View Javadoc

1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.kerberos.shared.store.operations;
21  
22  
23  import java.util.ArrayList;
24  import java.util.List;
25  
26  import javax.naming.directory.DirContext;
27  import javax.security.auth.kerberos.KerberosPrincipal;
28  
29  import org.apache.directory.server.core.CoreSession;
30  import org.apache.directory.server.core.entry.DefaultServerAttribute;
31  import org.apache.directory.server.core.entry.ServerAttribute;
32  import org.apache.directory.server.core.entry.ServerEntry;
33  import org.apache.directory.server.core.entry.ServerModification;
34  import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
35  import org.apache.directory.server.schema.registries.AttributeTypeRegistry;
36  import org.apache.directory.shared.ldap.constants.SchemaConstants;
37  import org.apache.directory.shared.ldap.entry.Modification;
38  import org.apache.directory.shared.ldap.entry.ModificationOperation;
39  import org.apache.directory.shared.ldap.name.LdapDN;
40  
41  
42  /**
43   * Command for changing a principal's password in a JNDI context.
44   *
45   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
46   * @version $Rev: 691849 $, $Date: 2008-09-04 03:25:24 +0200 (Do, 04 Sep 2008) $
47   */
48  public class ChangePassword implements DirectoryServiceOperation
49  {
50      private static final long serialVersionUID = -7147685183641418353L;
51  
52      /** The Kerberos principal who's password is to be changed. */
53      protected KerberosPrincipal principal;
54      /** The new password for the update. */
55      protected String newPassword;
56  
57  
58      /**
59       * Creates the action to be used against the embedded ApacheDS DIT.
60       * 
61       * @param principal The principal to change the password for.
62       * @param newPassword The password to change.
63       */
64      public ChangePassword( KerberosPrincipal principal, String newPassword )
65      {
66          this.principal = principal;
67          this.newPassword = newPassword;
68      }
69  
70  
71      public Object execute( CoreSession session, LdapDN searchBaseDn ) throws Exception
72      {
73          if ( principal == null )
74          {
75              return null;
76          }
77  
78          AttributeTypeRegistry registry = session.getDirectoryService().getRegistries().getAttributeTypeRegistry();
79          
80          List<Modification> mods = new ArrayList<Modification>(2);
81          
82          ServerAttribute newPasswordAttribute = new DefaultServerAttribute( 
83              registry.lookup( SchemaConstants.USER_PASSWORD_AT_OID ), newPassword );
84          mods.set( 0, new ServerModification( ModificationOperation.REPLACE_ATTRIBUTE, newPasswordAttribute ) );
85          
86          ServerAttribute principalAttribute = new DefaultServerAttribute( 
87              registry.lookup( "krb5PrincipalName" ), principal.getName() );
88          mods.set( 1, new ServerModification( ModificationOperation.REPLACE_ATTRIBUTE, principalAttribute ) );
89  
90          
91          ServerEntry entry = StoreUtils.findPrincipalEntry( session, searchBaseDn, principal.getName() );
92          session.modify( entry.getDn(), mods );
93  
94          return entry.getDn();
95      }
96  }