installers/NOTICE.txt
index 4539205..3eee020 100644
--- a/server-installers/NOTICE.txt
+++ b/server-installers/NOTICE.txt
@@ -1,2 +1,32 @@
-This product includes software developed by
-The Apache Software Foundation (http://www.apache.org/).
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
+This product includes a distribution of Antlr 2
+(http://antlr.org).
+
+This product includes a distribution of JDBM
+(http://jdbm.sourceforge.net).
+
+This product includes forked classes from the Legion of the Bouncy Castle
+(http://www.bouncycastle.org).
+
+This product includes a distribution of Spring Framework
+(http://www.springframework.org).
+
+This product includes a distribution of Izpack Installer
+(http://www.izforge.com/izpack/).
+
+This product includes a distribution of Inno Setup Installer
+(http://www.jrsoftware.org/isinfo.php).
+
+This product includes derivatives of forked schema files from OpenLDAP
+(http://openldap.org)
+
diff --git a/server-installers/README.txt b/server-installers/README.txt
index c666c59..3d6a67d 100644
--- a/server-installers/README.txt
+++ b/server-installers/README.txt
@@ -4,14 +4,9 @@
Documentation
-------------
-All installer based distributions include a copy of the site documentation
-within the docs directory. Point your browser to:
+Go online for the most up to date documentation. Point your browser to:
- ./docs/index.html
-
-or go online here for the most up to date documentation,
-
- http://directory.apache.org/subprojects/apacheds/index.html
+ http://directory.apache.org/apacheds/1.5
Running
@@ -29,7 +24,7 @@
daemon mode the proper DISPLAY parameter must be set to launch the diagnostics
on startup.
-On windows the server can be started like any other service using the services
+On Windows the server can be started like any other service using the services
console via Microsoft Management Console. It can also be started, stopped and
configured using the procrun service manager installed for it: see
Start->All Programs->apacheds->Service Setttings. A tray icon can also be
@@ -61,6 +56,9 @@
graceful starts graceful shutdown with shutdown delay & timeoffline
diagnostic launches diagnostic UI for inspecting server partitions
and client sessions
+ import imports data to the server from a LDIF file
+ export exports data from the server as a LDIF file
+ proc executes a Stored Procedure Command
Over time this tool will include clients to add, delete, compare, modify and
rename entries as well as search the directory.
@@ -69,27 +67,7 @@
Connecting
----------
-See http://directory.apache.org/subprojects/apacheds/users/authentication.html
-or the bundled documentation.
-
-
-Building Bundled Sources
-------------------------
-
-The sources are bundled with the installers and can be found in the src
-directory of the installation base. The build system used is Maven 2. We use
-version 2.0.2 for this release. In general we try to use the most recent
-production release of Maven. You can build the server like so:
-
- cd ${install.basedir}; cd src; mvn install
-
-If you're interested in the latest sources you can check out ApacheDS using
-subversion at the following base URL:
-
- http://svn.apache.org/repos/asf/directory/trunks
-
-We recommend issuing a build command at the top most level in case ApacheDS
-has dependencies on the latest MINA version in trunks.
+See http://directory.apache.org/apacheds/1.5/apacheds-v15-basic-users-guide.html
Notes
@@ -105,7 +83,7 @@
Please direct all issues to users@directory.apache.org or file a JIRA here:
- http://issues.apache.org/jira/DIRSERVER
+ http://issues.apache.org/jira/browse/DIRSERVER
Thanks and enjoy,
diff --git a/server-installers/pom.xml b/server-installers/pom.xml
index 58b52b8..ec11b78 100644
--- a/server-installers/pom.xml
+++ b/server-installers/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-server-installers</artifactId>
<name>ApacheDS Server Installers</name>
@@ -85,7 +85,7 @@
<exclude>ant:ant</exclude>
<exclude>aopalliance:aopalliance</exclude>
<exclude>xerces:xerces</exclude>
- <exclude>commons-pool:commons-pool</exclude>
+ <!--exclude>commons-pool:commons-pool</exclude-->
<exclude>xml-apis:xml-apis</exclude>
<exclude>aspectwerkz:aspectwerkz-core</exclude>
<exclude>velocity:velocity</exclude>
@@ -105,19 +105,23 @@
<application>
<name>apacheds</name>
<version>${pom.version}</version>
- <copyrightYear>2006</copyrightYear>
- <minimumJavaVersion>1.4</minimumJavaVersion>
- <url>http://directory.apache.org/subprojects/apacheds</url>
+ <copyrightYear>2007</copyrightYear>
+ <minimumJavaVersion>1.5</minimumJavaVersion>
+ <url>http://directory.apache.org</url>
<email>users@directory.apache.org</email>
<description>Apache Directory Server</description>
<authors>
<author>Apache Directory Team</author>
<author>akarasulu@apache.org</author>
+ <author>ckoppelt@apache.org</author>
<author>elecharny@apache.org</author>
- <author>ersiner@apache.org</author>
- <author>trustin@apache.org</author>
<author>erodriguez@apache.org</author>
+ <author>ersiner@apache.org</author>
+ <author>oersoy@apache.org</author>
+ <author>pamarcelot@apache.org</author>
<author>szoerner@apache.org</author>
+ <author>seelmann@apache.org</author>
+ <author>trustin@apache.org</author>
</authors>
</application>
<packagedFiles>
@@ -195,6 +199,26 @@
<osArch>i386</osArch>
<daemonFramework>jsvc</daemonFramework>
</izPackTarget>
+ <izPackTarget>
+ <packagedFiles>
+ <packagedFile>
+ <source>izpack-apacheds-tools.sh</source>
+ <destinationPath>bin/apacheds-tools.sh</destinationPath>
+ <installationBundleId>Binaries</installationBundleId>
+ <executable>true</executable>
+ <filtered>true</filtered>
+ </packagedFile>
+ </packagedFiles>
+ <id>linux-jsvc-x86_64</id>
+ <izPackInstallFile>src/main/installers/izpack-unix.xml</izPackInstallFile>
+ <finalName>
+ apacheds-${pom.version}-linux-x86_64-setup.jar
+ </finalName>
+ <osName>Linux</osName>
+ <osFamily>unix</osFamily>
+ <osArch>x86_64</osArch>
+ <daemonFramework>jsvc</daemonFramework>
+ </izPackTarget>
<!--
<izPackTarget>
<packagedFiles>
diff --git a/server-installers/src/main/installers/server.xml b/server-installers/src/main/installers/server.xml
index 07baf94..da79ea7 100644
--- a/server-installers/src/main/installers/server.xml
+++ b/server-installers/src/main/installers/server.xml
@@ -1,368 +1,374 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
- "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<beans>
- <bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
- <property name="properties">
- <props>
- <prop key="java.naming.security.authentication">simple</prop>
- <prop key="java.naming.security.principal">uid=admin,ou=system</prop>
- <prop key="java.naming.security.credentials">secret</prop>
- <!--<prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>-->
- <!--<prop key="kdc.java.naming.security.credentials">secret</prop>-->
- <!--<prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>-->
- <!--<prop key="changepw.java.naming.security.credentials">secret</prop>-->
- <!-- Set this key to a space delimited set of attributeType descriptions
- and their OID's if you want an attributeType to be handled as
- binary content.
-
- The server will use the schema to derive the set of attributeTypes
- to treat as binary. The union if the values you provide here
- will be taken as the set of binaries. Note to be consistent you
- must add both the OID and all the names an attributeType can have.
- -->
- <!--
- <prop key="java.naming.ldap.attributes.binary"></prop>
- -->
- </props>
- </property>
- </bean>
-
- <bean id="configuration" class="org.apache.directory.server.configuration.MutableServerStartupConfiguration">
- <property name="workingDirectory" value="example.com" />
-
- <!-- Uncomment below to have the server load entries on startup! -->
- <!-- ldifDirectory property can point to a relative file, directory or -->
- <!-- can point to an absolute path to either using the URL path -->
- <!-- notation: i.e. file:///Users/jack/apacheds/ldifs -->
-
- <!-- Entries will optionally be filtered using LdifLoadFilters in the -->
- <!-- order specified. The included Krb5KdcEntryFilter will filter -->
- <!-- kerberos principals creating keys for them using their -->
- <!-- userPassword attribute if present. -->
-
- <!--<property name="ldifDirectory">
- <value>example.ldif</value>
- </property>
- <property name="ldifFilters">
- <list>
- <bean class="org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter"/>
- </list>
- </property>-->
-
- <!-- the number of milliseconds before issuing a synch (flush to disk) -->
- <!-- which writes out dirty pages back to disk. To turn off synchs all -->
- <!-- together simply set this value to <= 0. Make sure you turn on -->
- <!-- synchOnWrite for all partitions if you do choose to do this or else-->
- <!-- writes may never persist to disk. -->
- <property name="synchPeriodMillis" value="15000" />
-
- <!-- limits searches by non-admin users to a max time of 15000 -->
- <!-- milliseconds and has a default value of 10000 -->
- <property name="maxTimeLimit" value="15000" />
- <!-- limits searches to max size of 1000 entries: default value is 100 -->
- <property name="maxSizeLimit" value="1000" />
- <!-- maximum number of threads used by mina is set to 8: default is 4 -->
- <property name="maxThreads" value="8" />
-
- <property name="allowAnonymousAccess" value="false" />
- <property name="accessControlEnabled" value="false" />
- <property name="enableNtp" value="false" />
- <property name="enableKerberos" value="false" />
- <property name="enableChangePassword" value="false" />
-
- <!--
- It's more efficient to keep this feature turned off but you may not like
- having the creatorsName and modifiersName contain OIDs instead of short
- attributeType names instead. So if you want the creatorsName to change
- from the normalized form which is the internal representation of
-
- '0.9.2342.19200300.100.1.1=admin,2.5.4.11=system'
-
- to a more human readabile form like:
-
- 'uid=admin,ou=system'
-
- then set this property to true.
- -->
- <property name="denormalizeOpAttrsEnabled" value="false" />
-
- <property name="ldapPort" value="10389" />
-
- <property name="systemPartitionConfiguration" ref="systemPartitionConfiguration" />
-
- <property name="partitionConfigurations">
- <set>
- <ref bean="examplePartitionConfiguration"/>
- </set>
- </property>
-
- <property name="extendedOperationHandlers">
- <list>
- <bean class="org.apache.directory.server.ldap.support.extended.GracefulShutdownHandler"/>
- <bean class="org.apache.directory.server.ldap.support.extended.LaunchDiagnosticUiHandler"/>
- </list>
- </property>
-
- <property name="interceptorConfigurations">
- <list>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="normalizationService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.normalization.NormalizationService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="authenticationService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.authn.AuthenticationService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="referralService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.referral.ReferralService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="authorizationService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.authz.AuthorizationService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="defaultAuthorizationService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.authz.DefaultAuthorizationService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="exceptionService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.exception.ExceptionService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="operationalAttributeService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.operational.OperationalAttributeService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="schemaService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.schema.SchemaService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="subentryService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.subtree.SubentryService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="collectiveAttributeService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.collective.CollectiveAttributeService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="eventService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.event.EventService" />
- </property>
- </bean>
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="triggerService" />
- <property name="interceptor">
- <bean class="org.apache.directory.server.core.trigger.TriggerService" />
- </property>
- </bean>
-
- <!-- Uncomment to enable replication service
- <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
- <property name="name" value="replicationService" />
- <property name="interceptor">
- <bean class="org.apache.directory.mitosis.service.ReplicationService">
- <property name="configuration">
- <bean class="org.apache.directory.mitosis.configuration.ReplicationConfiguration">
- <property name="replicaId" value="instance_a" />
- <property name="serverPort" value="10390" />
- <property name="peerReplicas" value="instance_b@localhost:10392" />
- </bean>
- </property>
- </bean>
- </property>
- </bean>
- -->
- </list>
- </property>
- </bean>
-
- <!-- use the following partitionConfiguration to override defaults for -->
- <!-- the system partition -->
- <bean id="systemPartitionConfiguration" class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
- <property name="name" value="system" />
- <property name="cacheSize" value="100" />
- <property name="suffix" value="ou=system" />
-
- <!-- the optimizer is enabled by default but may not always be what -->
- <!-- you want if your queries are really simple -->
- <property name="optimizerEnabled" value="true" />
-
- <!--
- Synchronization on writes does not wait for synch operations
- to flush dirty pages. Writes persist immediately to disk at
- a cost to performance with increased data integrity. Otherwise
- the periodic synch operation will flush dirty pages using the
- synchPeriodMillis parameter in the main configuration.
- -->
- <property name="synchOnWrite" value="true" />
- <property name="indexedAttributes">
- <set>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.1" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.2" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.3" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.4" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.5" />
- <property name="cacheSize" value="10" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.6" />
- <property name="cacheSize" value="10" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.7" />
- <property name="cacheSize" value="10" />
- </bean>
-
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="ou" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="uid" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="objectClass" />
- <property name="cacheSize" value="100" />
- </bean>
- </set>
- </property>
- <property name="contextEntry">
- <value>
- objectClass: top
- objectClass: organizationalUnit
- objectClass: extensibleObject
- ou: system
- </value>
- </property>
- </bean>
-
-
- <bean id="examplePartitionConfiguration" class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
- <property name="name" value="example" />
- <property name="cacheSize" value="100" />
- <property name="suffix" value="dc=example,dc=com" />
-
- <!-- the optimizer is enabled by default but may not always be what -->
- <!-- you want if your queries are really simple -->
- <property name="optimizerEnabled" value="true" />
-
- <!--
- Synchronization on writes does not wait for synch operations
- to flush dirty pages. Writes persist immediately to disk at
- a cost to performance with increased data integrity. Otherwise
- the periodic synch operation will flush dirty pages using the
- synchPeriodMillis parameter in the main configuration.
- -->
- <property name="synchOnWrite" value="true" />
- <property name="indexedAttributes">
- <set>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.1" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.2" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.3" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.4" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.5" />
- <property name="cacheSize" value="10" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.6" />
- <property name="cacheSize" value="10" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.7" />
- <property name="cacheSize" value="10" />
- </bean>
-
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="dc" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="ou" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="krb5PrincipalName" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="uid" />
- <property name="cacheSize" value="100" />
- </bean>
- <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
- <property name="attributeId" value="objectClass" />
- <property name="cacheSize" value="100" />
- </bean>
- </set>
- </property>
- <property name="contextEntry">
- <value>
- objectClass: top
- objectClass: domain
- objectClass: extensibleObject
- dc: example
- </value>
- </property>
- </bean>
-
- <bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
- <property name="customEditors">
- <map>
- <entry key="javax.naming.directory.Attributes">
- <bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
- </entry>
- </map>
- </property>
- </bean>
-</beans>
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
+ "http://www.springframework.org/dtd/spring-beans.dtd">
+
+<beans>
+ <bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
+ <property name="properties">
+ <props>
+ <prop key="java.naming.security.authentication">simple</prop>
+ <prop key="java.naming.security.principal">uid=admin,ou=system</prop>
+ <prop key="java.naming.security.credentials">secret</prop>
+ <!--<prop key="kdc.entryBaseDn">ou=users,dc=example,dc=com</prop>-->
+ <!--<prop key="kdc.java.naming.security.credentials">secret</prop>-->
+ <!--<prop key="changepw.entryBaseDn">ou=users,dc=example,dc=com</prop>-->
+ <!--<prop key="changepw.java.naming.security.credentials">secret</prop>-->
+ <!-- Set this key to a space delimited set of attributeType descriptions
+ and their OID's if you want an attributeType to be handled as
+ binary content.
+
+ The server will use the schema to derive the set of attributeTypes
+ to treat as binary. The union if the values you provide here
+ will be taken as the set of binaries. Note to be consistent you
+ must add both the OID and all the names an attributeType can have.
+ -->
+ <!--
+ <prop key="java.naming.ldap.attributes.binary"></prop>
+ -->
+ </props>
+ </property>
+ </bean>
+
+ <bean id="configuration" class="org.apache.directory.server.configuration.MutableServerStartupConfiguration">
+ <property name="workingDirectory" value="example.com" />
+
+ <!-- Uncomment below to have the server load entries on startup! -->
+ <!-- ldifDirectory property can point to a relative file, directory or -->
+ <!-- can point to an absolute path to either using the URL path -->
+ <!-- notation: i.e. file:///Users/jack/apacheds/ldifs -->
+
+ <!-- Entries will optionally be filtered using LdifLoadFilters in the -->
+ <!-- order specified. The included Krb5KdcEntryFilter will filter -->
+ <!-- kerberos principals creating keys for them using their -->
+ <!-- userPassword attribute if present. -->
+
+ <!--<property name="ldifDirectory">
+ <value>example.ldif</value>
+ </property>
+ <property name="ldifFilters">
+ <list>
+ <bean class="org.apache.directory.server.protocol.shared.store.Krb5KdcEntryFilter"/>
+ </list>
+ </property>-->
+
+ <!-- the number of milliseconds before issuing a synch (flush to disk) -->
+ <!-- which writes out dirty pages back to disk. To turn off synchs all -->
+ <!-- together simply set this value to <= 0. Make sure you turn on -->
+ <!-- synchOnWrite for all partitions if you do choose to do this or else-->
+ <!-- writes may never persist to disk. -->
+ <property name="synchPeriodMillis" value="15000" />
+
+ <!-- limits searches by non-admin users to a max time of 15000 -->
+ <!-- milliseconds and has a default value of 10000 -->
+ <property name="maxTimeLimit" value="15000" />
+ <!-- limits searches to max size of 1000 entries: default value is 100 -->
+ <property name="maxSizeLimit" value="1000" />
+ <!-- maximum number of threads used by mina is set to 8: default is 4 -->
+ <property name="maxThreads" value="8" />
+
+ <property name="allowAnonymousAccess" value="false" />
+ <property name="accessControlEnabled" value="false" />
+ <property name="enableNtp" value="false" />
+ <property name="enableKerberos" value="false" />
+ <property name="enableChangePassword" value="false" />
+
+ <!--
+ It's more efficient to keep this feature turned off but you may not like
+ having the creatorsName and modifiersName contain OIDs instead of short
+ attributeType names instead. So if you want the creatorsName to change
+ from the normalized form which is the internal representation of
+
+ '0.9.2342.19200300.100.1.1=admin,2.5.4.11=system'
+
+ to a more human readabile form like:
+
+ 'uid=admin,ou=system'
+
+ then set this property to true.
+ -->
+ <property name="denormalizeOpAttrsEnabled" value="false" />
+
+ <property name="ldapPort" value="10389" />
+
+ <property name="systemPartitionConfiguration" ref="systemPartitionConfiguration" />
+
+ <property name="partitionConfigurations">
+ <set>
+ <ref bean="examplePartitionConfiguration"/>
+ </set>
+ </property>
+
+ <property name="extendedOperationHandlers">
+ <list>
+ <bean class="org.apache.directory.server.ldap.support.extended.GracefulShutdownHandler"/>
+ <bean class="org.apache.directory.server.ldap.support.extended.LaunchDiagnosticUiHandler"/>
+ </list>
+ </property>
+
+ <property name="interceptorConfigurations">
+ <list>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="normalizationService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.normalization.NormalizationService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="authenticationService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.authn.AuthenticationService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="referralService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.referral.ReferralService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="authorizationService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.authz.AuthorizationService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="defaultAuthorizationService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.authz.DefaultAuthorizationService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="exceptionService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.exception.ExceptionService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="operationalAttributeService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.operational.OperationalAttributeService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="schemaService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.schema.SchemaService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="subentryService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.subtree.SubentryService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="collectiveAttributeService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.collective.CollectiveAttributeService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="eventService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.event.EventService" />
+ </property>
+ </bean>
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="triggerService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.server.core.trigger.TriggerService" />
+ </property>
+ </bean>
+
+ <!-- Uncomment to enable replication service
+ <bean class="org.apache.directory.server.core.configuration.MutableInterceptorConfiguration">
+ <property name="name" value="replicationService" />
+ <property name="interceptor">
+ <bean class="org.apache.directory.mitosis.service.ReplicationService">
+ <property name="configuration">
+ <bean class="org.apache.directory.mitosis.configuration.ReplicationConfiguration">
+ <property name="replicaId">
+ <bean class="org.apache.directory.mitosis.common.ReplicaId">
+ <constructor-arg>
+ <value>instance_a</value>
+ </constructor-arg>
+ </bean>
+ </property>
+ <property name="serverPort" value="10390" />
+ <property name="peerReplicas" value="instance_b@localhost:10392" />
+ </bean>
+ </property>
+ </bean>
+ </property>
+ </bean>
+ -->
+ </list>
+ </property>
+ </bean>
+
+ <!-- use the following partitionConfiguration to override defaults for -->
+ <!-- the system partition -->
+ <bean id="systemPartitionConfiguration" class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
+ <property name="name" value="system" />
+ <property name="cacheSize" value="100" />
+ <property name="suffix" value="ou=system" />
+
+ <!-- the optimizer is enabled by default but may not always be what -->
+ <!-- you want if your queries are really simple -->
+ <property name="optimizerEnabled" value="true" />
+
+ <!--
+ Synchronization on writes does not wait for synch operations
+ to flush dirty pages. Writes persist immediately to disk at
+ a cost to performance with increased data integrity. Otherwise
+ the periodic synch operation will flush dirty pages using the
+ synchPeriodMillis parameter in the main configuration.
+ -->
+ <property name="synchOnWrite" value="true" />
+ <property name="indexedAttributes">
+ <set>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.1" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.2" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.3" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.4" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.5" />
+ <property name="cacheSize" value="10" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.6" />
+ <property name="cacheSize" value="10" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.7" />
+ <property name="cacheSize" value="10" />
+ </bean>
+
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="ou" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="uid" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="objectClass" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ </set>
+ </property>
+ <property name="contextEntry">
+ <value>
+ objectClass: top
+ objectClass: organizationalUnit
+ objectClass: extensibleObject
+ ou: system
+ </value>
+ </property>
+ </bean>
+
+
+ <bean id="examplePartitionConfiguration" class="org.apache.directory.server.core.partition.impl.btree.MutableBTreePartitionConfiguration">
+ <property name="name" value="example" />
+ <property name="cacheSize" value="100" />
+ <property name="suffix" value="dc=example,dc=com" />
+
+ <!-- the optimizer is enabled by default but may not always be what -->
+ <!-- you want if your queries are really simple -->
+ <property name="optimizerEnabled" value="true" />
+
+ <!--
+ Synchronization on writes does not wait for synch operations
+ to flush dirty pages. Writes persist immediately to disk at
+ a cost to performance with increased data integrity. Otherwise
+ the periodic synch operation will flush dirty pages using the
+ synchPeriodMillis parameter in the main configuration.
+ -->
+ <property name="synchOnWrite" value="true" />
+ <property name="indexedAttributes">
+ <set>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.1" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.2" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.3" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.4" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.5" />
+ <property name="cacheSize" value="10" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.6" />
+ <property name="cacheSize" value="10" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="1.3.6.1.4.1.18060.0.4.1.2.7" />
+ <property name="cacheSize" value="10" />
+ </bean>
+
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="dc" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="ou" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="krb5PrincipalName" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="uid" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ <bean class="org.apache.directory.server.core.partition.impl.btree.MutableIndexConfiguration">
+ <property name="attributeId" value="objectClass" />
+ <property name="cacheSize" value="100" />
+ </bean>
+ </set>
+ </property>
+ <property name="contextEntry">
+ <value>
+ objectClass: top
+ objectClass: domain
+ objectClass: extensibleObject
+ dc: example
+ </value>
+ </property>
+ </bean>
+
+ <bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
+ <property name="customEditors">
+ <map>
+ <entry key="javax.naming.directory.Attributes">
+ <bean class="org.apache.directory.server.core.configuration.AttributesPropertyEditor"/>
+ </entry>
+ </map>
+ </property>
+ </bean>
+</beans>
diff --git a/server-installers/src/main/resources/META-INF/LICENSE.txt b/server-installers/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..7645bcc
--- /dev/null
+++ b/server-installers/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,371 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ ANTLR 2 License
+
+ANTLR 2 License
+
+We reserve no legal rights to the ANTLR--it is fully in the public domain. An
+individual or company may do whatever they wish with source code distributed
+with ANTLR or the code generated by ANTLR, including the incorporation of
+ANTLR, or its output, into commerical software.
+
+We encourage users to develop software with ANTLR. However, we do ask that
+credit is given to us for developing ANTLR. By "credit", we mean that if you
+use ANTLR or incorporate any source code into one of your programs (commercial
+product, research project, or otherwise) that you acknowledge this fact
+somewhere in the documentation, research report, etc... If you like ANTLR
+and have developed a nice tool with the output, please mention that you
+developed it using ANTLR. In addition, we ask that the headers remain intact
+in our source code. As long as these guidelines are kept, we expect to
+continue enhancing this system and expect to make other tools available as
+they are completed.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
+
+ Bouncy Castle License
+
+Copyright (c) 2000 - 2006 The Legion Of The Bouncy Castle (http://www.bouncycastle.org)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ Inno Setup License
+
+Except where otherwise noted, all of the documentation and software included
+in the Inno Setup package is copyrighted by Jordan Russell.
+
+Copyright (C) 1997-2007 Jordan Russell. All rights reserved.
+
+This software is provided "as-is," without any express or implied warranty.
+In no event shall the author be held liable for any damages arising from the
+use of this software.
+
+Permission is granted to anyone to use this software for any purpose,
+including commercial applications, and to alter and redistribute it,
+provided that the following conditions are met:
+
+1. All redistributions of source code files must retain all copyright
+ notices that are currently in place, and this list of conditions without
+ modification.
+
+2. All redistributions in binary form must retain all occurrences of the
+ above copyright notice and web site addresses that are currently in
+ place (for example, in the About boxes).
+
+3. The origin of this software must not be misrepresented; you must not
+ claim that you wrote the original software. If you use this software to
+ distribute a product, an acknowledgment in the product documentation
+ would be appreciated but is not required.
+
+4. Modified versions in source or binary form must be plainly marked as
+ such, and must not be misrepresented as being the original software.
+
+
+Jordan Russell
+jr-2007 AT jrsoftware.org
+http://www.jrsoftware.org/
diff --git a/server-installers/src/main/resources/META-INF/NOTICE.txt b/server-installers/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..3eee020
--- /dev/null
+++ b/server-installers/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,32 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
+This product includes a distribution of Antlr 2
+(http://antlr.org).
+
+This product includes a distribution of JDBM
+(http://jdbm.sourceforge.net).
+
+This product includes forked classes from the Legion of the Bouncy Castle
+(http://www.bouncycastle.org).
+
+This product includes a distribution of Spring Framework
+(http://www.springframework.org).
+
+This product includes a distribution of Izpack Installer
+(http://www.izforge.com/izpack/).
+
+This product includes a distribution of Inno Setup Installer
+(http://www.jrsoftware.org/isinfo.php).
+
+This product includes derivatives of forked schema files from OpenLDAP
+(http://openldap.org)
+
diff --git a/server-jndi/pom.xml b/server-jndi/pom.xml
index e067feb..7d36610 100644
--- a/server-jndi/pom.xml
+++ b/server-jndi/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-server-jndi</artifactId>
<name>ApacheDS Server JNDI</name>
diff --git a/server-jndi/src/main/java/org/apache/directory/server/jndi/ServerContextFactory.java b/server-jndi/src/main/java/org/apache/directory/server/jndi/ServerContextFactory.java
index 63f3329..54418aa 100644
--- a/server-jndi/src/main/java/org/apache/directory/server/jndi/ServerContextFactory.java
+++ b/server-jndi/src/main/java/org/apache/directory/server/jndi/ServerContextFactory.java
@@ -56,10 +56,12 @@
import org.apache.directory.server.ntp.NtpConfiguration;
import org.apache.directory.server.ntp.NtpServer;
import org.apache.directory.server.protocol.shared.store.LdifFileLoader;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.exception.LdapConfigurationException;
import org.apache.directory.shared.ldap.exception.LdapNamingException;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.extended.NoticeOfDisconnect;
+import org.apache.directory.shared.ldap.util.StringTools;
import org.apache.mina.common.DefaultIoFilterChainBuilder;
import org.apache.mina.common.ExecutorThreadModel;
import org.apache.mina.common.IoAcceptor;
@@ -89,6 +91,7 @@
*/
public class ServerContextFactory extends CoreContextFactory
{
+ /** Logger for this class */
private static final Logger log = LoggerFactory.getLogger( ServerContextFactory.class.getName() );
private static final String LDIF_FILES_DN = "ou=loadedLdifFiles,ou=configuration,ou=system";
@@ -108,7 +111,12 @@
private static DnsServer udpDnsServer;
private DirectoryService directoryService;
-
+ /**
+ * Initialize the SocketAcceptor so that the server can accept
+ * incomming requests.
+ *
+ * We will start N threads, spreaded on the available CPUs.
+ */
public void beforeStartup( DirectoryService service )
{
int maxThreads = service.getConfiguration().getStartupConfiguration().getMaxThreads();
@@ -117,7 +125,8 @@
threadModel.setExecutor( threadPoolExecutor );
udpAcceptor = new DatagramAcceptor();
- tcpAcceptor = new SocketAcceptor();
+ tcpAcceptor = new SocketAcceptor(
+ Runtime.getRuntime().availableProcessors(), threadPoolExecutor );
this.directoryService = service;
}
@@ -146,60 +155,72 @@
if ( tcpKdcServer != null )
{
tcpKdcServer.destroy();
+
if ( log.isInfoEnabled() )
{
log.info( "Unbind of KRB5 Service (TCP) complete: " + tcpKdcServer );
}
+
tcpKdcServer = null;
}
if ( udpKdcServer != null )
{
udpKdcServer.destroy();
+
if ( log.isInfoEnabled() )
{
log.info( "Unbind of KRB5 Service (UDP) complete: " + udpKdcServer );
}
+
udpKdcServer = null;
}
if ( tcpChangePasswordServer != null )
{
tcpChangePasswordServer.destroy();
+
if ( log.isInfoEnabled() )
{
log.info( "Unbind of Change Password Service (TCP) complete: " + tcpChangePasswordServer );
}
+
tcpChangePasswordServer = null;
}
if ( udpChangePasswordServer != null )
{
udpChangePasswordServer.destroy();
+
if ( log.isInfoEnabled() )
{
log.info( "Unbind of Change Password Service (UDP) complete: " + udpChangePasswordServer );
}
+
udpChangePasswordServer = null;
}
if ( tcpNtpServer != null )
{
tcpNtpServer.destroy();
+
if ( log.isInfoEnabled() )
{
log.info( "Unbind of NTP Service (TCP) complete: " + tcpNtpServer );
}
+
tcpNtpServer = null;
}
if ( udpNtpServer != null )
{
udpNtpServer.destroy();
+
if ( log.isInfoEnabled() )
{
log.info( "Unbind of NTP Service complete: " + udpNtpServer );
}
+
udpNtpServer = null;
}
@@ -245,9 +266,10 @@
private void ensureLdifFileBase( DirContext root )
{
- Attributes entry = new AttributesImpl( "ou", "loadedLdifFiles", true );
- entry.put( "objectClass", "top" );
- entry.get( "objectClass" ).add( "organizationalUnit" );
+ Attributes entry = new AttributesImpl( SchemaConstants.OU_AT, "loadedLdifFiles", true );
+ entry.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( SchemaConstants.ORGANIZATIONAL_UNIT_OC );
+
try
{
root.createSubcontext( LDIF_FILES_DN, entry );
@@ -264,39 +286,39 @@
private final static String WINDOWSFILE_OC = "windowsFile";
private final static String UNIXFILE_OC = "unixFile";
-
- private void addFileEntry( DirContext root, File ldif ) throws NamingException
+ private String buildProtectedFileEntry( File ldif )
{
- String rdnAttr = File.separatorChar == '\\' ? WINDOWSFILE_ATTR : UNIXFILE_ATTR;
- String oc = File.separatorChar == '\\' ? WINDOWSFILE_OC : UNIXFILE_OC;
StringBuffer buf = new StringBuffer();
- buf.append( rdnAttr );
+
+ buf.append( File.separatorChar == '\\' ? WINDOWSFILE_ATTR : UNIXFILE_ATTR );
buf.append( "=" );
- buf.append( getCanonical( ldif ) );
+
+ buf.append( StringTools.dumpHexPairs( StringTools.getBytesUtf8( getCanonical( ldif ) ) ) );
+
buf.append( "," );
buf.append( LDIF_FILES_DN );
+ return buf.toString();
+ }
+
+ private void addFileEntry( DirContext root, File ldif ) throws NamingException
+ {
+ String rdnAttr = File.separatorChar == '\\' ? WINDOWSFILE_ATTR : UNIXFILE_ATTR;
+ String oc = File.separatorChar == '\\' ? WINDOWSFILE_OC : UNIXFILE_OC;
+
Attributes entry = new AttributesImpl( rdnAttr, getCanonical( ldif ), true );
- entry.put( "objectClass", "top" );
- entry.get( "objectClass" ).add( oc );
- root.createSubcontext( buf.toString(), entry );
+ entry.put( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( oc );
+ root.createSubcontext( buildProtectedFileEntry( ldif ), entry );
}
private Attributes getLdifFileEntry( DirContext root, File ldif )
{
- String rdnAttr = File.separatorChar == '\\' ? WINDOWSFILE_ATTR : UNIXFILE_ATTR;
- StringBuffer buf = new StringBuffer();
- buf.append( rdnAttr );
- buf.append( "=" );
- buf.append( getCanonical( ldif ) );
- buf.append( "," );
- buf.append( LDIF_FILES_DN );
-
try
{
- return root.getAttributes( buf.toString(), new String[]
- { "createTimestamp" } );
+ return root.getAttributes( buildProtectedFileEntry( ldif ), new String[]
+ { SchemaConstants.CREATE_TIMESTAMP_AT } );
}
catch ( NamingException e )
{
@@ -308,6 +330,7 @@
private String getCanonical( File file )
{
String canonical = null;
+
try
{
canonical = file.getCanonicalPath();
@@ -353,16 +376,27 @@
// if ldif directory is a file try to load it
if ( !cfg.getLdifDirectory().isDirectory() )
{
- log.info( "LDIF load directory '" + getCanonical( cfg.getLdifDirectory() )
- + "' is a file. Will attempt to load as LDIF." );
+ if ( log.isInfoEnabled() )
+ {
+ log.info( "LDIF load directory '" + getCanonical( cfg.getLdifDirectory() )
+ + "' is a file. Will attempt to load as LDIF." );
+ }
+
Attributes fileEntry = getLdifFileEntry( root, cfg.getLdifDirectory() );
+
if ( fileEntry != null )
{
- String time = ( String ) fileEntry.get( "createTimestamp" ).get();
- log.info( "Load of LDIF file '" + getCanonical( cfg.getLdifDirectory() )
- + "' skipped. It has already been loaded on " + time + "." );
+ String time = ( String ) fileEntry.get( SchemaConstants.CREATE_TIMESTAMP_AT ).get();
+
+ if ( log.isInfoEnabled() )
+ {
+ log.info( "Load of LDIF file '" + getCanonical( cfg.getLdifDirectory() )
+ + "' skipped. It has already been loaded on " + time + "." );
+ }
+
return;
}
+
LdifFileLoader loader = new LdifFileLoader( root, cfg.getLdifDirectory(), cfg.getLdifFilters() );
loader.execute();
@@ -394,7 +428,7 @@
Attributes fileEntry = getLdifFileEntry( root, ldifFiles[ii] );
if ( fileEntry != null )
{
- String time = ( String ) fileEntry.get( "createTimestamp" ).get();
+ String time = ( String ) fileEntry.get( SchemaConstants.CREATE_TIMESTAMP_AT ).get();
log.info( "Load of LDIF file '" + getCanonical( ldifFiles[ii] )
+ "' skipped. It has already been loaded on " + time + "." );
continue;
@@ -626,6 +660,7 @@
// is not bound - this is ok because the GracefulShutdown has already
// sent notices to to the existing active sessions
List sessions = null;
+
try
{
sessions = new ArrayList( tcpAcceptor.getManagedSessions( new InetSocketAddress( port ) ) );
@@ -637,6 +672,7 @@
}
tcpAcceptor.unbind( new InetSocketAddress( port ) );
+
if ( log.isInfoEnabled() )
{
log.info( "Unbind of an LDAP service (" + port + ") is complete." );
@@ -655,6 +691,7 @@
// And close the connections when the NoDs are sent.
Iterator sessionIt = sessions.iterator();
+
for ( Iterator i = writeFutures.iterator(); i.hasNext(); )
{
WriteFuture future = ( WriteFuture ) i.next();
diff --git a/server-jndi/src/main/resources/META-INF/LICENSE.txt b/server-jndi/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..1b3e9c7
--- /dev/null
+++ b/server-jndi/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,300 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
diff --git a/server-jndi/src/main/resources/META-INF/NOTICE.txt b/server-jndi/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/server-jndi/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/server-main/apacheds.sh b/server-main/apacheds.sh
index a31af0a..23d8afb 100755
--- a/server-main/apacheds.sh
+++ b/server-main/apacheds.sh
@@ -1,9 +1,9 @@
#!/bin/sh
-if [ -e target/apacheds-server-main-1.5.0-SNAPSHOT-app.jar ] ; then
+if [ -e target/apacheds-server-main-1.5.1-SNAPSHOT-app.jar ] ; then
echo uber jar exists
else
echo uber jar not found need to build it
mvn clean assembly:assembly
fi
-java -Dlog4j.configuration=file://$(pwd)/log4j.properties -jar target/apacheds-server-main-1.5.0-SNAPSHOT-app.jar server.xml
+java -Dlog4j.configuration=file://$(pwd)/log4j.properties -jar target/apacheds-server-main-1.5.1-SNAPSHOT-app.jar server.xml
diff --git a/server-main/pom.xml b/server-main/pom.xml
index 25fccf9..900d42d 100644
--- a/server-main/pom.xml
+++ b/server-main/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-server-main</artifactId>
<name>ApacheDS Server Main</name>
@@ -18,7 +18,7 @@
<dependency>
<groupId>org.apache.directory.daemon</groupId>
<artifactId>daemon-bootstrappers</artifactId>
- <version>1.0.0</version>
+ <version>1.1.1-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
diff --git a/server-main/server.xml b/server-main/server.xml
index c423e7f..3c5166a 100644
--- a/server-main/server.xml
+++ b/server-main/server.xml
@@ -269,7 +269,13 @@
<bean class="org.apache.directory.mitosis.service.ReplicationService">
<property name="configuration">
<bean class="org.apache.directory.mitosis.configuration.ReplicationConfiguration">
- <property name="replicaId" value="instance_a" />
+ <property name="replicaId">
+ <bean class="org.apache.directory.mitosis.common.ReplicaId">
+ <constructor-arg>
+ <value>instance_a</value>
+ </constructor-arg>
+ </bean>
+ </property>
<property name="serverPort" value="10390" />
<property name="peerReplicas" value="instance_b@localhost:10392" />
</bean>
diff --git a/server-replication/pom.xml b/server-replication/pom.xml
index 1774fdd..c32774b 100644
--- a/server-replication/pom.xml
+++ b/server-replication/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-server-replication</artifactId>
<name>ApacheDS Server Replication Service</name>
diff --git a/server-sar/pom.xml b/server-sar/pom.xml
index 9a99565..c4e73e8 100644
--- a/server-sar/pom.xml
+++ b/server-sar/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-server-sar</artifactId>
<name>ApacheDS Server Sar (JBoss 3.x)</name>
diff --git a/server-sar/src/main/resources/META-INF/LICENSE.txt b/server-sar/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..ed78fdb
--- /dev/null
+++ b/server-sar/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,334 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ ANTLR 2 License
+
+ANTLR 2 License
+
+We reserve no legal rights to the ANTLR--it is fully in the public domain. An
+individual or company may do whatever they wish with source code distributed
+with ANTLR or the code generated by ANTLR, including the incorporation of
+ANTLR, or its output, into commerical software.
+
+We encourage users to develop software with ANTLR. However, we do ask that
+credit is given to us for developing ANTLR. By "credit", we mean that if you
+use ANTLR or incorporate any source code into one of your programs (commercial
+product, research project, or otherwise) that you acknowledge this fact
+somewhere in the documentation, research report, etc... If you like ANTLR
+and have developed a nice tool with the output, please mention that you
+developed it using ANTLR. In addition, we ask that the headers remain intact
+in our source code. As long as these guidelines are kept, we expect to
+continue enhancing this system and expect to make other tools available as
+they are completed.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
+
+ Bouncy Castle License
+
+Copyright (c) 2000 - 2006 The Legion Of The Bouncy Castle (http://www.bouncycastle.org)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
diff --git a/server-sar/src/main/resources/META-INF/NOTICE.txt b/server-sar/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..c430d5d
--- /dev/null
+++ b/server-sar/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,26 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
+This product includes a distribution of Antlr 2
+(http://antlr.org).
+
+This product includes a distribution of JDBM
+(http://jdbm.sourceforge.net).
+
+This product includes forked classes from the Legion of the Bouncy Castle
+(http://www.bouncycastle.org).
+
+This product includes a distribution of Spring Framework
+(http://www.springframework.org).
+
+This product includes derivatives of forked schema files from OpenLDAP
+(http://openldap.org)
+
diff --git a/server-tools/pom.xml b/server-tools/pom.xml
index d52d787..a55159b 100644
--- a/server-tools/pom.xml
+++ b/server-tools/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-server-tools</artifactId>
<name>ApacheDS Server Tools</name>
diff --git a/server-tools/src/main/java/org/apache/directory/server/tools/CapacityTestCommand.java b/server-tools/src/main/java/org/apache/directory/server/tools/CapacityTestCommand.java
index a6ddb22..b09c5cf 100644
--- a/server-tools/src/main/java/org/apache/directory/server/tools/CapacityTestCommand.java
+++ b/server-tools/src/main/java/org/apache/directory/server/tools/CapacityTestCommand.java
@@ -34,6 +34,7 @@
import org.apache.commons.cli.Options;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.directory.daemon.AvailablePortFinder;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.message.AttributesImpl;
@@ -89,11 +90,11 @@
}
Hashtable env = new Hashtable();
- env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
- env.put( "java.naming.provider.url", "ldap://" + host + ":" + port );
+ env.put( JndiPropertyConstants.JNDI_FACTORY_INITIAL, "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( JndiPropertyConstants.JNDI_PROVIDER_URL, "ldap://" + host + ":" + port );
env.put( "java.naming.security.principal", "uid=admin,ou=system" );
- env.put( "java.naming.security.credentials", password );
- env.put( "java.naming.security.authentication", "simple" );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_CREDENTIALS, password );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_AUTHENTICATION, "simple" );
LdapContext ctx = new InitialLdapContext( env, null );
diff --git a/server-tools/src/main/java/org/apache/directory/server/tools/commands/diagnosticcmd/DiagnosticCommandExecutor.java b/server-tools/src/main/java/org/apache/directory/server/tools/commands/diagnosticcmd/DiagnosticCommandExecutor.java
index d670e8d..555d8e8 100644
--- a/server-tools/src/main/java/org/apache/directory/server/tools/commands/diagnosticcmd/DiagnosticCommandExecutor.java
+++ b/server-tools/src/main/java/org/apache/directory/server/tools/commands/diagnosticcmd/DiagnosticCommandExecutor.java
@@ -34,6 +34,7 @@
import org.apache.directory.server.tools.execution.BaseToolCommandExecutor;
import org.apache.directory.server.tools.util.ListenerParameter;
import org.apache.directory.server.tools.util.Parameter;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.message.extended.LaunchDiagnosticUiRequest;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.FileSystemXmlApplicationContext;
@@ -105,11 +106,11 @@
}
Hashtable env = new Hashtable();
- env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
- env.put( "java.naming.provider.url", "ldap://" + host + ":" + port );
+ env.put( JndiPropertyConstants.JNDI_FACTORY_INITIAL, "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( JndiPropertyConstants.JNDI_PROVIDER_URL, "ldap://" + host + ":" + port );
env.put( "java.naming.security.principal", "uid=admin,ou=system" );
- env.put( "java.naming.security.credentials", password );
- env.put( "java.naming.security.authentication", "simple" );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_CREDENTIALS, password );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_AUTHENTICATION, "simple" );
LdapContext ctx = new InitialLdapContext( env, null );
if ( isDebugEnabled() )
diff --git a/server-tools/src/main/java/org/apache/directory/server/tools/commands/disconnectnotificationcmd/DisconnectNotificationCommandExecutor.java b/server-tools/src/main/java/org/apache/directory/server/tools/commands/disconnectnotificationcmd/DisconnectNotificationCommandExecutor.java
index ba76816..55ad365 100644
--- a/server-tools/src/main/java/org/apache/directory/server/tools/commands/disconnectnotificationcmd/DisconnectNotificationCommandExecutor.java
+++ b/server-tools/src/main/java/org/apache/directory/server/tools/commands/disconnectnotificationcmd/DisconnectNotificationCommandExecutor.java
@@ -41,6 +41,7 @@
import org.apache.directory.server.tools.execution.BaseToolCommandExecutor;
import org.apache.directory.server.tools.util.ListenerParameter;
import org.apache.directory.server.tools.util.Parameter;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.message.extended.GracefulDisconnect;
import org.apache.directory.shared.ldap.message.extended.NoticeOfDisconnect;
import org.springframework.context.ApplicationContext;
@@ -117,11 +118,11 @@
private void execute() throws Exception
{
Hashtable env = new Hashtable();
- env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
- env.put( "java.naming.provider.url", "ldap://" + host + ":" + port );
+ env.put( JndiPropertyConstants.JNDI_FACTORY_INITIAL, "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( JndiPropertyConstants.JNDI_PROVIDER_URL, "ldap://" + host + ":" + port );
env.put( "java.naming.security.principal", bindDN );
- env.put( "java.naming.security.credentials", password );
- env.put( "java.naming.security.authentication", "simple" );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_CREDENTIALS, password );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_AUTHENTICATION, "simple" );
LdapContext ctx = new InitialLdapContext( env, null );
ctx = ctx.newInstance( null );
diff --git a/server-tools/src/main/java/org/apache/directory/server/tools/commands/dumpcmd/DumpCommandExecutor.java b/server-tools/src/main/java/org/apache/directory/server/tools/commands/dumpcmd/DumpCommandExecutor.java
index f7823ce..9f19b10 100644
--- a/server-tools/src/main/java/org/apache/directory/server/tools/commands/dumpcmd/DumpCommandExecutor.java
+++ b/server-tools/src/main/java/org/apache/directory/server/tools/commands/dumpcmd/DumpCommandExecutor.java
@@ -23,7 +23,6 @@
import java.io.File;
import java.io.FileWriter;
import java.io.PrintWriter;
-import java.math.BigInteger;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
@@ -325,7 +324,7 @@
while ( list.hasMore() )
{
Tuple tuple = ( Tuple ) list.next();
- BigInteger id = ( BigInteger ) tuple.getKey();
+ Long id = ( Long ) tuple.getKey();
String dn = ( String ) idIndex.reverseLookup( id );
Attributes entry = ( Attributes ) tuple.getValue();
diff --git a/server-tools/src/main/java/org/apache/directory/server/tools/commands/gracefulshutdowncmd/GracefulShutdownCommandExecutor.java b/server-tools/src/main/java/org/apache/directory/server/tools/commands/gracefulshutdowncmd/GracefulShutdownCommandExecutor.java
index fc1ad10..c184abc 100644
--- a/server-tools/src/main/java/org/apache/directory/server/tools/commands/gracefulshutdowncmd/GracefulShutdownCommandExecutor.java
+++ b/server-tools/src/main/java/org/apache/directory/server/tools/commands/gracefulshutdowncmd/GracefulShutdownCommandExecutor.java
@@ -36,6 +36,7 @@
import org.apache.directory.server.tools.util.ListenerParameter;
import org.apache.directory.server.tools.util.Parameter;
import org.apache.directory.server.tools.util.ToolCommandException;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.message.extended.GracefulShutdownRequest;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.FileSystemXmlApplicationContext;
@@ -128,11 +129,11 @@
}
Hashtable env = new Hashtable();
- env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
- env.put( "java.naming.provider.url", "ldap://" + host + ":" + port );
+ env.put( JndiPropertyConstants.JNDI_FACTORY_INITIAL, "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( JndiPropertyConstants.JNDI_PROVIDER_URL, "ldap://" + host + ":" + port );
env.put( "java.naming.security.principal", "uid=admin,ou=system" );
- env.put( "java.naming.security.credentials", password );
- env.put( "java.naming.security.authentication", "simple" );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_CREDENTIALS, password );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_AUTHENTICATION, "simple" );
LdapContext ctx = new InitialLdapContext( env, null );
if ( !isQuietEnabled() )
diff --git a/server-tools/src/main/java/org/apache/directory/server/tools/commands/storedprocedurecmd/StoredProcedureCommandExecutor.java b/server-tools/src/main/java/org/apache/directory/server/tools/commands/storedprocedurecmd/StoredProcedureCommandExecutor.java
index 9afc994..8497521 100644
--- a/server-tools/src/main/java/org/apache/directory/server/tools/commands/storedprocedurecmd/StoredProcedureCommandExecutor.java
+++ b/server-tools/src/main/java/org/apache/directory/server/tools/commands/storedprocedurecmd/StoredProcedureCommandExecutor.java
@@ -33,6 +33,7 @@
import org.apache.directory.server.tools.execution.BaseToolCommandExecutor;
import org.apache.directory.server.tools.util.ListenerParameter;
import org.apache.directory.server.tools.util.Parameter;
+import org.apache.directory.shared.ldap.constants.JndiPropertyConstants;
import org.apache.directory.shared.ldap.message.extended.StoredProcedureRequest;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.FileSystemXmlApplicationContext;
@@ -103,11 +104,11 @@
}
Hashtable env = new Hashtable();
- env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
- env.put( "java.naming.provider.url", "ldap://" + host + ":" + port );
+ env.put( JndiPropertyConstants.JNDI_FACTORY_INITIAL, "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( JndiPropertyConstants.JNDI_PROVIDER_URL, "ldap://" + host + ":" + port );
env.put( "java.naming.security.principal", "uid=admin,ou=system" );
- env.put( "java.naming.security.credentials", password );
- env.put( "java.naming.security.authentication", "simple" );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_CREDENTIALS, password );
+ env.put( JndiPropertyConstants.JNDI_SECURITY_AUTHENTICATION, "simple" );
LdapContext ctx = new InitialLdapContext( env, null );
if ( !isQuietEnabled() )
diff --git a/server-tools/src/main/manifest/MANIFEST.MF b/server-tools/src/main/manifest/MANIFEST.MF
index f889920..d6e223c 100644
--- a/server-tools/src/main/manifest/MANIFEST.MF
+++ b/server-tools/src/main/manifest/MANIFEST.MF
@@ -2,28 +2,28 @@
Main-Class: org.apache.directory.server.tools.ApachedsTools
Class-Path: logger.jar daemon.jar bootstrapper.jar
../lib/antlr-2.7.4.jar
- ../lib/apacheds-kerberos-shared-1.5.0-SNAPSHOT.jar
- ../lib/apacheds-protocol-changepw-1.5.0-SNAPSHOT.jar
- ../lib/apacheds-protocol-shared-1.5.0-SNAPSHOT.jar
- ../lib/apacheds-protocol-kerberos-1.5.0-SNAPSHOT.jar
- ../lib/apacheds-protocol-ldap-1.5.0-SNAPSHOT.jar
- ../lib/apacheds-protocol-ntp-1.5.0-SNAPSHOT.jar
- ../lib/apacheds-core-1.5.0-SNAPSHOT.jar
- ../lib/apacheds-core-shared-1.5.0-SNAPSHOT.jar
- ../lib/apacheds-server-jndi-1.5.0-SNAPSHOT.jar
- ../lib/apacheds-server-main-1.5.0-SNAPSHOT.jar
+ ../lib/apacheds-kerberos-shared-1.5.1-SNAPSHOT.jar
+ ../lib/apacheds-protocol-changepw-1.5.1-SNAPSHOT.jar
+ ../lib/apacheds-protocol-shared-1.5.1-SNAPSHOT.jar
+ ../lib/apacheds-protocol-kerberos-1.5.1-SNAPSHOT.jar
+ ../lib/apacheds-protocol-ldap-1.5.1-SNAPSHOT.jar
+ ../lib/apacheds-protocol-ntp-1.5.1-SNAPSHOT.jar
+ ../lib/apacheds-core-1.5.1-SNAPSHOT.jar
+ ../lib/apacheds-core-shared-1.5.1-SNAPSHOT.jar
+ ../lib/apacheds-server-jndi-1.5.1-SNAPSHOT.jar
+ ../lib/apacheds-server-main-1.5.1-SNAPSHOT.jar
../lib/commons-collections-3.0.jar
- ../lib/commons-lang-2.0.jar
+ ../lib/commons-lang-2.1.jar
../lib/commons-logging-1.0.4.jar
../lib/commons-cli-1.0.jar
../lib/jdbm-1.0.jar
../lib/lcrypto-jdk14-131.jar
../lib/mina-core-1.0.0.jar
- ../lib/shared-asn1-codec-0.9.6-SNAPSHOT.jar
+ ../lib/shared-asn1-codec-0.9.7-SNAPSHOT.jar
../lib/mina-filter-ssl-1.0.0.jar
../lib/oro-2.0.8.jar
- ../lib/shared-asn1-0.9.6-SNAPSHOT.jar
- ../lib/shared-ldap-0.9.6-SNAPSHOT.jar
+ ../lib/shared-asn1-0.9.7-SNAPSHOT.jar
+ ../lib/shared-ldap-0.9.7-SNAPSHOT.jar
../lib/spring-beans-1.2.8.jar
../lib/spring-context-1.2.8.jar
../lib/spring-core-1.2.8.jar
diff --git a/server-tools/src/main/resources/META-INF/LICENSE.txt b/server-tools/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..c13db16
--- /dev/null
+++ b/server-tools/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,301 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
+----
diff --git a/server-tools/src/main/resources/META-INF/NOTICE.txt b/server-tools/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..eb0c18a
--- /dev/null
+++ b/server-tools/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,11 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
diff --git a/server-unit/pom.xml b/server-unit/pom.xml
index a6bea6a..0374ece 100644
--- a/server-unit/pom.xml
+++ b/server-unit/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-server-unit</artifactId>
<name>ApacheDS Server Unit</name>
@@ -27,6 +27,7 @@
<groupId>ldapsdk</groupId>
<artifactId>ldapsdk</artifactId>
<version>4.1</version>
+ <scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.directory.server</groupId>
diff --git a/server-unit/src/main/resources/META-INF/LICENSE.txt b/server-unit/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..1b3e9c7
--- /dev/null
+++ b/server-unit/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,300 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+----
+
+ SLF4J License
+
+Copyright (c) 2004-2006 SLF4J.ORG Copyright (c) 2004-2006 QOS.ch All rights reserved. Permissqion is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+----
+
+ JUnit - Common Public License 1.0
+
+Common Public License Version 1.0
+
+THE ACCOMPANYING PROGRAM IS PROVIDED UNDER THE TERMS OF THIS COMMON PUBLIC LICENSE ("AGREEMENT"). ANY USE, REPRODUCTION OR DISTRIBUTION OF THE PROGRAM CONSTITUTES RECIPIENT'S ACCEPTANCE OF THIS AGREEMENT.
+
+1. DEFINITIONS
+
+"Contribution" means:
+
+ a) in the case of the initial Contributor, the initial code and documentation distributed under this Agreement, and
+
+ b) in the case of each subsequent Contributor:
+
+ i) changes to the Program, and
+
+ ii) additions to the Program;
+
+ where such changes and/or additions to the Program originate from and are distributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or anyone acting on such Contributor's behalf. Contributions do not include additions to the Program which: (i) are separate modules of software distributed in conjunction with the Program under their own license agreement, and (ii) are not derivative works of the Program.
+
+"Contributor" means any person or entity that distributes the Program.
+
+"Licensed Patents " mean patent claims licensable by a Contributor which are necessarily infringed by the use or sale of its Contribution alone or when combined with the Program.
+
+"Program" means the Contributions distributed in accordance with this Agreement.
+
+"Recipient" means anyone who receives the Program under this Agreement, including all Contributors.
+
+2. GRANT OF RIGHTS
+
+ a) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free copyright license to reproduce, prepare derivative works of, publicly display, publicly perform, distribute and sublicense the Contribution of such Contributor, if any, and such derivative works, in source code and object code form.
+
+ b) Subject to the terms of this Agreement, each Contributor hereby grants Recipient a non-exclusive, worldwide, royalty-free patent license under Licensed Patents to make, use, sell, offer to sell, import and otherwise transfer the Contribution of such Contributor, if any, in source code and object code form. This patent license shall apply to the combination of the Contribution and the Program if, at the time the Contribution is added by the Contributor, such addition of the Contribution causes such combination to be covered by the Licensed Patents. The patent license shall not apply to any other combinations which include the Contribution. No hardware per se is licensed hereunder.
+
+ c) Recipient understands that although each Contributor grants the licenses to its Contributions set forth herein, no assurances are provided by any Contributor that the Program does not infringe the patent or other intellectual property rights of any other entity. Each Contributor disclaims any liability to Recipient for claims brought by any other entity based on infringement of intellectual property rights or otherwise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility to secure any other intellectual property rights needed, if any. For example, if a third party patent license is required to allow Recipient to distribute the Program, it is Recipient's responsibility to acquire that license before distributing the Program.
+
+ d) Each Contributor represents that to its knowledge it has sufficient copyright rights in its Contribution, if any, to grant the copyright license set forth in this Agreement.
+
+3. REQUIREMENTS
+
+A Contributor may choose to distribute the Program in object code form under its own license agreement, provided that:
+
+ a) it complies with the terms and conditions of this Agreement; and
+
+ b) its license agreement:
+
+ i) effectively disclaims on behalf of all Contributors all warranties and conditions, express and implied, including warranties or conditions of title and non-infringement, and implied warranties or conditions of merchantability and fitness for a particular purpose;
+
+ ii) effectively excludes on behalf of all Contributors all liability for damages, including direct, indirect, special, incidental and consequential damages, such as lost profits;
+
+ iii) states that any provisions which differ from this Agreement are offered by that Contributor alone and not by any other party; and
+
+ iv) states that source code for the Program is available from such Contributor, and informs licensees how to obtain it in a reasonable manner on or through a medium customarily used for software exchange.
+
+When the Program is made available in source code form:
+
+ a) it must be made available under this Agreement; and
+
+ b) a copy of this Agreement must be included with each copy of the Program.
+
+Contributors may not remove or alter any copyright notices contained within the Program.
+
+Each Contributor must identify itself as the originator of its Contribution, if any, in a manner that reasonably allows subsequent Recipients to identify the originator of the Contribution.
+
+4. COMMERCIAL DISTRIBUTION
+
+Commercial distributors of software may accept certain responsibilities with respect to end users, business partners and the like. While this license is intended to facilitate the commercial use of the Program, the Contributor who includes the Program in a commercial product offering should do so in a manner which does not create potential liability for other Contributors. Therefore, if a Contributor includes the Program in a commercial product offering, such Contributor ("Commercial Contributor") hereby agrees to defend and indemnify every other Contributor ("Indemnified Contributor") against any losses, damages and costs (collectively "Losses") arising from claims, lawsuits and other legal actions brought by a third party against the Indemnified Contributor to the extent caused by the acts or omissions of such Commercial Contributor in connection with its distribution of the Program in a commercial product offering. The obligations in this section do not apply to any claims or Losses relating to any actual or alleged intellectual property infringement. In order to qualify, an Indemnified Contributor must: a) promptly notify the Commercial Contributor in writing of such claim, and b) allow the Commercial Contributor to control, and cooperate with the Commercial Contributor in, the defense and any related settlement negotiations. The Indemnified Contributor may participate in any such claim at its own expense.
+
+For example, a Contributor might include the Program in a commercial product offering, Product X. That Contributor is then a Commercial Contributor. If that Commercial Contributor then makes performance claims, or offers warranties related to Product X, those performance claims and warranties are such Commercial Contributor's responsibility alone. Under this section, the Commercial Contributor would have to defend claims against the other Contributors related to those performance claims and warranties, and if a court requires any other Contributor to pay any damages as a result, the Commercial Contributor must pay those damages.
+
+5. NO WARRANTY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is solely responsible for determining the appropriateness of using and distributing the Program and assumes all risks associated with its exercise of rights under this Agreement, including but not limited to the risks and costs of program errors, compliance with applicable laws, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.
+
+6. DISCLAIMER OF LIABILITY
+
+EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+7. GENERAL
+
+If any provision of this Agreement is invalid or unenforceable under applicable law, it shall not affect the validity or enforceability of the remainder of the terms of this Agreement, and without further action by the parties hereto, such provision shall be reformed to the minimum extent necessary to make such provision valid and enforceable.
+
+If Recipient institutes patent litigation against a Contributor with respect to a patent applicable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of the date such litigation is filed. In addition, if Recipient institutes patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Program itself (excluding combinations of the Program with other software or hardware) infringes such Recipient's patent(s), then such Recipient's rights granted under Section 2(b) shall terminate as of the date such litigation is filed.
+
+All Recipient's rights under this Agreement shall terminate if it fails to comply with any of the material terms or conditions of this Agreement and does not cure such failure in a reasonable period of time after becoming aware of such noncompliance. If all Recipient's rights under this Agreement terminate, Recipient agrees to cease use and distribution of the Program as soon as reasonably practicable. However, Recipient's obligations under this Agreement and any licenses granted by Recipient relating to the Program shall continue and survive.
+
+Everyone is permitted to copy and distribute copies of this Agreement, but in order to avoid inconsistency the Agreement is copyrighted and may only be modified in the following manner. The Agreement Steward reserves the right to publish new versions (including revisions) of this Agreement from time to time. No one other than the Agreement Steward has the right to modify this Agreement. IBM is the initial Agreement Steward. IBM may assign the responsibility to serve as the Agreement Steward to a suitable separate entity. Each new version of the Agreement will be given a distinguishing version number. The Program (including Contributions) may always be distributed subject to the version of the Agreement under which it was received. In addition, after a new version of the Agreement is published, Contributor may elect to distribute the Program (including its Contributions) under the new version. Except as expressly stated in Sections 2(a) and 2(b) above, Recipient receives no rights or licenses to the intellectual property of any Contributor under this Agreement, whether expressly, by implication, estoppel or otherwise. All rights in the Program not expressly granted under this Agreement are reserved.
+
+This Agreement is governed by the laws of the State of New York and the intellectual property laws of the United States of America. No party to this Agreement will bring a legal action under this Agreement more than one year after the cause of action arose. Each party waives its rights to a jury trial in any resulting litigation.
+
diff --git a/server-unit/src/main/resources/META-INF/NOTICE.txt b/server-unit/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..a077503
--- /dev/null
+++ b/server-unit/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,12 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
+
+This product uses JUnit (http://junit.org/).
+
+This product includes a distribution of NLOG4J
+(http://www.slf4j.org/nlog4j/).
+
+
diff --git a/server-unit/src/test/java/org/apache/directory/server/AbstractServerTriggerServiceTest.java b/server-unit/src/test/java/org/apache/directory/server/AbstractServerTriggerServiceTest.java
index 25fa6f6..a848210 100644
--- a/server-unit/src/test/java/org/apache/directory/server/AbstractServerTriggerServiceTest.java
+++ b/server-unit/src/test/java/org/apache/directory/server/AbstractServerTriggerServiceTest.java
@@ -34,6 +34,7 @@
import org.apache.directory.server.core.partition.PartitionNexus;
import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.unit.AbstractServerTest;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
@@ -158,7 +159,7 @@
Attribute objectClass = new AttributeImpl( "objectClass" );
subentry.put( objectClass );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "triggerExecutionSubentry" );
subentry.put( "subtreeSpecification", subtree );
subentry.put( "prescriptiveTriggerSpecification", triggerSpec );
diff --git a/server-unit/src/test/java/org/apache/directory/server/BackupUtilities.java b/server-unit/src/test/java/org/apache/directory/server/BackupUtilitiesSP.java
similarity index 96%
rename from server-unit/src/test/java/org/apache/directory/server/BackupUtilities.java
rename to server-unit/src/test/java/org/apache/directory/server/BackupUtilitiesSP.java
index 5ca8e1d..a1c8dad 100644
--- a/server-unit/src/test/java/org/apache/directory/server/BackupUtilities.java
+++ b/server-unit/src/test/java/org/apache/directory/server/BackupUtilitiesSP.java
@@ -28,9 +28,9 @@
import org.slf4j.LoggerFactory;
-public class BackupUtilities
+public class BackupUtilitiesSP
{
- private static final Logger log = LoggerFactory.getLogger( BackupUtilities.class );
+ private static final Logger log = LoggerFactory.getLogger( BackupUtilitiesSP.class );
public static void backupDeleted( LdapContext ctx, Name deletedEntryName, Name operationPrincipal, Attributes deletedEntry ) throws NamingException
diff --git a/server-unit/src/test/java/org/apache/directory/server/DefaultServerTriggerServiceTest.java b/server-unit/src/test/java/org/apache/directory/server/DefaultServerTriggerServiceTest.java
index b229d7b..1c2ac20 100644
--- a/server-unit/src/test/java/org/apache/directory/server/DefaultServerTriggerServiceTest.java
+++ b/server-unit/src/test/java/org/apache/directory/server/DefaultServerTriggerServiceTest.java
@@ -33,9 +33,13 @@
import org.apache.directory.server.ldap.LdapConfiguration;
import org.apache.directory.server.ldap.support.extended.StoredProcedureExtendedOperationHandler;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
+import org.apache.directory.shared.ldap.name.LdapDN;
+import org.apache.directory.shared.ldap.name.Rdn;
import org.apache.directory.shared.ldap.sp.JavaStoredProcedureUtils;
+import org.apache.directory.shared.ldap.util.AttributeUtils;
/**
@@ -74,10 +78,65 @@
super.tearDown();
}
+ public void testAfterAddSubscribeUserToSomeGroups() throws NamingException
+ {
+ // Load the stored procedure unit which has the stored procedure to be triggered.
+ JavaStoredProcedureUtils.loadStoredProcedureClass( ctx, ListUtilsSP.class );
+
+ // Create a group to be subscribed to.
+ Attributes staffGroupEntry = new AttributesImpl( SchemaConstants.CN_AT, "staff", true );
+ Attribute objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ staffGroupEntry.put( objectClass );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC );
+ staffGroupEntry.put( SchemaConstants.UNIQUE_MEMBER_AT , "cn=dummy" );
+ Rdn staffRdn = new Rdn(SchemaConstants.CN_AT + "=" + "staff" );
+ sysRoot.createSubcontext( staffRdn.getUpName(), staffGroupEntry );
+
+ // Create another group to be subscribed to.
+ Attributes teachersGroupEntry = new AttributesImpl( SchemaConstants.CN_AT, "teachers", true );
+ objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ teachersGroupEntry.put( objectClass );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC );
+ teachersGroupEntry.put( SchemaConstants.UNIQUE_MEMBER_AT , "cn=dummy" );
+ Rdn teachersRdn = new Rdn( SchemaConstants.CN_AT + "=" + "teachers" );
+ sysRoot.createSubcontext( teachersRdn.getUpName(), teachersGroupEntry );
+
+ // Create the Triger Specification within a Trigger Subentry.
+ String staffDN = staffRdn.getUpName() + "," + sysRoot.getNameInNamespace();
+ String teachersDN = teachersRdn.getUpName() + "," + sysRoot.getNameInNamespace();
+ createTriggerSubentry( ctx, "triggerSubentry1",
+ "AFTER Add " +
+ "CALL \"" + ListUtilsSP.class.getName() + ".subscribeToGroup\" ( $entry , $ldapContext \"" + staffDN + "\" ); " +
+ "CALL \"" + ListUtilsSP.class.getName() + ".subscribeToGroup\" ( $entry , $ldapContext \"" + teachersDN + "\" );" );
+
+ // Create a test entry which is selected by the Trigger Subentry.
+ Attributes testEntry = new AttributesImpl( SchemaConstants.CN_AT, "The Teacher of All Times", true );
+ objectClass = new AttributeImpl( SchemaConstants.OBJECT_CLASS_AT );
+ testEntry.put( objectClass );
+ objectClass.add( SchemaConstants.TOP_OC );
+ objectClass.add( SchemaConstants.INET_ORG_PERSON_OC );
+ testEntry.put( SchemaConstants.SN_AT, "The Teacher" );
+ Rdn testEntryRdn = new Rdn( SchemaConstants.CN_AT + "=" + "The Teacher of All Times" );
+ sysRoot.createSubcontext( testEntryRdn.getUpName(), testEntry );
+
+ // ------------------------------------------
+ // The trigger should be fired at this point.
+ // ------------------------------------------
+
+ // Check if the Trigger really worked (subscribed the user to give grpups).
+ Attributes staff = sysRoot.getAttributes( "cn=staff" );
+ Attributes teachers = sysRoot.getAttributes( "cn=teachers" );
+ String testEntryName = ( ( LdapContext )sysRoot.lookup( testEntryRdn.getUpName() ) ).getNameInNamespace();
+ assertTrue( AttributeUtils.containsValueCaseIgnore( staff.get(SchemaConstants.UNIQUE_MEMBER_AT), testEntryName ) );
+ assertTrue( AttributeUtils.containsValueCaseIgnore( teachers.get(SchemaConstants.UNIQUE_MEMBER_AT), testEntryName ) );
+ }
+
public void testAfterDeleteBackupDeletedEntry() throws NamingException
{
// Load the stored procedure unit which has the stored procedure to be triggered.
- JavaStoredProcedureUtils.loadStoredProcedureClass( ctx, BackupUtilities.class );
+ JavaStoredProcedureUtils.loadStoredProcedureClass( ctx, BackupUtilitiesSP.class );
// Create a container for backing up deleted entries.
Attributes backupContext = new AttributesImpl( "ou", "backupContext", true );
@@ -89,7 +148,7 @@
// Create the Triger Specification within a Trigger Subentry.
createTriggerSubentry( ctx, "triggerSubentry1",
- "AFTER Delete CALL \"" + BackupUtilities.class.getName() + ".backupDeleted\" ( $ldapContext \"\", $name, $operationPrincipal, $deletedEntry )" );
+ "AFTER Delete CALL \"" + BackupUtilitiesSP.class.getName() + ".backupDeleted\" ( $ldapContext \"\", $name, $operationPrincipal, $deletedEntry );" );
// Create a test entry which is selected by the Trigger Subentry.
Attributes testEntry = new AttributesImpl( "ou", "testou", true );
diff --git a/server-unit/src/test/java/org/apache/directory/server/KeyDerivationServiceITest.java b/server-unit/src/test/java/org/apache/directory/server/KeyDerivationServiceITest.java
new file mode 100644
index 0000000..eb2f79b
--- /dev/null
+++ b/server-unit/src/test/java/org/apache/directory/server/KeyDerivationServiceITest.java
@@ -0,0 +1,453 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server;
+
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Hashtable;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.crypto.spec.DESKeySpec;
+import javax.naming.Context;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+
+import org.apache.directory.server.core.configuration.InterceptorConfiguration;
+import org.apache.directory.server.core.configuration.MutableInterceptorConfiguration;
+import org.apache.directory.server.core.configuration.MutablePartitionConfiguration;
+import org.apache.directory.server.core.configuration.PartitionConfiguration;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.interceptors.KeyDerivationService;
+import org.apache.directory.server.kerberos.shared.io.decoder.EncryptionKeyDecoder;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
+import org.apache.directory.server.unit.AbstractServerTest;
+import org.apache.directory.shared.ldap.message.AttributeImpl;
+import org.apache.directory.shared.ldap.message.AttributesImpl;
+import org.apache.directory.shared.ldap.message.ModificationItemImpl;
+import org.apache.mina.util.AvailablePortFinder;
+
+
+/**
+ * An {@link AbstractServerTest} testing the (@link {@link KeyDerivationService}'s
+ * ability to derive Kerberos symmetric keys based on userPassword and principal
+ * name and to generate random keys when the special keyword "randomKey" is used.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class KeyDerivationServiceITest extends AbstractServerTest
+{
+ private static final String RDN = "uid=hnelson,ou=users,dc=example,dc=com";
+
+ private DirContext ctx = null;
+
+
+ /**
+ * Set up a partition for EXAMPLE.COM, add the Key Derivation interceptor, enable
+ * the krb5kdc schema, and add a user principal to test authentication with.
+ */
+ public void setUp() throws Exception
+ {
+ configuration.setAllowAnonymousAccess( false );
+
+ Attributes attrs;
+ Set<PartitionConfiguration> pcfgs = new HashSet<PartitionConfiguration>();
+
+ MutablePartitionConfiguration pcfg;
+
+ // Add partition 'example'
+ pcfg = new MutablePartitionConfiguration();
+ pcfg.setName( "example" );
+ pcfg.setSuffix( "dc=example,dc=com" );
+
+ Set<Object> indexedAttrs = new HashSet<Object>();
+ indexedAttrs.add( "ou" );
+ indexedAttrs.add( "dc" );
+ indexedAttrs.add( "objectClass" );
+ pcfg.setIndexedAttributes( indexedAttrs );
+
+ attrs = new AttributesImpl( true );
+ Attribute attr = new AttributeImpl( "objectClass" );
+ attr.add( "top" );
+ attr.add( "domain" );
+ attrs.put( attr );
+ attr = new AttributeImpl( "dc" );
+ attr.add( "example" );
+ attrs.put( attr );
+ pcfg.setContextEntry( attrs );
+
+ pcfgs.add( pcfg );
+ configuration.setPartitionConfigurations( pcfgs );
+
+ MutableInterceptorConfiguration interceptorCfg = new MutableInterceptorConfiguration();
+ List<InterceptorConfiguration> list = configuration.getInterceptorConfigurations();
+
+ interceptorCfg.setName( KeyDerivationService.NAME );
+ interceptorCfg.setInterceptor( new KeyDerivationService() );
+ list.add( interceptorCfg );
+ configuration.setInterceptorConfigurations( list );
+
+ doDelete( configuration.getWorkingDirectory() );
+ port = AvailablePortFinder.getNextAvailable( 1024 );
+ configuration.getLdapConfiguration().setIpPort( port );
+ configuration.setShutdownHookEnabled( false );
+ setContexts( "uid=admin,ou=system", "secret" );
+
+ // -------------------------------------------------------------------
+ // Enable the krb5kdc schema
+ // -------------------------------------------------------------------
+
+ // check if krb5kdc is disabled
+ Attributes krb5kdcAttrs = schemaRoot.getAttributes( "cn=Krb5kdc" );
+ boolean isKrb5KdcDisabled = false;
+ if ( krb5kdcAttrs.get( "m-disabled" ) != null )
+ {
+ isKrb5KdcDisabled = ( ( String ) krb5kdcAttrs.get( "m-disabled" ).get() ).equalsIgnoreCase( "TRUE" );
+ }
+
+ // if krb5kdc is disabled then enable it
+ if ( isKrb5KdcDisabled )
+ {
+ Attribute disabled = new AttributeImpl( "m-disabled" );
+ ModificationItemImpl[] mods = new ModificationItemImpl[]
+ { new ModificationItemImpl( DirContext.REMOVE_ATTRIBUTE, disabled ) };
+ schemaRoot.modifyAttributes( "cn=Krb5kdc", mods );
+ }
+
+ Hashtable<String, String> env = new Hashtable<String, String>();
+ env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( "java.naming.provider.url", "ldap://localhost:" + port + "/dc=example,dc=com" );
+ env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+ env.put( "java.naming.security.credentials", "secret" );
+ env.put( "java.naming.security.authentication", "simple" );
+ ctx = new InitialDirContext( env );
+
+ attrs = getOrgUnitAttributes( "users" );
+ DirContext users = ctx.createSubcontext( "ou=users", attrs );
+
+ attrs = getPersonAttributes( "Nelson", "Horatio Nelson", "hnelson", "secret", "hnelson@EXAMPLE.COM" );
+ users.createSubcontext( "uid=hnelson", attrs );
+ }
+
+
+ /**
+ * Tests that the addition of an entry caused keys to be derived and added.
+ *
+ * @throws NamingException
+ * @throws IOException
+ */
+ public void testAddDerivedKeys() throws NamingException, IOException
+ {
+ Hashtable<String, String> env = new Hashtable<String, String>();
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
+
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.SECURITY_PRINCIPAL, "uid=hnelson,ou=users,dc=example,dc=com" );
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ env.put( "java.naming.ldap.attributes.binary", "krb5key" );
+
+ DirContext ctx = new InitialDirContext( env );
+
+ String[] attrIDs =
+ { "uid", "userPassword", "krb5Key" };
+
+ Attributes attributes = ctx.getAttributes( RDN, attrIDs );
+
+ String uid = null;
+
+ if ( attributes.get( "uid" ) != null )
+ {
+ uid = ( String ) attributes.get( "uid" ).get();
+ }
+
+ assertEquals( uid, "hnelson" );
+
+ byte[] userPassword = null;
+
+ if ( attributes.get( "userPassword" ) != null )
+ {
+ userPassword = ( byte[] ) attributes.get( "userPassword" ).get();
+ }
+
+ // Could be 4 or 5 depending on whether AES-256 is enabled or not.
+ assertTrue( "Number of keys", attributes.get( "krb5key" ).size() > 3 );
+
+ byte[] testPasswordBytes =
+ { ( byte ) 0x73, ( byte ) 0x65, ( byte ) 0x63, ( byte ) 0x72, ( byte ) 0x65, ( byte ) 0x74 };
+ assertTrue( Arrays.equals( userPassword, testPasswordBytes ) );
+
+ Attribute krb5key = attributes.get( "krb5key" );
+ Map<EncryptionType, EncryptionKey> map = reconstituteKeyMap( krb5key );
+ EncryptionKey encryptionKey = map.get( EncryptionType.DES_CBC_MD5 );
+
+ byte[] testKeyBytes =
+ { ( byte ) 0xF4, ( byte ) 0xA7, ( byte ) 0x13, ( byte ) 0x64, ( byte ) 0x8A, ( byte ) 0x61, ( byte ) 0xCE,
+ ( byte ) 0x5B };
+
+ assertTrue( Arrays.equals( encryptionKey.getKeyValue(), testKeyBytes ) );
+ assertEquals( EncryptionType.DES_CBC_MD5, encryptionKey.getKeyType() );
+ }
+
+
+ /**
+ * Tests that the modification on an entry caused keys to be derived and modified.
+ *
+ * @throws NamingException
+ * @throws IOException
+ */
+ public void testModifyDerivedKeys() throws NamingException, IOException
+ {
+ Hashtable<String, String> env = new Hashtable<String, String>();
+ env.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( Context.PROVIDER_URL, "ldap://localhost:" + port );
+
+ env.put( Context.SECURITY_AUTHENTICATION, "simple" );
+ env.put( Context.SECURITY_PRINCIPAL, "uid=hnelson,ou=users,dc=example,dc=com" );
+ env.put( Context.SECURITY_CREDENTIALS, "secret" );
+ env.put( "java.naming.ldap.attributes.binary", "krb5key" );
+
+ DirContext ctx = new InitialDirContext( env );
+
+ String newPrincipalName = "hnelson@EXAMPLE.COM";
+ String newUserPassword = "secretsecret";
+
+ // Modify password.
+ Attributes attributes = new AttributesImpl( true );
+ Attribute attr = new AttributeImpl( "userPassword", newUserPassword );
+ attributes.put( attr );
+ attr = new AttributeImpl( KerberosAttribute.PRINCIPAL, newPrincipalName );
+ attributes.put( attr );
+
+ DirContext person = ( DirContext ) ctx.lookup( RDN );
+ person.modifyAttributes( "", DirContext.REPLACE_ATTRIBUTE, attributes );
+
+ // Read again from directory.
+ person = ( DirContext ) ctx.lookup( RDN );
+ attributes = person.getAttributes( "" );
+
+ byte[] userPassword = null;
+
+ if ( attributes.get( "userPassword" ) != null )
+ {
+ userPassword = ( byte[] ) attributes.get( "userPassword" ).get();
+ }
+
+ // Could be 4 or 5 depending on whether AES-256 is enabled or not.
+ assertTrue( "Number of keys", attributes.get( "krb5key" ).size() > 3 );
+
+ byte[] testBytes =
+ { 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74 };
+ assertTrue( Arrays.equals( userPassword, testBytes ) );
+
+ Attribute krb5key = attributes.get( "krb5key" );
+ Map<EncryptionType, EncryptionKey> map = reconstituteKeyMap( krb5key );
+ EncryptionKey encryptionKey = map.get( EncryptionType.DES_CBC_MD5 );
+
+ byte[] testKeyBytes =
+ { ( byte ) 0x16, ( byte ) 0x4A, ( byte ) 0x6D, ( byte ) 0x89, ( byte ) 0x5D, ( byte ) 0x76, ( byte ) 0x0E,
+ ( byte ) 0x23 };
+
+ assertTrue( Arrays.equals( encryptionKey.getKeyValue(), testKeyBytes ) );
+ assertEquals( EncryptionType.DES_CBC_MD5, encryptionKey.getKeyType() );
+ }
+
+
+ /**
+ * Tests that the addition of an entry caused random keys to be derived and added.
+ *
+ * @throws NamingException
+ * @throws IOException
+ * @throws InvalidKeyException
+ */
+ public void testAddRandomKeys() throws NamingException, IOException, InvalidKeyException
+ {
+ Hashtable<String, String> env = new Hashtable<String, String>();
+ env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( "java.naming.provider.url", "ldap://localhost:" + port + "/ou=users,dc=example,dc=com" );
+ env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+ env.put( "java.naming.security.credentials", "secret" );
+ env.put( "java.naming.security.authentication", "simple" );
+ env.put( "java.naming.ldap.attributes.binary", "krb5key" );
+ ctx = new InitialDirContext( env );
+
+ Attributes attrs = getPersonAttributes( "Quist", "Thomas Quist", "tquist", "randomKey", "tquist@EXAMPLE.COM" );
+ ctx.createSubcontext( "uid=tquist", attrs );
+
+ attrs = getPersonAttributes( "Fryer", "John Fryer", "jfryer", "randomKey", "jfryer@EXAMPLE.COM" );
+ ctx.createSubcontext( "uid=jfryer", attrs );
+
+ String[] attrIDs =
+ { "uid", "userPassword", "krb5Key" };
+
+ Attributes tquistAttrs = ctx.getAttributes( "uid=tquist", attrIDs );
+ Attributes jfryerAttrs = ctx.getAttributes( "uid=jfryer", attrIDs );
+
+ String uid = null;
+ byte[] userPassword = null;
+
+ if ( tquistAttrs.get( "uid" ) != null )
+ {
+ uid = ( String ) tquistAttrs.get( "uid" ).get();
+ }
+
+ assertEquals( "tquist", uid );
+
+ if ( tquistAttrs.get( "userPassword" ) != null )
+ {
+ userPassword = ( byte[] ) tquistAttrs.get( "userPassword" ).get();
+ }
+
+ // Bytes for "randomKey."
+ byte[] testPasswordBytes =
+ { ( byte ) 0x72, ( byte ) 0x61, ( byte ) 0x6E, ( byte ) 0x64, ( byte ) 0x6F, ( byte ) 0x6D, ( byte ) 0x4B,
+ ( byte ) 0x65, ( byte ) 0x79 };
+ assertTrue( Arrays.equals( testPasswordBytes, userPassword ) );
+
+ if ( jfryerAttrs.get( "uid" ) != null )
+ {
+ uid = ( String ) jfryerAttrs.get( "uid" ).get();
+ }
+
+ assertEquals( "jfryer", uid );
+
+ if ( jfryerAttrs.get( "userPassword" ) != null )
+ {
+ userPassword = ( byte[] ) jfryerAttrs.get( "userPassword" ).get();
+ }
+
+ assertTrue( Arrays.equals( testPasswordBytes, userPassword ) );
+
+ byte[] testKeyBytes =
+ { ( byte ) 0xF4, ( byte ) 0xA7, ( byte ) 0x13, ( byte ) 0x64, ( byte ) 0x8A, ( byte ) 0x61, ( byte ) 0xCE,
+ ( byte ) 0x5B };
+
+ Attribute krb5key = tquistAttrs.get( "krb5key" );
+ Map<EncryptionType, EncryptionKey> map = reconstituteKeyMap( krb5key );
+ EncryptionKey encryptionKey = map.get( EncryptionType.DES_CBC_MD5 );
+ byte[] tquistKey = encryptionKey.getKeyValue();
+
+ assertEquals( EncryptionType.DES_CBC_MD5, encryptionKey.getKeyType() );
+
+ krb5key = jfryerAttrs.get( "krb5key" );
+ map = reconstituteKeyMap( krb5key );
+ encryptionKey = map.get( EncryptionType.DES_CBC_MD5 );
+ byte[] jfryerKey = encryptionKey.getKeyValue();
+
+ assertEquals( EncryptionType.DES_CBC_MD5, encryptionKey.getKeyType() );
+
+ assertEquals( "Key length", 8, tquistKey.length );
+ assertEquals( "Key length", 8, jfryerKey.length );
+
+ assertFalse( Arrays.equals( testKeyBytes, tquistKey ) );
+ assertFalse( Arrays.equals( testKeyBytes, jfryerKey ) );
+ assertFalse( Arrays.equals( jfryerKey, tquistKey ) );
+
+ byte[] tquistDerivedKey =
+ { ( byte ) 0xFD, ( byte ) 0x7F, ( byte ) 0x6B, ( byte ) 0x83, ( byte ) 0xA4, ( byte ) 0x76, ( byte ) 0xC1,
+ ( byte ) 0xEA };
+ byte[] jfryerDerivedKey =
+ { ( byte ) 0xA4, ( byte ) 0x10, ( byte ) 0x3B, ( byte ) 0x49, ( byte ) 0xCE, ( byte ) 0x0B, ( byte ) 0xB5,
+ ( byte ) 0x07 };
+
+ assertFalse( Arrays.equals( tquistDerivedKey, tquistKey ) );
+ assertFalse( Arrays.equals( jfryerDerivedKey, jfryerKey ) );
+
+ assertTrue( DESKeySpec.isParityAdjusted( tquistKey, 0 ) );
+ assertTrue( DESKeySpec.isParityAdjusted( jfryerKey, 0 ) );
+ }
+
+
+ /**
+ * Tear down.
+ */
+ public void tearDown() throws Exception
+ {
+ ctx.close();
+ ctx = null;
+ super.tearDown();
+ }
+
+
+ /**
+ * Convenience method for creating a person.
+ */
+ protected Attributes getPersonAttributes( String sn, String cn, String uid, String userPassword, String principal )
+ {
+ Attributes attrs = new AttributesImpl();
+ Attribute ocls = new AttributeImpl( "objectClass" );
+ ocls.add( "top" );
+ ocls.add( "person" ); // sn $ cn
+ ocls.add( "inetOrgPerson" ); // uid
+ ocls.add( "krb5principal" );
+ ocls.add( "krb5kdcentry" );
+ attrs.put( ocls );
+ attrs.put( "cn", cn );
+ attrs.put( "sn", sn );
+ attrs.put( "uid", uid );
+ attrs.put( "userPassword", userPassword );
+ attrs.put( KerberosAttribute.PRINCIPAL, principal );
+ attrs.put( KerberosAttribute.VERSION, "0" );
+
+ return attrs;
+ }
+
+
+ /**
+ * Convenience method for creating an organizational unit.
+ */
+ protected Attributes getOrgUnitAttributes( String ou )
+ {
+ Attributes attrs = new AttributesImpl();
+ Attribute ocls = new AttributeImpl( "objectClass" );
+ ocls.add( "top" );
+ ocls.add( "organizationalUnit" );
+ attrs.put( ocls );
+ attrs.put( "ou", ou );
+
+ return attrs;
+ }
+
+
+ private Map<EncryptionType, EncryptionKey> reconstituteKeyMap( Attribute krb5key ) throws NamingException,
+ IOException
+ {
+ Map<EncryptionType, EncryptionKey> map = new HashMap<EncryptionType, EncryptionKey>();
+
+ for ( int ii = 0; ii < krb5key.size(); ii++ )
+ {
+ byte[] encryptionKeyBytes = ( byte[] ) krb5key.get( ii );
+ EncryptionKey encryptionKey = EncryptionKeyDecoder.decode( encryptionKeyBytes );
+ map.put( encryptionKey.getKeyType(), encryptionKey );
+ }
+
+ return map;
+ }
+}
diff --git a/server-unit/src/test/java/org/apache/directory/server/ListUtilsSP.java b/server-unit/src/test/java/org/apache/directory/server/ListUtilsSP.java
new file mode 100644
index 0000000..9c27e83
--- /dev/null
+++ b/server-unit/src/test/java/org/apache/directory/server/ListUtilsSP.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server;
+
+import javax.naming.Name;
+import javax.naming.NamingException;
+import javax.naming.directory.BasicAttributes;
+import javax.naming.directory.DirContext;
+import javax.naming.ldap.LdapContext;
+
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+public class ListUtilsSP
+{
+ private static final Logger log = LoggerFactory.getLogger( ListUtilsSP.class );
+
+
+ public static void subscribeToGroup( Name addedEntryName, LdapContext groupCtx ) throws NamingException
+ {
+ log.info( "User \"" + addedEntryName + "\" will be subscribed to \"" + groupCtx + "\"" );
+ groupCtx.modifyAttributes("", DirContext.ADD_ATTRIBUTE, new BasicAttributes( SchemaConstants.UNIQUE_MEMBER_AT, addedEntryName.toString(), true ) );
+ log.info( "Subscription OK." );
+ }
+}
diff --git a/server-unit/src/test/java/org/apache/directory/server/MatchingRuleCompareTest.java b/server-unit/src/test/java/org/apache/directory/server/MatchingRuleCompareTest.java
index 784fde3..ceaf550 100644
--- a/server-unit/src/test/java/org/apache/directory/server/MatchingRuleCompareTest.java
+++ b/server-unit/src/test/java/org/apache/directory/server/MatchingRuleCompareTest.java
@@ -51,7 +51,7 @@
public static final String PERSON_CN = "Tori Amos";
public static final String PERSON_SN = "Amos";
public static final String PERSON_RDN = "cn=" + PERSON_CN;
- public static final String PERSON_TELEPHONE = "1234567890abc";
+ public static final String PERSON_TELEPHONE = "1234567890";
public static final String PERSON_PWD = "Secret1!";
public static final String GROUP_CN = "Artists";
diff --git a/server-unit/src/test/java/org/apache/directory/server/ModifyRdnTest.java b/server-unit/src/test/java/org/apache/directory/server/ModifyRdnTest.java
index c595183..6faa8ac 100644
--- a/server-unit/src/test/java/org/apache/directory/server/ModifyRdnTest.java
+++ b/server-unit/src/test/java/org/apache/directory/server/ModifyRdnTest.java
@@ -150,6 +150,52 @@
ctx.unbind( newRdn );
}
+ /**
+ * Modify Rdn of an entry, without deleting its old rdn value.
+ *
+ * The JNDI property is set with 'False'
+ *
+ * @throws NamingException
+ */
+ public void testModifyRdnAndDontDeleteOldFalse() throws NamingException
+ {
+ // Create a person, cn value is rdn
+ String oldCn = "Myra Ellen Amos";
+ String oldRdn = "cn=" + oldCn;
+ Attributes attributes = this.getPersonAttributes( "Amos", oldCn );
+ ctx.createSubcontext( oldRdn, attributes );
+
+ // modify Rdn
+ String newCn = "Tori Amos";
+ String newRdn = "cn=" + newCn;
+ ctx.addToEnvironment( "java.naming.ldap.deleteRDN", "False" );
+ ctx.rename( oldRdn, newRdn );
+
+ // Check, whether old Entry does not exists
+ try
+ {
+ ctx.lookup( oldRdn );
+ fail( "Entry must not exist" );
+ }
+ catch ( NameNotFoundException ignored )
+ {
+ // expected behaviour
+ assertTrue( true );
+ }
+
+ // Check, whether new Entry exists
+ DirContext tori = ( DirContext ) ctx.lookup( newRdn );
+ assertNotNull( tori );
+
+ // Check values of cn
+ Attribute cn = tori.getAttributes( "" ).get( "cn" );
+ assertTrue( cn.contains( newCn ) );
+ assertTrue( cn.contains( oldCn ) ); // old value is gone
+ assertEquals( 2, cn.size() );
+
+ // Remove entry (use new rdn)
+ ctx.unbind( newRdn );
+ }
/**
* Modify Rdn of an entry, keep its old rdn value.
diff --git a/server-unit/src/test/java/org/apache/directory/server/PasswordPolicyServiceITest.java b/server-unit/src/test/java/org/apache/directory/server/PasswordPolicyServiceITest.java
new file mode 100644
index 0000000..defbdd5
--- /dev/null
+++ b/server-unit/src/test/java/org/apache/directory/server/PasswordPolicyServiceITest.java
@@ -0,0 +1,305 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.server;
+
+
+import java.util.HashSet;
+import java.util.Hashtable;
+import java.util.List;
+import java.util.Set;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+
+import org.apache.directory.server.core.configuration.InterceptorConfiguration;
+import org.apache.directory.server.core.configuration.MutableInterceptorConfiguration;
+import org.apache.directory.server.core.configuration.MutablePartitionConfiguration;
+import org.apache.directory.server.core.configuration.PartitionConfiguration;
+import org.apache.directory.server.kerberos.shared.interceptors.PasswordPolicyService;
+import org.apache.directory.server.unit.AbstractServerTest;
+import org.apache.directory.shared.ldap.message.AttributeImpl;
+import org.apache.directory.shared.ldap.message.AttributesImpl;
+
+
+/**
+ * An {@link AbstractServerTest} testing the (@link {@link PasswordPolicyService}.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class PasswordPolicyServiceITest extends AbstractServerTest
+{
+ private DirContext ctx = null;
+ private DirContext users = null;
+
+
+ /**
+ * Set up a partition for EXAMPLE.COM, add the {@link PasswordPolicyService}
+ * interceptor, and create a users subcontext.
+ */
+ public void setUp() throws Exception
+ {
+ configuration.setAllowAnonymousAccess( false );
+
+ Attributes attrs;
+ Set<PartitionConfiguration> pcfgs = new HashSet<PartitionConfiguration>();
+
+ MutablePartitionConfiguration pcfg;
+
+ // Add partition 'example'
+ pcfg = new MutablePartitionConfiguration();
+ pcfg.setName( "example" );
+ pcfg.setSuffix( "dc=example,dc=com" );
+
+ Set<Object> indexedAttrs = new HashSet<Object>();
+ indexedAttrs.add( "ou" );
+ indexedAttrs.add( "dc" );
+ indexedAttrs.add( "objectClass" );
+ pcfg.setIndexedAttributes( indexedAttrs );
+
+ attrs = new AttributesImpl( true );
+ Attribute attr = new AttributeImpl( "objectClass" );
+ attr.add( "top" );
+ attr.add( "domain" );
+ attrs.put( attr );
+ attr = new AttributeImpl( "dc" );
+ attr.add( "example" );
+ attrs.put( attr );
+ pcfg.setContextEntry( attrs );
+
+ pcfgs.add( pcfg );
+ configuration.setPartitionConfigurations( pcfgs );
+
+ MutableInterceptorConfiguration interceptorCfg = new MutableInterceptorConfiguration();
+ List<InterceptorConfiguration> list = configuration.getInterceptorConfigurations();
+
+ interceptorCfg.setName( "passwordPolicyService" );
+ interceptorCfg.setInterceptor( new PasswordPolicyService() );
+ list.add( interceptorCfg );
+ configuration.setInterceptorConfigurations( list );
+
+ super.setUp();
+
+ Hashtable<String, String> env = new Hashtable<String, String>();
+ env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
+ env.put( "java.naming.provider.url", "ldap://localhost:" + port + "/dc=example,dc=com" );
+ env.put( "java.naming.security.principal", "uid=admin,ou=system" );
+ env.put( "java.naming.security.credentials", "secret" );
+ env.put( "java.naming.security.authentication", "simple" );
+ ctx = new InitialDirContext( env );
+
+ attrs = getOrgUnitAttributes( "users" );
+ users = ctx.createSubcontext( "ou=users", attrs );
+ }
+
+
+ /**
+ * Tests that passwords that are too short are properly rejected.
+ */
+ public void testLength()
+ {
+ Attributes attrs = getPersonAttributes( "Nelson", "Horatio Nelson", "hnelson", "HN1" );
+ try
+ {
+ users.createSubcontext( "uid=hnelson", attrs );
+ fail( "Shouldn't have gotten here." );
+ }
+ catch ( NamingException ne )
+ {
+ assertTrue( ne.getMessage().contains( "length too short" ) );
+ assertFalse( ne.getMessage().contains( "insufficient character mix" ) );
+ assertFalse( ne.getMessage().contains( "contains portions of username" ) );
+ }
+ }
+
+
+ /**
+ * Tests that passwords with insufficient character mix are properly rejected.
+ */
+ public void testCharacterMix()
+ {
+ Attributes attrs = getPersonAttributes( "Nelson", "Horatio Nelson", "hnelson", "secret" );
+ try
+ {
+ users.createSubcontext( "uid=hnelson", attrs );
+ fail( "Shouldn't have gotten here." );
+ }
+ catch ( NamingException ne )
+ {
+ assertFalse( ne.getMessage().contains( "length too short" ) );
+ assertTrue( ne.getMessage().contains( "insufficient character mix" ) );
+ assertFalse( ne.getMessage().contains( "contains portions of username" ) );
+ }
+ }
+
+
+ /**
+ * Tests that passwords that contain substrings of the username are properly rejected.
+ */
+ public void testContainsUsername()
+ {
+ Attributes attrs = getPersonAttributes( "Nelson", "Horatio Nelson", "hnelson", "A1nelson" );
+ try
+ {
+ users.createSubcontext( "uid=hnelson", attrs );
+ fail( "Shouldn't have gotten here." );
+ }
+ catch ( NamingException ne )
+ {
+ assertFalse( ne.getMessage().contains( "length too short" ) );
+ assertFalse( ne.getMessage().contains( "insufficient character mix" ) );
+ assertTrue( ne.getMessage().contains( "contains portions of username" ) );
+ }
+ }
+
+
+ /**
+ * Tests that passwords with insufficient character mix and that are too
+ * short are properly rejected.
+ */
+ public void testCharacterMixAndLength()
+ {
+ Attributes attrs = getPersonAttributes( "Nelson", "Horatio Nelson", "hnelson", "hi" );
+ try
+ {
+ users.createSubcontext( "uid=hnelson", attrs );
+ fail( "Shouldn't have gotten here." );
+ }
+ catch ( NamingException ne )
+ {
+ assertTrue( ne.getMessage().contains( "length too short" ) );
+ assertTrue( ne.getMessage().contains( "insufficient character mix" ) );
+ assertFalse( ne.getMessage().contains( "contains portions of username" ) );
+ }
+ }
+
+
+ /**
+ * Tests that passwords that are too short and that contain substrings of
+ * the username are properly rejected.
+ */
+ public void testLengthAndContainsUsername()
+ {
+ Attributes attrs = getPersonAttributes( "Bush", "William Bush", "wbush", "bush1" );
+ try
+ {
+ users.createSubcontext( "uid=wbush", attrs );
+ fail( "Shouldn't have gotten here." );
+ }
+ catch ( NamingException ne )
+ {
+ assertTrue( ne.getMessage().contains( "length too short" ) );
+ assertFalse( ne.getMessage().contains( "insufficient character mix" ) );
+ assertTrue( ne.getMessage().contains( "contains portions of username" ) );
+ }
+ }
+
+
+ /**
+ * Tests that passwords with insufficient character mix and that contain substrings of
+ * the username are properly rejected.
+ */
+ public void testCharacterMixAndContainsUsername()
+ {
+ Attributes attrs = getPersonAttributes( "Nelson", "Horatio Nelson", "hnelson", "hnelson" );
+ try
+ {
+ users.createSubcontext( "uid=hnelson", attrs );
+ fail( "Shouldn't have gotten here." );
+ }
+ catch ( NamingException ne )
+ {
+ assertFalse( ne.getMessage().contains( "length too short" ) );
+ assertTrue( ne.getMessage().contains( "insufficient character mix" ) );
+ assertTrue( ne.getMessage().contains( "contains portions of username" ) );
+ }
+ }
+
+
+ /**
+ * Tests that passwords with insufficient character mix and that are too
+ * short and that contain substrings of the username are properly rejected.
+ */
+ public void testCharacterMixAndLengthAndContainsUsername()
+ {
+ Attributes attrs = getPersonAttributes( "Bush", "William Bush", "wbush", "bush" );
+ try
+ {
+ users.createSubcontext( "uid=wbush", attrs );
+ fail( "Shouldn't have gotten here." );
+ }
+ catch ( NamingException ne )
+ {
+ assertTrue( ne.getMessage().contains( "length too short" ) );
+ assertTrue( ne.getMessage().contains( "insufficient character mix" ) );
+ assertTrue( ne.getMessage().contains( "contains portions of username" ) );
+ }
+ }
+
+
+ /**
+ * Tear down.
+ */
+ public void tearDown() throws Exception
+ {
+ ctx.close();
+ ctx = null;
+ super.tearDown();
+ }
+
+
+ /**
+ * Convenience method for creating a person.
+ */
+ protected Attributes getPersonAttributes( String sn, String cn, String uid, String userPassword )
+ {
+ Attributes attrs = new AttributesImpl();
+ Attribute ocls = new AttributeImpl( "objectClass" );
+ ocls.add( "top" );
+ ocls.add( "person" ); // sn $ cn
+ ocls.add( "inetOrgPerson" ); // uid
+ attrs.put( ocls );
+ attrs.put( "cn", cn );
+ attrs.put( "sn", sn );
+ attrs.put( "uid", uid );
+ attrs.put( "userPassword", userPassword );
+
+ return attrs;
+ }
+
+
+ /**
+ * Convenience method for creating an organizational unit.
+ */
+ protected Attributes getOrgUnitAttributes( String ou )
+ {
+ Attributes attrs = new AttributesImpl();
+ Attribute ocls = new AttributeImpl( "objectClass" );
+ ocls.add( "top" );
+ ocls.add( "organizationalUnit" );
+ attrs.put( ocls );
+ attrs.put( "ou", ou );
+
+ return attrs;
+ }
+}
diff --git a/server-unit/src/test/java/org/apache/directory/server/SaslGssapiBindITest.java b/server-unit/src/test/java/org/apache/directory/server/SaslGssapiBindITest.java
index 74d94bc..a35ff73 100644
--- a/server-unit/src/test/java/org/apache/directory/server/SaslGssapiBindITest.java
+++ b/server-unit/src/test/java/org/apache/directory/server/SaslGssapiBindITest.java
@@ -23,6 +23,7 @@
import java.security.PrivilegedAction;
import java.util.HashSet;
import java.util.Hashtable;
+import java.util.List;
import java.util.Set;
import javax.naming.Context;
@@ -32,15 +33,16 @@
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.security.auth.Subject;
-import javax.security.auth.kerberos.KerberosKey;
-import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
+import org.apache.directory.server.core.configuration.InterceptorConfiguration;
+import org.apache.directory.server.core.configuration.MutableInterceptorConfiguration;
import org.apache.directory.server.core.configuration.MutablePartitionConfiguration;
import org.apache.directory.server.core.configuration.PartitionConfiguration;
import org.apache.directory.server.kerberos.kdc.KdcConfiguration;
+import org.apache.directory.server.kerberos.shared.interceptors.KeyDerivationService;
import org.apache.directory.server.kerberos.shared.jaas.CallbackHandlerBean;
import org.apache.directory.server.kerberos.shared.jaas.Krb5LoginConfiguration;
import org.apache.directory.server.kerberos.shared.store.KerberosAttribute;
@@ -126,6 +128,14 @@
pcfgs.add( pcfg );
configuration.setPartitionConfigurations( pcfgs );
+ MutableInterceptorConfiguration interceptorCfg = new MutableInterceptorConfiguration();
+ List<InterceptorConfiguration> list = configuration.getInterceptorConfigurations();
+
+ interceptorCfg.setName( KeyDerivationService.NAME );
+ interceptorCfg.setInterceptor( new KeyDerivationService() );
+ list.add( interceptorCfg );
+ configuration.setInterceptorConfigurations( list );
+
doDelete( configuration.getWorkingDirectory() );
port = AvailablePortFinder.getNextAvailable( 1024 );
ldapConfig.setIpPort( port );
@@ -194,15 +204,8 @@
attrs.put( "sn", sn );
attrs.put( "uid", uid );
attrs.put( "userPassword", userPassword );
-
- KerberosPrincipal servicePrincipal = new KerberosPrincipal( principal );
- char[] password = new String( userPassword ).toCharArray();
- KerberosKey serviceKey = new KerberosKey( servicePrincipal, password, "DES" );
-
- attrs.put( KerberosAttribute.PRINCIPAL, servicePrincipal.getName() );
- attrs.put( KerberosAttribute.VERSION, Integer.toString( serviceKey.getVersionNumber() ) );
- attrs.put( KerberosAttribute.KEY, serviceKey.getEncoded() );
- attrs.put( KerberosAttribute.TYPE, Integer.toString( serviceKey.getKeyType() ) );
+ attrs.put( KerberosAttribute.PRINCIPAL, principal );
+ attrs.put( KerberosAttribute.VERSION, "0" );
return attrs;
}
diff --git a/server-unit/src/test/java/org/apache/directory/server/SearchTest.java b/server-unit/src/test/java/org/apache/directory/server/SearchTest.java
index 9940dcc..9e0d481 100644
--- a/server-unit/src/test/java/org/apache/directory/server/SearchTest.java
+++ b/server-unit/src/test/java/org/apache/directory/server/SearchTest.java
@@ -39,6 +39,7 @@
import org.apache.directory.server.core.subtree.SubentryService;
import org.apache.directory.server.unit.AbstractServerTest;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.message.SubentriesControl;
@@ -523,7 +524,7 @@
Attribute objectClass = new AttributeImpl( "objectClass" );
subentry.put( objectClass );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "accessControlSubentry" );
subentry.put( "subtreeSpecification", subtree );
subentry.put( "prescriptiveACI", aciItem );
@@ -888,7 +889,7 @@
Attributes subentry = new AttributesImpl();
Attribute objectClass = new AttributeImpl( "objectClass" );
objectClass.add( "top" );
- objectClass.add( "subentry" );
+ objectClass.add( SchemaConstants.SUBENTRY_OC );
objectClass.add( "collectiveAttributeSubentry" );
subentry.put( objectClass );
subentry.put( "c-l", "Munich" );
diff --git a/src/site/xdoc/docs/users/authorization.xml b/src/site/xdoc/docs/users/authorization.xml
deleted file mode 100644
index 9aa630a..0000000
--- a/src/site/xdoc/docs/users/authorization.xml
+++ /dev/null
@@ -1,232 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="akarasulu">akarasulu</author>
-
- </properties>
- <body>
- <p>
-ApacheDS uses an adaptation of the X.500 basic access control scheme in
-combination with X.500 subentries to control access to entries and attributes
-within the DIT. This document will show you how to enable the basic access
-control mechanism and how to define access control information to manage access
-to protected
-resources.</p>
- <section heading="h2" name="Enabling Basic Access Controls">
- <p>
-By default the access control subsystem is turned off. Once enabled everything
-is tightly locked down. Only the special admin user, '*uid=admin,ou=system*', is
-not affected by permissions. Access to all operations are denied by default
-until enabled using an ACIItem. For this reason enabling basic access controls
-is a configuration
-option.</p>
- <p>
-To turn on the basic access control mechanism you need to set the
-*accessControlEnabled* property in the configuration to true. This can be set
-programatically on the StartupConfiguration or via the
-server.xml.</p>
- </section>
- <section heading="h2" name="Types of ACI (Access Control Information)">
- <p>
-Three different types of ACI exist. All types use the same specification syntax
-for an ACIITem. These types differ in their placement and manner of use within
-the
-directory.</p>
- <subsection heading="h3" name="Entry ACI">
- <p>
-Entry ACI are access controls added to entries to protect that entry
-specifically. Meaning the protoected entry is the entry where the ACI resides.
-When performing an operation on an entry, ApacheDS checks for the presence of
-the multivalued operational attribute, *entryACI*. The values of the entryACI
-attribute contain
-ACIItems.</p>
- <table>
- <tr>
- <td>
- <img src="http://docs.safehaus.org/images/icons/emoticons/warning.png"/>
- </td>
- <td>
- <p>
-There is one exception to the rule of consulting entryACI attributes within
-ApacheDS: add operations do not consult the entryACI within the entry being
-added. This is a security precaution. If allowed users can arbitrarily add
-entries where they wanted by putting entryACI into the new entry being added.
-This could comprimise the
-DSA.</p>
- </td>
- </tr>
- </table>
- </subsection>
- <subsection heading="h3" name="Prescriptive ACI">
- <p>
-Prescriptive ACI are access controls that are applied to a collection of
-entries, not just to a single entry. Collections of entries are defined by the
-subtreeSpecifications of subentries. Hence prescriptive ACI are added to
-subentries as attributes and are applied by ApacheDS to the entries selected by
-the subentry's subtreeSpecification. ApacheDS uses the *prescriptiveACI*
-multivalued operational attribute within subentries to contain ACIItems that
-apply to the entry
-collection.</p>
- <p>
-Prescriptive ACI can save much effort when trying to control access to a
-collection of resources. Prescriptive ACI can even be specified to apply access
-controls to entries that do not yet exist within the DIT. They are a very
-powerful mechanism and for this reason they are the prefered mechanism for
-managing access to protected resources. ApacheDS is optimized specifically for
-managing access to collections of entries rather than point entries
-themselves.</p>
- <p>
-Users should try to avoid entry ACIs whenever possible, and use prescriptive
-ACIs instead. Entry ACIs are more for managing exceptional cases and should not
-be used
-excessively.</p>
- <table>
- <tr>
- <th>
- <img src="http://docs.safehaus.org/images/icons/emoticons/information.png"/>
- </th>
- <th>
- <center>How it works!</center>
- </th>
- </tr>
- <tr>
- <td/>
- <td>
- <p>
-For every type of LDAP operation ApacheDS checks to see if any access control
-subentries include the protected entry in their collection. The set of
-subentries which include the protected entry are discovered very rapidly by the
-subentry subsystem. The subentry subsystem caches subtreeSpecifications for all
-subentries within the server so inclusion checks are
-fast.</p>
- <p>
-For each access control subentry in the set, ApacheDS checks within a
-prescriptive ACI cache for ACI tuples. ApacheDS also caches prescriptive ACI
-information in a special form called ACI tuples. This is done so ACIItem parsing
-and conversion to an optimal representations for evaluation is not required at
-access time. This way access based on prescriptive ACIs is determined very
-rapidly.</p>
- </td>
- </tr>
- </table>
- </subsection>
- <subsection heading="h3" name="Subentry ACI">
- <p>
-Access to subentries also needs to be controlled. Subentries are special in
-ApacheDS. Although they subordinate to an administrative entry (entry of an
-Administrative Point), they are technically considered to be in the same context
-as their administrative entry. ApacheDS considers the perscriptive ACI applied
-to the administrative entry, to also apply to its
-subentries.</p>
- <p>
-This however is not the most intuitive mechanism to use for explicitly
-controlling access to subentries. A more explicit mechanism is used to specify
-ACIs specifically for protecting subentries. ApacheDS uses the multivalued
-operational attribute, *subentryACI*, within administrative entries to control
-access to immediately subordinate
-subentries.</p>
- <p>
-Protection policies for ACIs themselves can be managed within the entry of an
-administrative
-point.</p>
- </subsection>
- </section>
- <section heading="h2" name="Some Simple Examples">
- <p>
-The ACIItem syntax is very expressive and that makes it extremely powerful for
-specifying complex access control policies. However the syntax is not very easy
-to grasp for beginners. For this reason we start with simple examples that focus
-on different protection mechanisms offered by the ACIItem syntax. We do this
-instead of specifying the grammar which is not the best way to learn a
-language.</p>
- <table>
- <tr>
- <th>
- <img src="http://docs.safehaus.org/images/icons/emoticons/forbidden.png"/>
- </th>
- <th>
- <center>Before you go any further...</center>
- </th>
- </tr>
- <tr>
- <td/>
- <td>
- <p>
-Please don't go any further until you have read up on the use
-of
- <a href="./subentries.html">Subentries</a>
-. Knowledge of subentries, subtreeSpecifications, administrative areas, and
-administrative roles are required to properly digest the following
-matterial.
- </p>
- </td>
- </tr>
- </table>
- <p>
-Before going on to these trails you might want to set up an Administrative Area
-for managing access control via prescriptiveACI. Both subentryACI and
-prescriptiveACI require the presence of an Administrative Point entry. For more
-information and code examples
-see
- <a href="./acareas.html">ACAreas</a>
-.
- </p>
- <subsection heading="h3" name="ACI Trails">
- <p>
-Here are some trails that resemble simple HOWTO guides. They're ordered with
-the most pragmatic usage first. We will add to these trails over
-time.</p>
- <table>
- <tr>
- <th>
-Trail</th>
- <th>
-Description</th>
- </tr>
- <tr>
- <td>
- <a href="./enablesearchforallusers.html">EnableSearchForAllUsers</a>
- </td>
- <td>
-Enabling access to browse and read all entries and their attributes by
-authenticated
-users.</td>
- </tr>
- <tr>
- <td>
- <a href="./denysubentryaccess.html">DenySubentryAccess</a>
- </td>
- <td>
-Protecting access to subentries
-themselves.</td>
- </tr>
- <tr>
- <td>
- <a href="./allowselfpasswordmodify.html">AllowSelfPasswordModify</a>
- </td>
- <td>
-Granting users the rights needed to change their own
-passwords.</td>
- </tr>
- <tr>
- <td>
- <a href="./grantadddelmodtogroup.html">GrantAddDelModToGroup</a>
- </td>
- <td>
-Granting add, delete, and modify permissions to a group of
-users.</td>
- </tr>
- <tr>
- <td>
- <a href="./grantmodtoentry.html">GrantModToEntry</a>
- </td>
- <td>
-Applying ACI to a single
-entry.</td>
- </tr>
- </table>
- </subsection>
- </section>
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/collective.xml b/src/site/xdoc/docs/users/collective.xml
deleted file mode 100644
index e83ba18..0000000
--- a/src/site/xdoc/docs/users/collective.xml
+++ /dev/null
@@ -1,239 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="akarasulu">akarasulu</author>
-
- </properties>
- <body>
- <section heading="h2" name="Introduction">
- <p>
-Collective attributes are attributes whose values are shared across a collection
-of entries. It's very common to encounter situations where a bunch of entries
-have the same value for an attribute. Collective attributes for LDAP are defined
-in
- <a href="http://www.faqs.org/rfcs/rfc3671.html">RFC 3671</a>
-. ApacheDS implements this
-RFC.
- </p>
- <subsection heading="h3" name="Use Case">
- <p>
-For example one might organize everyone in an engineering department under an
-ou, 'ou=engineering'. If the engineering team is located in the same area and
-building then several attributes in each user entry within engineering will have
-the same value. An example of such an attribute would be the locale. If
-engineering is located in Sunnyvale CA then all locale attributes of entries
-under 'ou=engineering' would be set to
-Sunnyvale.</p>
- <p>
-Rather than manage the value for this attribute in each entry a single
-collective attribute can be used in a subentry. Changes to the value of this
-attribute would immediately be reflected to those entries selected by the
-subtreeSpecification of subentry. For more information on specifying subtrees
-take
-at
- <a href="./subentries.html">Subentries</a>
-.
- </p>
- </subsection>
- </section>
- <section heading="h2" name="Setting up a Collective Attribute Administration Area (AA)">
- <p>
-To manage collective attributes for a collection of entries you must add
-collective subentries to the Administrative Point (AP) of the collective AA. For
-more information on AAs
-see
- <a href="./subentries.html">Subentries</a>
-. These collective subentries must have the objectClass subentry as well as
-collectiveAttributeSubentry. Also the AP, of the AA, must have an
-administrativeRole value of collectiveAttributeSpecificArea (2.5.23.5) or
-collectiveAttributeInnerArea
-(2.5.23.6).
- </p>
- <subsection heading="h3" name="Example">
- <p>
-For the use case above we can presume a partition at the namingContext
-'dc=example,dc=com' with an 'ou=engineering' entry below containing users from
-the engineering team in Sunnyvale. Let's presume no AA has yet been defined so
-we have to create one. We'll set the partition root 'dc=example,dc=com' as the
-AP of an AA that spans the entire subtree. For this simple example the AA will
-be autonomous for the collective aspect. Setting this up is just a matter of
-modifying the 'dc=example,dc=com' entry so it contains the operational attribute
-administrativeRole with the value collectiveAttributeSpecificArea. The code
-below sets up this AAA for collective attribute
-administration.</p>
- <source> // Get a DirContext on the dc=example,dc=com entry
- Hashtable env = new Hashtable();
- env.put( "java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory" );
- env.put( "java.naming.provider.url", "ldap://localhost:" + port + "/dc=example,dc=com" );
- env.put( "java.naming.security.principal", "uid=admin,ou=system" );
- env.put( "java.naming.security.credentials", "secret" );
- env.put( "java.naming.security.authentication", "simple" );
- ctx = new InitialDirContext( env );
-
- // Modify the entry to make it an AAA for collective attribute administration
- Attributes mods = new BasicAttributes( "administrativeRole", "collectiveAttributeSpecificArea", true );
- ctx.modifyAttributes( "", DirContext.ADD_ATTRIBUTE, mods );
-</source>
- <p>
-Now 'dc=example,dc=com' is the AP for a collective attribute AAA that spans the
-entire subtree under and including it down to every leaf entry. All that remains
-is the addition of the subentry with the collective attributes we want included
-in the entries of all engineering users. Here's what the LDIF would look like
-for this subentry given that its commonName is
-'engineeringLocale'.</p>
- <source>dn: cn=engineeringLocale,dc=example,dc=com
-objectClass: top
-objectClass: subentry
-objectClass: collectiveAttributeSubentry
-cn: engineeringLocale
-c-l: Sunnyvale
-subtreeSpecification: {base "ou=engineering", minimum 4}
-</source>
- <p>
-A couple points regarding this subentry's
-LDIF:</p>
- <ol nesting="0">
- <li>
-It subordinates to the AP
-('dc=example,dc=com')</li>
- <li>
-It contains the objectClasses: subentry and
-collectiveAttributeSubentry</li>
- <li>
-It contains the collective version of locale (l):
-c-l</li>
- <li>
-Its subtreeSpecification excludes entries whose number of DN name components is
-is less than
-4</li>
- </ol>
- <p>
-Note that the minimum value of 4 is used in the subtreeSpecification to make
-sure that the entry 'ou=engineering,dc=example,dc=com' does not have c-l:
-Sunnyvale added to it. It's got 3 components to the DN so minimum 4 chops it out
-of the
-collection.</p>
- </subsection>
- </section>
- <section heading="h2" name="Collective Attribute Types">
- <p>
-As one can see from the example above, special collective attributes are used
-for regular attributes: c-l for l. These attributes are derived from the
-original attribute and are marked as COLLECTIVE. RFC 3671 defines a bunch of
-these which are listed below. If you don't find what you're looking for just add
-it to your own schema using this
-pattern.</p>
- <p>
-We have included this list from RFC 3671 into the collective.schema which comes
-standard with
-ApacheDS.</p>
- <source>3.1. Collective Locality Name
-
- The c-l attribute type specifies a locality name for a collection of
- entries.
-
- ( 2.5.4.7.1 NAME 'c-l'
- SUP l COLLECTIVE )
-
-3.2. Collective State or Province Name
-
- The c-st attribute type specifies a state or province name for a
- collection of entries.
-
- ( 2.5.4.8.1 NAME 'c-st'
- SUP st COLLECTIVE )
-
-3.3. Collective Street Address
-
- The c-street attribute type specifies a street address for a
- collection of entries.
-
- ( 2.5.4.9.1 NAME 'c-street'
- SUP street COLLECTIVE )
-
-3.4. Collective Organization Name
-
- The c-o attribute type specifies an organization name for a
- collection of entries.
-
- ( 2.5.4.10.1 NAME 'c-o'
- SUP o COLLECTIVE )
-
-3.5. Collective Organizational Unit Name
-
- The c-ou attribute type specifies an organizational unit name for a
- collection of entries.
-
- ( 2.5.4.11.1 NAME 'c-ou'
- SUP ou COLLECTIVE )
-
-3.6. Collective Postal Address
-
- The c-PostalAddress attribute type specifies a postal address for a
- collection of entries.
-
- ( 2.5.4.16.1 NAME 'c-PostalAddress'
- SUP postalAddress COLLECTIVE )
-
-3.7. Collective Postal Code
-
- The c-PostalCode attribute type specifies a postal code for a
- collection of entries.
-
- ( 2.5.4.17.1 NAME 'c-PostalCode'
- SUP postalCode COLLECTIVE )
-
-3.8. Collective Post Office Box
-
- The c-PostOfficeBox attribute type specifies a post office box for a
- collection of entries.
-
- ( 2.5.4.18.1 NAME 'c-PostOfficeBox'
- SUP postOfficeBox COLLECTIVE )
-
-3.9. Collective Physical Delivery Office Name
-
- The c-PhysicalDeliveryOfficeName attribute type specifies a physical
- delivery office name for a collection of entries.
-
- ( 2.5.4.19.1 NAME 'c-PhysicalDeliveryOfficeName'
- SUP physicalDeliveryOfficeName COLLECTIVE )
-
-3.10. Collective Telephone Number
-
- The c-TelephoneNumber attribute type specifies a telephone number for
- a collection of entries.
-
- ( 2.5.4.20.1 NAME 'c-TelephoneNumber'
- SUP telephoneNumber COLLECTIVE )
-
-3.11. Collective Telex Number
-
- The c-TelexNumber attribute type specifies a telex number for a
- collection of entries.
-
- ( 2.5.4.21.1 NAME 'c-TelexNumber'
- SUP telexNumber COLLECTIVE )
-
-3.13. Collective Facsimile Telephone Number
-
- The c-FacsimileTelephoneNumber attribute type specifies a facsimile
- telephone number for a collection of entries.
-
- ( 2.5.4.23.1 NAME 'c-FacsimileTelephoneNumber'
-
- SUP facsimileTelephoneNumber COLLECTIVE )
-
-3.14. Collective International ISDN Number
-
- The c-InternationalISDNNumber attribute type specifies an
- international ISDN number for a collection of entries.
-
- ( 2.5.4.25.1 NAME 'c-InternationalISDNNumber'
- SUP internationalISDNNumber COLLECTIVE )
-
-</source>
- </section>
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/configuration.xml b/src/site/xdoc/docs/users/configuration.xml
deleted file mode 100644
index 28a56ce..0000000
--- a/src/site/xdoc/docs/users/configuration.xml
+++ /dev/null
@@ -1,258 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="trustin">trustin</author>
-
- </properties>
- <body>
- <p>
-The Apache Directory team introduced new configuration interface of ApacheDS
-from the version 0.9.1. This page introduces
-it.</p>
- <section heading="h1" name="The Configuration API">
- <p>
-ApacheDS provides its configuration API in the
-org.apache.ldap.server.configuration package. This package contains concrete
-configuration instruction classes that you can instantiate and specify in your
-JNDI environment variable. To put your configuration instruction class into the
-JNDI environment
-variable:</p>
- <source>Properties env = new Properties();
-env.setProperty( Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName() );
-...
-
-// Create a configuration instruction.
-Configuration cfg = new MutableStartupConfiguration();
-...
-
-// Put the configuration instruction to the environment variable.
-env.putAll( cfg.toJndiEnvironment() );
-
-// Execute the instruction you've specified.
-new InitialContext( env );
-</source>
- <p>
-Now let's find out what kind of instruction you can give to
-ApacheDS.</p>
- <subsection heading="h2" name="StartupConfiguration">
- <p>
-This instruction starts up the ApacheDS if it is not started. Here's the list of
-known
-properties:</p>
- <ul nesting="1">
- <li>
-authenticatorConfigurations - a collection of AuthenticatorConfigurations.
-AuthenticatorConfiguration specifies Authenticators that authenticate a user who
-accesses the ApacheDS DIT. (Default: <all default
-authenticators>)</li>
- <li>
-bootstrapSchemas - a set of BootstrapSchemas which are loaded at the first time
-ApacheDS starts up (Default: <all default
-schemas>)</li>
- <li>
-contextPartitionConfigurations - A collection of ContextPartitionConfigurations.
-ContextPartitionConfiguration specified ContextPartitions that consist the
-ApacheDS DIT. (Default: no context partitions except system
-partition)</li>
- <li>
-accessControl - Set to true if you want to enable access control support of the
-ApacheDS. (Default:
-false)</li>
- <li>
-allowAnonymousAccess - Set to true if you want to enable anonymous access.
-(Default:
-true)</li>
- <li>
-interceptorConfigurations - a list of InterceptorConfigurations which will
-configure the initial interceptor chain of the ApacheDS (Default: <all default
-interceptors>)</li>
- <li>
-testEntries - a list of javax.naming.directory.Attributes which will be added to
-the DIT while the ApacheDS is started up (Default: no test
-entries)</li>
- <li>
-workingDirectory - a working directory the content of DIT will be stored to
-(Default:
-./server-work/)</li>
- </ul>
- <p>
-You don't need to specify any properties because all properties have the
-default. Please use MutableStartupConfiguration to modify any properties
-above.</p>
- </subsection>
- <subsection heading="h2" name="ShutdownConfiguration">
- <p>
-This instruction shuts down the ApacheDS if it is not already shut down. There's
-no property to
-configure.</p>
- </subsection>
- <subsection heading="h2" name="SyncConfiguration">
- <p>
-This instruction flushes out any I/O buffer or write cache. There's no property
-to
-configure.</p>
- </subsection>
- <subsection heading="h2" name="AddContextPartitionConfiguration">
- <p>
-This instruction adds a new context partition on-the-fly while the ApacheDS is
-running. There is only one property, 'contextPartitionConfiguration'. You can
-specify an appropriate ContextPartitionConfiguration to plug a context partition
-into the
-ApacheDS.</p>
- </subsection>
- <subsection heading="h2" name="RemoveContextPartitionConfiguration">
- <p>
-This instruction removes an existing context partition on-the-fly while the
-ApacheDS is running. There is only one property, 'suffix'. You can specify the
-suffix of the partition you want to remove from the
-ApacheDS.</p>
- </subsection>
- <subsection heading="h2" name="Running and Choosing Multiple Instances">
- <p>
-You can run multiple instances of ApacheDS by specifying {{instanceId}} to all
-Configuration instructions. InstanceId can be specified as a constructor
-parameter. Please take a look at the API documentation (JavaDoc) for more
-details.</p>
- <source>// Create a configuration instruction that affects an ApacheDS instance 'instance4'.
-Configuration cfg = new MutableStartupConfiguration( "instance4" );
-...
-
-// Put the configuration instruction to the environment variable.
-env.putAll( cfg.toJndiEnvironment() );
-
-// Execute the instruction you've specified for an ApacheDS instance 'instance4'.
-new InitialContext( env );
-</source>
- </subsection>
- </section>
- <section heading="h1" name="Using Spring Framework">
- <p>
-The configuration API is designed to fit tightly
-with
- <a href="http://www.springframework.org/">Spring Framework</a>
-. Here is an example beans xml
-file:
- </p>
- <source><?xml version="1.0" encoding="UTF-8"?>
-
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
- "http://www.springframework.org/dtd/spring-beans.dtd">
-
-<beans>
- <!-- JNDI environment variable -->
- <bean id="environment" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
- <property name="properties">
- <props>
- <prop key="asn.1.berlib.provider">org.apache.ldap.common.berlib.asn1.SnickersProvider</prop>
- <!--prop key="asn.1.berlib.provider">org.apache.ldap.common.TwixProvider</prop-->
- <prop key="java.naming.security.authentication">simple</prop>
- <prop key="java.naming.security.principal">uid=admin,ou=system</prop>
- <prop key="java.naming.security.credentials">secret</prop>
- <prop key="java.naming.ldap.attributes.binary">
- photo personalSignature audio jpegPhoto javaSerializedData userPassword
- userCertificate cACertificate authorityRevocationList certificateRevocationList
- crossCertificatePair x500UniqueIdentifier krb5Key
- </prop>
- </props>
- </property>
- </bean>
-
- <!-- StartupConfiguration to start ApacheDS -->
- <bean id="configuration" class="org.apache.ldap.server.configuration.MutableServerStartupConfiguration">
- <property name="workingDirectory"><value>apache.org</value></property>
- <property name="allowAnonymousAccess"><value>false</value></property>
- <property name="accessControlEnabled"><value>false</value></property>
- <property name="ldapPort"><value>10389</value></property>
- <property name="contextPartitionConfigurations">
- <set>
- <ref bean="apachePartitionConfiguration"/>
- </set>
- </property>
-
- <!-- Bootstrap schemas -->
- <property name="bootstrapSchemas">
- <set>
- <bean class="org.apache.ldap.server.schema.bootstrap.AutofsSchema"/>
- <bean class="org.apache.ldap.server.schema.bootstrap.CorbaSchema"/>
- <bean class="org.apache.ldap.server.schema.bootstrap.CoreSchema"/>
-
- ......
-
- </set>
- </property>
-
- <!-- Interceptor configurations -->
- <property name="interceptorConfigurations">
- <list>
- <bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
- <property name="name"><value>normalizationService</value></property>
- <property name="interceptor">
- <bean class="org.apache.ldap.server.normalization.NormalizationService" />
- </property>
- </bean>
- <bean class="org.apache.ldap.server.configuration.MutableInterceptorConfiguration">
- <property name="name"><value>authenticationService</value></property>
- <property name="interceptor">
- <bean class="org.apache.ldap.server.authn.AuthenticationService" />
- </property>
- </bean>
-
- ......
-
- </list>
- </property>
- </bean>
-
- <!-- Additional ContextPartitionConfiguration -->
- <bean id="apachePartitionConfiguration" class="org.apache.ldap.server.configuration.MutableContextPartitionConfiguration">
- <property name="name"><value>apache</value></property>
- <property name="suffix"><value>dc=apache,dc=org</value></property>
- <property name="indexedAttributes">
- <set>
- <value>objectClass</value>
- <value>ou</value>
- <value>uid</value>
- </set>
- </property>
- <property name="contextEntry">
- <value>
- objectClass: top
- objectClass: domain
- objectClass: extensibleObject
- dc: apache
- </value>
- </property>
- </bean>
-
- <!-- Custom editors required to launch ApacheDS -->
- <bean class="org.springframework.beans.factory.config.CustomEditorConfigurer">
- <property name="customEditors">
- <map>
- <entry key="javax.naming.directory.Attributes">
- <bean class="org.apache.ldap.server.configuration.AttributesPropertyEditor"/>
- </entry>
- </map>
- </property>
- </bean>
-</beans>
-</source>
- <p>
-With the XML file above, you can start up the ApacheDS with this
-code:</p>
- <source>Properties env;
-ServerStartupConfiguration cfg;
-
-ApplicationContext factory = new FileSystemXmlApplicationContext( args[0] );
-cfg = ( StartupConfiguration ) factory.getBean( "configuration" );
-env = ( Properties ) factory.getBean( "environment" );
-
-env.setProperty( Context.PROVIDER_URL, "" );
-env.setProperty( Context.INITIAL_CONTEXT_FACTORY, CoreContextFactory.class.getName() );
-env.putAll( cfg.toJndiEnvironment() );
-
-new InitialDirContext( env );
-</source>
- </section>
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/denysubentryaccess.xml b/src/site/xdoc/docs/users/denysubentryaccess.xml
deleted file mode 100644
index 4d89020..0000000
--- a/src/site/xdoc/docs/users/denysubentryaccess.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="akarasulu">akarasulu</author>
-
- </properties>
- <body>
- <section heading="h1" name="Coming soon ..."/>
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/deploying.xml b/src/site/xdoc/docs/users/deploying.xml
deleted file mode 100644
index b0ecaba..0000000
--- a/src/site/xdoc/docs/users/deploying.xml
+++ /dev/null
@@ -1,30 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<document>
- <properties>
- <author email="akarasulu@apache.org">Alex Karasulu</author>
-
- </properties>
-
- <body>
- <section name="TODO">
- <ul>
- <li>
- Figure out what deployment will take but this is way out there.
- </li>
-
- <li>
- Perhaps there will be some deployment tools we can build to help
- configure server components as the server is deployed along with
- an installer.
- </li>
- </ul>
- </section>
-
- <section name="Deploying the Server">
- <p>
- Coming later ...
- </p>
- </section>
-
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/grantadddelmodtogroup.xml b/src/site/xdoc/docs/users/grantadddelmodtogroup.xml
deleted file mode 100644
index 4d89020..0000000
--- a/src/site/xdoc/docs/users/grantadddelmodtogroup.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="akarasulu">akarasulu</author>
-
- </properties>
- <body>
- <section heading="h1" name="Coming soon ..."/>
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/grantmodtoentry.xml b/src/site/xdoc/docs/users/grantmodtoentry.xml
deleted file mode 100644
index 4d89020..0000000
--- a/src/site/xdoc/docs/users/grantmodtoentry.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="akarasulu">akarasulu</author>
-
- </properties>
- <body>
- <section heading="h1" name="Coming soon ..."/>
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/index.xml b/src/site/xdoc/docs/users/index.xml
deleted file mode 100644
index 864f5a5..0000000
--- a/src/site/xdoc/docs/users/index.xml
+++ /dev/null
@@ -1,92 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="akarasulu">akarasulu</author>
-
- </properties>
- <body>
- <section heading="h1" name="User's Guide">
- <p>
-This is a simple guide to various ApacheDS features to help users get going.
-It's be no means
-extensive.</p>
- <table>
- <tr>
- <th>
-Topic</th>
- <th>
-Description</th>
- </tr>
- <tr>
- <td>
- <a href="./building.html">Building</a>
- </td>
- <td>
-How to build the directory server from the
-repository.</td>
- </tr>
- <tr>
- <td>
- <a href="./authentication.html">Authentication</a>
- </td>
- <td>
-How to bind to the server and setup custom
-authenticators.</td>
- </tr>
- <tr>
- <td>
- <a href="./authorization.html">Authorization</a>
- </td>
- <td>
-How to enable basic access controls and what you get without
-them.</td>
- </tr>
- <tr>
- <td>
- <a href="./subentries.html">Subentries</a>
-and the Administrative
-Model
- </td>
- <td>
-What they are and how to specify their scope via
-subtreeSpecifications.</td>
- </tr>
- <tr>
- <td>
- <a href="./collective.html">Collective</a>
-Attributes
- </td>
- <td>
-How to use collective
-attributes.</td>
- </tr>
- <tr>
- <td>
- <a href="./configuration.html">Configuration</a>
- </td>
- <td>
-How to configure and control the
-server.</td>
- </tr>
- <tr>
- <td>
- <a href="./partitions.html">Partitions</a>
- </td>
- <td>
-How to add new partitions besides the system
-partition.</td>
- </tr>
- <tr>
- <td>
-Maven
- <a href="./plugin.html">Plugin</a>
- </td>
- <td>
-How to use the plugin to extends the
-schema.</td>
- </tr>
- </table>
- </section>
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/partitions.xml b/src/site/xdoc/docs/users/partitions.xml
deleted file mode 100644
index 1f9aeb2..0000000
--- a/src/site/xdoc/docs/users/partitions.xml
+++ /dev/null
@@ -1,157 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="akarasulu">akarasulu</author>
- <title>ApacheDS - Partitions</title>
- </properties>
- <body>
- <section heading="h1" name="Introduction">
- <p>
-Partitions are entry stores assigned to a naming context. The idea behind a
-partition is that it stores a subset of the Directory Information Base (DIB).
-Partitions can be implemented in any way so long as they adhere to
-interfaces.</p>
- <subsection heading="h2" name="Status">
- <p>
-Presently the server has a single partition implementation. This implementation
-is used for both the system partition and user partitions. It
-uses
- <a href="http://jdbm.sourceforge.net/">JDBM</a>
-as the underlying B+Tree implementation for storing
-entries.
- </p>
- <p>
-Other implementations are possible like in memory based partitions either BTree
-based or based on something
-like
- <a href="http://www.prevayler.org/wiki.jsp">Prevayler</a>
-.
- </p>
- <p>
-Partitions have simple interfaces that can be used to align any data source to
-the LDAP data model thereby accessing it via JNDI or via LDAP over the wire.
-This makes the server very flexible as a bridge to standardize access to
-disparate data sources and formats. Dynamic mapping based backends are also
-interesting.</p>
- </subsection>
- <subsection heading="h2" name="System Partitions">
- <p>
-The system partition is a very special partition that is hardcoded to hang off
-of the *ou=system* naming context. It is always present and contains
-administrative and operational informations needed by the server to operate.
-Hence its
-name.</p>
- <p>
-The server's subsystems will use this partition to store informations critical
-to its
-operation.</p>
- </subsection>
- <subsection heading="h2" name="Root Nexus">
- <p>
-Several partitions can be assigned to different naming contexts within the
-server so long as their names do not overlap such that one partition's naming
-context is contained within another's. The root nexus is a fake partition that
-does not really store entries. It maps other entry storing partitions to naming
-contexts and routes backing store calls to the partition containing the entry
-associated with the
-operation.</p>
- </subsection>
- <subsection heading="h2" name="User Partitions">
- <p>
-User partitions are partitions added by users. When you download and start using
-the server you may want to create a separate partition to store the entries of
-your application. To us user (sometimes also referred to as application)
-partitions are those that are not the system partition! In the following section
-we describe how a user partition can be created in the
-server.</p>
- </subsection>
- </section>
- <section heading="h1" name="Adding User Partitions">
- <p>
-Adding new application partitions to the server is a matter of adding
-DirectoryPartitionConfiguration objects to the StartupConfigration added to the
-JNDI environment. These properties are used in both standalone and in embedded
-configurations. You'll see how to configure partitions by example using xml
-configuration files with the standalone application and programatically for
-embedding.</p>
- <p>
-Until this section is filled with more specific examples just geared towards the
-configuration of partitions please
-see
- <a href="./configuration.html">Configuration</a>
-.
- </p>
- </section>
- <section heading="h1" name="Future">
- <p>
-Things we'd like to do with the existing partitioning scheme and
-beyond.</p>
- <subsection heading="h2" name="Partition Nesting">
- <p>
-Today we have some limitations to the way we can partition the DIB. Namely we
-can't have a partition within a partition and sometimes this makes sense.
-Eventually we intend to enable this kind of functionality using a special type
-of nexus which is both a router and a backing store for entries. It's smart
-enough to know what to route verses when to use its own database. Here's
-a
- <a href="http://issues.apache.org/jira/browse/DIREVE-23">JIRA improvement</a>
-specifically aimed at achieving this
-goal.
- </p>
- </subsection>
- <subsection heading="h2" name="Partition Implementations">
- <p>
-Obviously we want as many different kinds of partitions as possible. Some really
-cool ideas have floated around out there for a while. Here's a list of
-theoretically possible partition types that might be useful or just
-cool:</p>
- <ul nesting="1">
- <li>
-Partitions that use JDBC to store entries. These would probably be way too slow.
-However they might be useful if some mapping were to be used to represent an
-existing application's database schema as an LDAP DIT. This would allow us to
-expose any database data via LDAP. Great for
-virtualization.</li>
- <li>
-Partitions using other LDAP servers to store their entries. Why do this when
-introducing latency? Perhaps you want to proxy other servers or make other
-servers behave like the personality of another server all
-together.</li>
- <li>
-A partition that serves out the Windows registry via LDAP. A standard mechanism
-to map the Windows registry to an LDAP DIT is pretty simple. This would be a
-neat way to expose client machine registry
-management.</li>
- <li>
-A partition based on an in-memory BTree implementation. This would be fast and
-really cool for storing things like schema info. It would also be cool for
-staging data between memory and
-disk.</li>
- <li>
-A partition based
-on
- <a href="http://www.prevayler.org/wiki.jsp">Prevayler</a>
-. This is like an in-memory partition but you can save it at the end of the day.
-This might be really useful especially for things the system partition which
-almost always need to be in memory. The system partition can do this by using
-really large caches equal to the number of entries in the system
-partition.
- </li>
- </ul>
- </subsection>
- <subsection heading="h2" name="Partitioning Entries Under a Single Context">
- <p>
-Other aspirations include entry partitioning within a container context. Imagine
-having 250 million entries under '*ou=citizens,dc=census,dc=gov*'. You don't
-want all 250 million in one partition but would like to subpartition these
-entries under the same context based on some attribute. Basically we will be
-using the attribute's value to implement subpartitioning where within a single
-context we are partitioning entries. The value is used to hash entries across
-buckets (the buckets are other partitions). Yes, this is a bit on the heavy duty
-end but it would be useful in several
-situations.</p>
- </subsection>
- </section>
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/plugin.xml b/src/site/xdoc/docs/users/plugin.xml
deleted file mode 100644
index bb0c2e0..0000000
--- a/src/site/xdoc/docs/users/plugin.xml
+++ /dev/null
@@ -1,267 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="akarasulu">akarasulu</author>
-
- </properties>
- <body>
- <section heading="h1" name="Maven Directory Plugin">
- <p>
-Currently the primary function of the plugin is to generate server class files
-for OpenLDAP schemas. These class files contain hard coded schema objects
-representing those found in the OpenLDAP files. Why bother you may ask? There
-are a few reasons for
-this:</p>
- <ol nesting="0">
- <li>
-Compiled hard coded files load into the server really fast in
-theory.</li>
- <li>
-Published schemas never really change so why do they need to be in a human
-readable
-form?</li>
- <li>
-Eventually, schema changes made through LDAP will be preserved through
-restarts.</li>
- <li>
-Extra code generation phase is not that hard with a plugin
-tool.</li>
- <li>
-Schema verification can occur before deploying schemas into the
-server.</li>
- <li>
-This was really easy for now but if people don't like it we can change
-it.</li>
- </ol>
- <subsection heading="h2" name="Properties">
- <table>
- <tr>
- <th>
-Property</th>
- <th>
-Optional?</th>
- <th>
-Description</th>
- </tr>
- <tr>
- <td>
-maven.ldap.server.schema.target.dir</td>
- <td>
-Yes</td>
- <td>
-Default value is
-target/schema</td>
- </tr>
- <tr>
- <td>
-maven.ldap.server.schema.ownerDefault</td>
- <td>
-Yes</td>
- <td>
-Default value is
-uid=admin,ou=system.</td>
- </tr>
- <tr>
- <td>
-maven.ldap.server.schema.dir</td>
- <td>
-Yes</td>
- <td>
-Default value is
-src/schema.</td>
- </tr>
- <tr>
- <td>
-maven.ldap.server.schema.packageDefault</td>
- <td>
-Yes</td>
- <td>
-Default value is
-org.apache.ldap.server.schema.bootstrap.</td>
- </tr>
- </table>
- </subsection>
- <subsection heading="h2" name="Goals">
- <table>
- <tr>
- <th>
-Goal</th>
- <th>
-Description</th>
- </tr>
- <tr>
- <td>
-directory:generate</td>
- <td>
-Generates class files for OpenLDAP
-schemas.</td>
- </tr>
- <tr>
- <td>
-directory:init</td>
- <td>
-Finds the required parameters needed for the goals of the
-plugin.</td>
- </tr>
- <tr>
- <td>
-directory:prepare-filesystem</td>
- <td>
-Creates source output directories used to deposite schema files that are
-generated.</td>
- </tr>
- <tr>
- <td>
-directory:schema</td>
- <td>
-Top level schema generating function that uses other goals to coordinate
-generation.</td>
- </tr>
- </table>
- <p>
-Take a look at how we integrate this into the directory server
-build
- <a href="http://svn.apache.org/viewcvs.cgi/directory/apacheds/trunk/core/">here</a>
-.
- </p>
- </subsection>
- </section>
- <section heading="h1" name="How to Integrate Plugin Into Your Own Projects">
- <p>
-You want to use the plugin to generate classes for your own schema. Here's a
-step wise process you can follow to do that using
-maven:</p>
- <ol nesting="0">
- <li>
-Place your schema files (i.e. *foo.schema*) with the schema extension into
-$\{basedir\}/src/main/schema. If you opt to store it in another location you
-must override the maven.ldap.server.schema.dir property in your
-project.properties file. For each schema file add the file base name to the
-maven.ldap.server.schemas property which is a space separated
-list.</li>
- <li>
-The plugin will by default generate java files within the
-$\{basedir\}/target/schema directory. If you would like to generate code
-elsewhere you must override the maven.ldap.server.schema.target.dir property in
-your project.properties
-file.</li>
- <li>
-By default the plugin generates code in a server schema package:
-org.apache.ldap.server.schema.bootstrap. If you want generated code for a schema
-to be put into a package other than this, then you're going to need to set the
-package property for the schema. The package property key is composed of the
-following base, maven.ldap.server.schema.package. with the name of the schema
-(without the extension) appended to it. So for schema file foo.schema the
-following property key would be used: maven.ldap.server.schema.package.foo where
-foo is the schema
-name.</li>
- <li>
-Using the same pattern above for all schema specific properties you can set
-other per schema properties as well. One of these properties is the dependency
-list for a schema. Schemas can obviously depend on others. The schema dependency
-list is a comma separated list of other schema names. These schemas need not be
-present in your project to generate the code for your schema. The dependent
-schema classes must however be present within the server at start up time in
-order to load and use your schema. At the end we list the default schemas
-already packaged into the server's jar. You can use any one of these schemas as
-dependencies needed by your schema and not worry about their presence. The
-property key base for the schema dependency list is
-maven.ldap.server.schema.deps. and for a foo.schema file the full key would be
-maven.ldap.server.schema.deps.foo</li>
- <li>
-Each schema has an owner associated with it. If you want the owner to be
-anything other than the server's super user you may want to set the owner
-property for the schema in your project.properties file. The property key base
-for the schema is maven.ldap.server.schema.owner. so don't forget to append the
-schema name to
-it.</li>
- </ol>
- <p>
-Once setup you can invoke maven to generate the schema sources like
-so:</p>
- <source>[akarasulu@newton dib]$ maven directory:schema
- __ __
-| \/ |__ _Apache__ ___
-| |\/| / _` \ V / -_) ' \ ~ intelligent projects ~
-|_| |_\__,_|\_/\___|_||_| v. 1.0.2
-
-Attempting to download ldap-common-0.8.0-SNAPSHOT.jar.
-Attempting to download apacheds-shared-0.8.0-SNAPSHOT.jar.
-Attempting to download apacheds-protocol-0.8.0-SNAPSHOT.jar.
-Attempting to download snickers-codec-0.2.0-SNAPSHOT.jar.
-Attempting to download ldap-snickers-provider-0.8.0-SNAPSHOT.jar.
-Attempting to download snickers-ber-0.2.0-SNAPSHOT.jar.
-Attempting to download seda-0.2.0-SNAPSHOT.jar.
-Attempting to download maven-directory-plugin-0.8.0-SNAPSHOT.jar.
-Attempting to download ldap-common-0.8.0-SNAPSHOT.jar.
-Attempting to download apacheds-shared-0.8.0-SNAPSHOT.jar.
-build:start:
-
-directory:schema:
-directory:init:
-
-directory:prepare-filesystem:
-
-directory:generate:
- [echo] Generated schema producer classes for autofs.schema
- [echo] Generated schema producer classes for core.schema
- [echo] Generated schema producer classes for cosine.schema
- [echo] Generated schema producer classes for corba.schema
- [echo] Generated schema producer classes for eve.schema
- [echo] Generated schema producer classes for inetorgperson.schema
- [echo] Generated schema producer classes for java.schema
- [echo] Generated schema producer classes for krb5kdc.schema
- [echo] Generated schema producer classes for nis.schema
- [echo] Generated schema producer classes for system.schema
- [echo] Generated schema producer classes for scheduleworld.schema
- [touch] Creating /home/akarasulu/projects/directory/server/trunk/core/target/schema/.flagfile
-BUILD SUCCESSFUL
-Total time: 28 seconds
-Finished at: Tue Dec 14 15:26:26 EST 2004
-</source>
- <p>
-The example above is from the server's core project. If you would like to look
-at how to use this plugin best the server
-core
- <a href="http://svn.apache.org/viewcvs.cgi/directory/apacheds/trunk/core/project.properties?rev=125094&view=auto">project.properties</a>
-file here is perhaps the best place to look. Also from the output above you can
-see the schema files that are used and packaged into the server by default. This
-may however change in the future to restrict the
-set.
- </p>
- <p>
-WARNING: As a last bit of advice make note that the plugin may be sensitive to
-case for keywords in the OpenLDAP file. For example the prefix before an
-objectClass or an attributeType must be in all lowercase. However words like
-MUST, and MAY and SUP should all be in uppercase. So if plugin bombs just check
-out where this happens and play with the case. Another thing to watch out for is
-the order of terms. This we follow the RFC for which is pretty much the same as
-the OpenLDAP format minus the objectclass and attributetype prefixes to the
-descriptions. We figure the OpenLDAP parser is less complex if the prefixes are
-there (where the parser is told if the description is an objectclass or
-attributetype and does not have to figure this out). However I have encountered
-schemas whose formats do not comply with standards in with respect to the order
-of description fields and had to edit the files. This issue did not occur when
-the files were from the OpenLDAP Foundation which means they do it right but
-overlook schema objects that are not correctly
-formated.</p>
- </section>
- <section heading="h1" name="Functionality for the Future">
- <ul nesting="1">
- <li>
-Compile triggers and install them into the
-server.</li>
- <li>
-Compile and load stored
-procedures.</li>
- <li>
-Test stored procedures and
-triggers.</li>
- <li>
-Generate JNDI Object and State factories from
-schemas.</li>
- </ul>
- </section>
- </body>
-</document>
diff --git a/src/site/xdoc/docs/users/userpermissions.xml b/src/site/xdoc/docs/users/userpermissions.xml
deleted file mode 100644
index 4d89020..0000000
--- a/src/site/xdoc/docs/users/userpermissions.xml
+++ /dev/null
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<document>
- <properties>
- <author email="akarasulu">akarasulu</author>
-
- </properties>
- <body>
- <section heading="h1" name="Coming soon ..."/>
- </body>
-</document>
diff --git a/utils/pom.xml b/utils/pom.xml
index ba06bcd..97c1a08 100644
--- a/utils/pom.xml
+++ b/utils/pom.xml
@@ -4,7 +4,7 @@
<parent>
<groupId>org.apache.directory.server</groupId>
<artifactId>build</artifactId>
- <version>1.5.0-SNAPSHOT</version>
+ <version>1.5.1-SNAPSHOT</version>
</parent>
<artifactId>apacheds-utils</artifactId>
<name>ApacheDS Utils</name>
diff --git a/utils/src/main/java/org/apache/directory/server/utils/AttributesFactory.java b/utils/src/main/java/org/apache/directory/server/utils/AttributesFactory.java
index 4e4e1b7..688135d 100644
--- a/utils/src/main/java/org/apache/directory/server/utils/AttributesFactory.java
+++ b/utils/src/main/java/org/apache/directory/server/utils/AttributesFactory.java
@@ -29,6 +29,7 @@
import org.apache.directory.server.constants.MetaSchemaConstants;
import org.apache.directory.server.constants.SystemSchemaConstants;
import org.apache.directory.server.schema.bootstrap.Schema;
+import org.apache.directory.shared.ldap.constants.SchemaConstants;
import org.apache.directory.shared.ldap.message.AttributeImpl;
import org.apache.directory.shared.ldap.message.AttributesImpl;
import org.apache.directory.shared.ldap.schema.AttributeType;
@@ -95,11 +96,11 @@
public Attributes getAttributes( Schema schema )
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_SCHEMA_OC );
- entry.put( SystemSchemaConstants.CN_AT, schema.getSchemaName() );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_SCHEMA_OC );
+ entry.put( SchemaConstants.CN_AT, schema.getSchemaName() );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
if ( schema.isDisabled() )
{
@@ -123,23 +124,23 @@
public Attributes getAttributes( SyntaxChecker syntaxChecker, Schema schema )
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_SYNTAX_CHECKER_OC );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_SYNTAX_CHECKER_OC );
entry.put( MetaSchemaConstants.M_OID_AT, syntaxChecker.getSyntaxOid() );
entry.put( MetaSchemaConstants.M_FQCN_AT, syntaxChecker.getClass().getName() );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
return entry;
}
public Attributes getAttributes( Syntax syntax, Schema schema )
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_SYNTAX_OC );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_SYNTAX_OC );
entry.put( MetaSchemaConstants.X_HUMAN_READIBLE_AT, getBoolean( syntax.isHumanReadible() ) );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
injectCommon( syntax, entry );
return entry;
}
@@ -147,24 +148,24 @@
public Attributes getAttributes( String oid, Normalizer normalizer, Schema schema )
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_NORMALIZER_OC );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_NORMALIZER_OC );
entry.put( MetaSchemaConstants.M_OID_AT, oid );
entry.put( MetaSchemaConstants.M_FQCN_AT, normalizer.getClass().getName() );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
return entry;
}
public Attributes getAttributes( String oid, Comparator comparator, Schema schema )
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_COMPARATOR_OC );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_COMPARATOR_OC );
entry.put( MetaSchemaConstants.M_OID_AT, oid );
entry.put( MetaSchemaConstants.M_FQCN_AT, comparator.getClass().getName() );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
return entry;
}
@@ -177,11 +178,11 @@
*/
public Attributes getAttributes( MatchingRule matchingRule, Schema schema ) throws NamingException
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_MATCHING_RULE_OC );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_MATCHING_RULE_OC );
entry.put( MetaSchemaConstants.M_SYNTAX_AT, matchingRule.getSyntax().getOid() );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
injectCommon( matchingRule, entry );
return entry;
}
@@ -189,40 +190,40 @@
public Attributes getAttributes( MatchingRuleUse matchingRuleUse, Schema schema )
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "" );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( "" );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
return entry;
}
public Attributes getAttributes( DITStructureRule dITStructureRule, Schema schema )
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "" );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( "" );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
return entry;
}
public Attributes getAttributes( DITContentRule dITContentRule, Schema schema )
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "" );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( "" );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
return entry;
}
public Attributes getAttributes( NameForm nameForm, Schema schema )
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( "" );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( "" );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
return entry;
}
@@ -247,15 +248,15 @@
*/
public Attributes getAttributes( AttributeType attributeType, Schema schema ) throws NamingException
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_ATTRIBUTE_TYPE_OC );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_ATTRIBUTE_TYPE_OC );
entry.put( MetaSchemaConstants.M_SYNTAX_AT, attributeType.getSyntax().getOid() );
entry.put( MetaSchemaConstants.M_COLLECTIVE_AT, getBoolean( attributeType.isCollective() ) );
entry.put( MetaSchemaConstants.M_NO_USER_MODIFICATION_AT, getBoolean( ! attributeType.isCanUserModify() ) );
entry.put( MetaSchemaConstants.M_SINGLE_VALUE_AT, getBoolean( attributeType.isSingleValue() ) );
entry.put( MetaSchemaConstants.M_USAGE_AT, attributeType.getUsage().toString() );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
injectCommon( attributeType, entry );
@@ -332,11 +333,11 @@
*/
public Attributes getAttributes( ObjectClass objectClass, Schema schema ) throws NamingException
{
- Attributes entry = new AttributesImpl( SystemSchemaConstants.OBJECT_CLASS_AT, "top", true );
- entry.get( SystemSchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_OBJECT_CLASS_OC );
+ Attributes entry = new AttributesImpl( SchemaConstants.OBJECT_CLASS_AT, SchemaConstants.TOP_OC, true );
+ entry.get( SchemaConstants.OBJECT_CLASS_AT ).add( MetaSchemaConstants.META_OBJECT_CLASS_OC );
entry.put( MetaSchemaConstants.M_TYPE_OBJECT_CLASS_AT, objectClass.getType().toString() );
- entry.put( SystemSchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
- entry.put( SystemSchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
+ entry.put( SchemaConstants.CREATORS_NAME_AT, schema.getOwner() );
+ entry.put( SchemaConstants.CREATE_TIMESTAMP_AT, DateUtils.getGeneralizedTime() );
injectCommon( objectClass, entry );
diff --git a/utils/src/main/resources/META-INF/LICENSE.txt b/utils/src/main/resources/META-INF/LICENSE.txt
new file mode 100644
index 0000000..261eeb9
--- /dev/null
+++ b/utils/src/main/resources/META-INF/LICENSE.txt
@@ -0,0 +1,201 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/utils/src/main/resources/META-INF/NOTICE.txt b/utils/src/main/resources/META-INF/NOTICE.txt
new file mode 100644
index 0000000..f3268b6
--- /dev/null
+++ b/utils/src/main/resources/META-INF/NOTICE.txt
@@ -0,0 +1,5 @@
+Apache Directory Daemon
+Copyright 2007 The Apache Software Foundation
+
+This product includes software developed at
+The Apache Software Foundation (http://www.apache.org/).
