trunk/protocol-ldap/src/main/java/org/apache/directory/server/ldap/handlers/sasl/digestMD5/DigestMd5MechanismHandler.java - directory-server - Git at Google

 /*
  *  Licensed to the Apache Software Foundation (ASF) under one
  *  or more contributor license agreements.  See the NOTICE file
  *  distributed with this work for additional information
  *  regarding copyright ownership.  The ASF licenses this file
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
  *
  *    http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License.
  *
  */
 package org.apache.directory.server.ldap.handlers.sasl.digestMD5;


 import java.util.HashMap;
 import java.util.Map;

 import javax.security.auth.callback.CallbackHandler;
 import javax.security.sasl.Sasl;
 import javax.security.sasl.SaslServer;

 import org.apache.directory.api.ldap.model.constants.SupportedSaslMechanisms;
 import org.apache.directory.api.ldap.model.message.BindRequest;
 import org.apache.directory.server.core.api.CoreSession;
 import org.apache.directory.server.ldap.LdapServer;
 import org.apache.directory.server.ldap.LdapSession;
 import org.apache.directory.server.ldap.handlers.sasl.AbstractMechanismHandler;
 import org.apache.directory.server.ldap.handlers.sasl.SaslConstants;


 /**
  * The DIGEST-MD5 mechanism handler.
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  */
 public class DigestMd5MechanismHandler extends AbstractMechanismHandler
 {
     /**
      * Create a list of all the configured realms.
      *
      * @param ldapServer the LdapServer for which we want to get the realms
      * @return a list of realms, separated by spaces
      */
     private String getActiveRealms( LdapServer ldapServer )
     {
         StringBuilder realms = new StringBuilder();
         boolean isFirst = true;

         for ( String realm : ldapServer.getSaslRealms() )
         {
             if ( isFirst )
             {
                 isFirst = false;
             }
             else
             {
                 realms.append( ' ' );
             }

             realms.append( realm );
         }

         return realms.toString();
     }


     public SaslServer handleMechanism( LdapSession ldapSession, BindRequest bindRequest ) throws Exception
     {
         SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );

         if ( ss == null )
         {
             CoreSession adminSession = ldapSession.getLdapServer().getDirectoryService().getAdminSession();

             CallbackHandler callbackHandler = new DigestMd5CallbackHandler( ldapSession, adminSession, bindRequest );

             ss = Sasl.createSaslServer(
                 SupportedSaslMechanisms.DIGEST_MD5,
                 SaslConstants.LDAP_PROTOCOL,
                 ( String ) ldapSession.getSaslProperty( SaslConstants.SASL_HOST ),
                 ( Map<String, String> ) ldapSession.getSaslProperty( SaslConstants.SASL_PROPS ),
                 callbackHandler );
             ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss );
         }

         return ss;
     }


     /**
      * {@inheritDoc}
      */
     public void init( LdapSession ldapSession )
     {
         // Store the host in the ldap session
         String saslHost = ldapSession.getLdapServer().getSaslHost();
         String userBaseDn = ldapSession.getLdapServer().getSearchBaseDn();

         ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
         ldapSession.putSaslProperty( SaslConstants.SASL_USER_BASE_DN, userBaseDn );

         Map<String, String> saslProps = new HashMap<String, String>();
         saslProps.put( Sasl.QOP, ldapSession.getLdapServer().getSaslQopString() );
         saslProps.put( "com.sun.security.sasl.digest.realm", getActiveRealms( ldapSession.getLdapServer() ) );
         ldapSession.putSaslProperty( SaslConstants.SASL_PROPS, saslProps );
     }


     /**
      * Remove the Host, UserBaseDn, props and Mechanism property.
      *
      * @param ldapSession the LdapSession instance
      */
     public void cleanup( LdapSession ldapSession )
     {
         // Inject the Sasl Filter
         insertSaslFilter( ldapSession );

         // and cleanup the useless informations
         ldapSession.removeSaslProperty( SaslConstants.SASL_HOST );
         ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN );
         ldapSession.removeSaslProperty( SaslConstants.SASL_MECH );
         ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS );
         ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER );
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*
	*/
	package org.apache.directory.server.ldap.handlers.sasl.digestMD5;


	import java.util.HashMap;
	import java.util.Map;

	import javax.security.auth.callback.CallbackHandler;
	import javax.security.sasl.Sasl;
	import javax.security.sasl.SaslServer;

	import org.apache.directory.api.ldap.model.constants.SupportedSaslMechanisms;
	import org.apache.directory.api.ldap.model.message.BindRequest;
	import org.apache.directory.server.core.api.CoreSession;
	import org.apache.directory.server.ldap.LdapServer;
	import org.apache.directory.server.ldap.LdapSession;
	import org.apache.directory.server.ldap.handlers.sasl.AbstractMechanismHandler;
	import org.apache.directory.server.ldap.handlers.sasl.SaslConstants;


	/**
	* The DIGEST-MD5 mechanism handler.
	*
	* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
	*/
	public class DigestMd5MechanismHandler extends AbstractMechanismHandler
	{
	/**
	* Create a list of all the configured realms.
	*
	* @param ldapServer the LdapServer for which we want to get the realms
	* @return a list of realms, separated by spaces
	*/
	private String getActiveRealms( LdapServer ldapServer )
	{
	StringBuilder realms = new StringBuilder();
	boolean isFirst = true;

	for ( String realm : ldapServer.getSaslRealms() )
	{
	if ( isFirst )
	{
	isFirst = false;
	}
	else
	{
	realms.append( ' ' );
	}

	realms.append( realm );
	}

	return realms.toString();
	}


	public SaslServer handleMechanism( LdapSession ldapSession, BindRequest bindRequest ) throws Exception
	{
	SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );

	if ( ss == null )
	{
	CoreSession adminSession = ldapSession.getLdapServer().getDirectoryService().getAdminSession();

	CallbackHandler callbackHandler = new DigestMd5CallbackHandler( ldapSession, adminSession, bindRequest );

	ss = Sasl.createSaslServer(
	SupportedSaslMechanisms.DIGEST_MD5,
	SaslConstants.LDAP_PROTOCOL,
	( String ) ldapSession.getSaslProperty( SaslConstants.SASL_HOST ),
	( Map<String, String> ) ldapSession.getSaslProperty( SaslConstants.SASL_PROPS ),
	callbackHandler );
	ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss );
	}

	return ss;
	}


	/**
	* {@inheritDoc}
	*/
	public void init( LdapSession ldapSession )
	{
	// Store the host in the ldap session
	String saslHost = ldapSession.getLdapServer().getSaslHost();
	String userBaseDn = ldapSession.getLdapServer().getSearchBaseDn();

	ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
	ldapSession.putSaslProperty( SaslConstants.SASL_USER_BASE_DN, userBaseDn );

	Map<String, String> saslProps = new HashMap<String, String>();
	saslProps.put( Sasl.QOP, ldapSession.getLdapServer().getSaslQopString() );
	saslProps.put( "com.sun.security.sasl.digest.realm", getActiveRealms( ldapSession.getLdapServer() ) );
	ldapSession.putSaslProperty( SaslConstants.SASL_PROPS, saslProps );
	}


	/**
	* Remove the Host, UserBaseDn, props and Mechanism property.
	*
	* @param ldapSession the LdapSession instance
	*/
	public void cleanup( LdapSession ldapSession )
	{
	// Inject the Sasl Filter
	insertSaslFilter( ldapSession );

	// and cleanup the useless informations
	ldapSession.removeSaslProperty( SaslConstants.SASL_HOST );
	ldapSession.removeSaslProperty( SaslConstants.SASL_USER_BASE_DN );
	ldapSession.removeSaslProperty( SaslConstants.SASL_MECH );
	ldapSession.removeSaslProperty( SaslConstants.SASL_PROPS );
	ldapSession.removeSaslProperty( SaslConstants.SASL_AUTHENT_USER );
	}
	}