1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.changepw;
21
22
23 import java.io.IOException;
24 import java.net.InetSocketAddress;
25 import java.util.ArrayList;
26 import java.util.List;
27
28 import javax.security.auth.kerberos.KerberosPrincipal;
29
30 import org.apache.directory.server.changepw.protocol.ChangePasswordProtocolHandler;
31 import org.apache.directory.server.constants.ServerDNConstants;
32 import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
33 import org.apache.directory.server.kerberos.shared.store.DirectoryPrincipalStore;
34 import org.apache.directory.server.kerberos.shared.store.PrincipalStore;
35 import org.apache.directory.server.protocol.shared.DirectoryBackedService;
36 import org.apache.mina.transport.socket.nio.DatagramAcceptorConfig;
37 import org.apache.mina.transport.socket.nio.SocketAcceptorConfig;
38
39
40
41
42
43
44
45
46
47
48 public class ChangePasswordServer extends DirectoryBackedService
49 {
50 private static final long serialVersionUID = 3509208713288140629L;
51
52
53 private static final String SERVICE_PRINCIPAL_DEFAULT = "kadmin/changepw@EXAMPLE.COM";
54
55
56 private static final String REALM_DEFAULT = "EXAMPLE.COM";
57
58
59 private static final int IP_PORT_DEFAULT = 464;
60
61
62 public static final String[] ENCRYPTION_TYPES_DEFAULT = new String[]
63 { "des-cbc-md5" };
64
65
66 private static final long DEFAULT_ALLOWABLE_CLOCKSKEW = 5 * 60000;
67
68
69 private static final boolean DEFAULT_EMPTY_ADDRESSES_ALLOWED = true;
70
71
72 public static final int DEFAULT_PASSWORD_LENGTH = 6;
73
74
75 public static final int DEFAULT_CATEGORY_COUNT = 3;
76
77
78 public static final int DEFAULT_TOKEN_SIZE = 3;
79
80
81 private static final String SERVICE_PID_DEFAULT = "org.apache.directory.server.changepw";
82
83
84 private static final String SERVICE_NAME_DEFAULT = "ApacheDS Change Password Service";
85
86
87 private EncryptionType[] encryptionTypes;
88
89
90 private String primaryRealm = REALM_DEFAULT;
91
92
93 private String servicePrincipal = SERVICE_PRINCIPAL_DEFAULT;
94
95
96 private long allowableClockSkew = DEFAULT_ALLOWABLE_CLOCKSKEW;
97
98
99 private boolean isEmptyAddressesAllowed = DEFAULT_EMPTY_ADDRESSES_ALLOWED;
100
101
102 private int policyPasswordLength;
103
104
105 private int policyCategoryCount;
106
107
108 private int policyTokenSize;
109
110
111
112
113
114 public ChangePasswordServer()
115 {
116 super.setServiceName( SERVICE_NAME_DEFAULT );
117 super.setIpPort( IP_PORT_DEFAULT );
118 super.setServiceId( SERVICE_PID_DEFAULT );
119 super.setSearchBaseDn( ServerDNConstants.USER_EXAMPLE_COM_DN );
120
121 prepareEncryptionTypes();
122 }
123
124
125
126
127
128
129
130 public String getPrimaryRealm()
131 {
132 return primaryRealm;
133 }
134
135
136
137
138
139 public void setPrimaryRealm( String primaryRealm )
140 {
141 this.primaryRealm = primaryRealm;
142 }
143
144
145
146
147
148
149
150 public EncryptionType[] getEncryptionTypes()
151 {
152 return encryptionTypes;
153 }
154
155
156
157
158
159 public void setEncryptionTypes( EncryptionType[] encryptionTypes )
160 {
161 this.encryptionTypes = encryptionTypes;
162 }
163
164
165
166
167
168
169
170 public long getAllowableClockSkew()
171 {
172 return allowableClockSkew;
173 }
174
175
176
177
178
179 public void setAllowableClockSkew( long allowableClockSkew )
180 {
181 this.allowableClockSkew = allowableClockSkew;
182 }
183
184
185
186
187
188
189
190 public KerberosPrincipal getServicePrincipal()
191 {
192 return new KerberosPrincipal( servicePrincipal );
193 }
194
195
196
197
198
199 public void setServicePrincipal( String servicePrincipal )
200 {
201 this.servicePrincipal = servicePrincipal;
202 }
203
204
205
206
207
208
209
210 public boolean isEmptyAddressesAllowed()
211 {
212 return isEmptyAddressesAllowed;
213 }
214
215
216
217
218
219 public void setEmptyAddressesAllowed( boolean isEmptyAddressesAllowed )
220 {
221 this.isEmptyAddressesAllowed = isEmptyAddressesAllowed;
222 }
223
224
225
226
227
228
229
230 public int getPasswordLengthPolicy()
231 {
232 return policyPasswordLength;
233 }
234
235
236
237
238
239
240
241 public int getCategoryCountPolicy()
242 {
243 return policyCategoryCount;
244 }
245
246
247
248
249
250
251
252 public int getTokenSizePolicy()
253 {
254 return policyTokenSize;
255 }
256
257
258
259
260
261 public void start() throws IOException
262 {
263 PrincipalStore store = new DirectoryPrincipalStore( getDirectoryService() );
264
265 if ( getDatagramAcceptor() != null )
266 {
267 DatagramAcceptorConfig udpConfig = new DatagramAcceptorConfig();
268 getDatagramAcceptor().bind( new InetSocketAddress( getIpPort() ),
269 new ChangePasswordProtocolHandler( this, store ), udpConfig );
270 }
271
272 if ( getSocketAcceptor() != null )
273 {
274 SocketAcceptorConfig tcpConfig = new SocketAcceptorConfig();
275 tcpConfig.setDisconnectOnUnbind( false );
276 tcpConfig.setReuseAddress( true );
277 getSocketAcceptor().bind( new InetSocketAddress( getIpPort() ),
278 new ChangePasswordProtocolHandler( this, store ), tcpConfig );
279 }
280 }
281
282
283 public void stop()
284 {
285 if ( getDatagramAcceptor() != null )
286 {
287 getDatagramAcceptor().unbind( new InetSocketAddress( getIpPort() ));
288 }
289 if ( getSocketAcceptor() != null )
290 {
291 getSocketAcceptor().unbind( new InetSocketAddress( getIpPort() ));
292 }
293 }
294
295
296 private void prepareEncryptionTypes()
297 {
298 String[] encryptionTypeStrings = ENCRYPTION_TYPES_DEFAULT;
299 List<EncryptionType> encTypes = new ArrayList<EncryptionType>();
300
301 for ( String enc : encryptionTypeStrings )
302 {
303 for ( EncryptionType type : EncryptionType.getEncryptionTypes() )
304 {
305 if ( type.toString().equalsIgnoreCase( enc ) )
306 {
307 encTypes.add( type );
308 }
309 }
310 }
311
312 encryptionTypes = encTypes.toArray( new EncryptionType[encTypes.size()] );
313 }
314
315
316
317
318
319
320
321 public void setPolicyPasswordLength( int policyPasswordLength )
322 {
323 this.policyPasswordLength = policyPasswordLength;
324 }
325
326
327
328
329
330
331
332 public void setPolicyCategoryCount( int policyCategoryCount )
333 {
334 this.policyCategoryCount = policyCategoryCount;
335 }
336
337
338
339
340
341
342
343 public void setPolicyTokenSize( int policyTokenSize )
344 {
345 this.policyTokenSize = policyTokenSize;
346 }
347 }