protocol-shared/src/main/java/org/apache/directory/server/protocol/shared/store/Krb5KdcEntryFilter.java - directory-server - Git at Google

 package org.apache.directory.server.protocol.shared.store;


 import java.io.File;

 import javax.naming.NamingException;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.DirContext;
 import javax.security.auth.kerberos.KerberosKey;
 import javax.security.auth.kerberos.KerberosPrincipal;

 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;


 /**
  * Filter which generates kerberos keys from userPassword attributes of kerberos users being
  * loaded into the server from an LDIF file.
  *
  * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
  * @version $Rev$, $Date$
  */
 public class Krb5KdcEntryFilter implements LdifLoadFilter
 {
     private static final Logger log = LoggerFactory.getLogger( Krb5KdcEntryFilter.class );
     private static final String KEY_TYPE = "DES";
     private static final String OBJECTCLASS_ATTR = "objectClass";
     private static final String KRB5KDCENTRY_OC = "krb5KDCEntry";
     private static final String PASSWORD_ATTR = "userPassword";


     /**
      * Always accepts entries whether or not it can sucessfully generate a key for the entry.
      *
      * @see  LdifLoadFilter#filter(File, String, Attributes, DirContext)
      */
     public boolean filter( File file, String dn, Attributes entry, DirContext ctx ) throws NamingException
     {
         if ( entry.get( OBJECTCLASS_ATTR ).contains( KRB5KDCENTRY_OC ) )
         {
             String krbPrincipal = null;
             try
             {
                 String pw = ( String ) entry.get( PASSWORD_ATTR ).get();
                 krbPrincipal = ( String ) entry.get( KerberosAttribute.PRINCIPAL ).get();
                 KerberosPrincipal principal = new KerberosPrincipal( krbPrincipal );
                 KerberosKey key = new KerberosKey( principal, pw.toCharArray(), KEY_TYPE );

                 byte[] encodedKey = key.getEncoded();
                 entry.put( KerberosAttribute.KEY, encodedKey );
                 entry.put( KerberosAttribute.VERSION, Integer.toString( key.getVersionNumber() ) );
                 entry.put( KerberosAttribute.TYPE, Integer.toString( key.getKeyType() ) );
             }
             catch ( Exception e )
             {
                 log.warn( "failed to generate kerberos key\n\tkrbPrincipal=" + krbPrincipal + "\n\tdn=" + dn
                     + "\n\tentry=\n" + entry );
             }
         }

         return true;
     }
 }
	package org.apache.directory.server.protocol.shared.store;


	import java.io.File;

	import javax.naming.NamingException;
	import javax.naming.directory.Attributes;
	import javax.naming.directory.DirContext;
	import javax.security.auth.kerberos.KerberosKey;
	import javax.security.auth.kerberos.KerberosPrincipal;

	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;


	/**
	* Filter which generates kerberos keys from userPassword attributes of kerberos users being
	* loaded into the server from an LDIF file.
	*
	* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
	* @version $Rev$, $Date$
	*/
	public class Krb5KdcEntryFilter implements LdifLoadFilter
	{
	private static final Logger log = LoggerFactory.getLogger( Krb5KdcEntryFilter.class );
	private static final String KEY_TYPE = "DES";
	private static final String OBJECTCLASS_ATTR = "objectClass";
	private static final String KRB5KDCENTRY_OC = "krb5KDCEntry";
	private static final String PASSWORD_ATTR = "userPassword";


	/**
	* Always accepts entries whether or not it can sucessfully generate a key for the entry.
	*
	* @see LdifLoadFilter#filter(File, String, Attributes, DirContext)
	*/
	public boolean filter( File file, String dn, Attributes entry, DirContext ctx ) throws NamingException
	{
	if ( entry.get( OBJECTCLASS_ATTR ).contains( KRB5KDCENTRY_OC ) )
	{
	String krbPrincipal = null;
	try
	{
	String pw = ( String ) entry.get( PASSWORD_ATTR ).get();
	krbPrincipal = ( String ) entry.get( KerberosAttribute.PRINCIPAL ).get();
	KerberosPrincipal principal = new KerberosPrincipal( krbPrincipal );
	KerberosKey key = new KerberosKey( principal, pw.toCharArray(), KEY_TYPE );

	byte[] encodedKey = key.getEncoded();
	entry.put( KerberosAttribute.KEY, encodedKey );
	entry.put( KerberosAttribute.VERSION, Integer.toString( key.getVersionNumber() ) );
	entry.put( KerberosAttribute.TYPE, Integer.toString( key.getKeyType() ) );
	}
	catch ( Exception e )
	{
	log.warn( "failed to generate kerberos key\n\tkrbPrincipal=" + krbPrincipal + "\n\tdn=" + dn
	+ "\n\tentry=\n" + entry );
	}
	}

	return true;
	}
	}