1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.ldap.handlers;
21
22
23 import org.apache.directory.server.core.CoreSession;
24 import org.apache.directory.server.ldap.LdapService;
25 import org.apache.directory.server.ldap.LdapSession;
26 import org.apache.directory.server.ldap.handlers.extended.StartTlsHandler;
27 import org.apache.directory.shared.ldap.message.AbandonRequest;
28 import org.apache.directory.shared.ldap.message.BindRequest;
29 import org.apache.directory.shared.ldap.message.ExtendedRequest;
30 import org.apache.directory.shared.ldap.message.LdapResult;
31 import org.apache.directory.shared.ldap.message.Request;
32 import org.apache.directory.shared.ldap.message.ResultCodeEnum;
33 import org.apache.directory.shared.ldap.message.ResultResponse;
34 import org.apache.directory.shared.ldap.message.ResultResponseRequest;
35 import org.apache.mina.common.IoFilterChain;
36 import org.apache.mina.common.IoSession;
37 import org.apache.mina.handler.demux.MessageHandler;
38
39
40
41
42
43
44
45
46 public abstract class LdapRequestHandler<T extends Request> implements MessageHandler<T>
47 {
48
49 protected LdapService ldapService;
50
51
52
53
54
55 public final LdapService getLdapServer()
56 {
57 return ldapService;
58 }
59
60
61
62
63
64
65 public final void setLdapServer( LdapService ldapService )
66 {
67 this.ldapService = ldapService;
68 }
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85 public final boolean isConfidentialityRequirementSatisfied( IoSession session )
86 {
87
88 if ( ! ldapService.isConfidentialityRequired() )
89 {
90 return true;
91 }
92
93 IoFilterChain chain = session.getFilterChain();
94 return chain.contains( "sslFilter" );
95 }
96
97
98 public void rejectWithoutConfidentiality( IoSession session, ResultResponse resp )
99 {
100 LdapResult result = resp.getLdapResult();
101 result.setResultCode( ResultCodeEnum.CONFIDENTIALITY_REQUIRED );
102 result.setErrorMessage( "Confidentiality (TLS secured connection) is required." );
103 session.write( resp );
104 return;
105 }
106
107
108
109
110
111
112
113
114
115
116
117 public final void messageReceived( IoSession session, T message ) throws Exception
118 {
119 LdapSession ldapSession = ldapService.getLdapSessionManager().getLdapSession( session );
120
121
122
123
124 ldapSession.setLdapServer( ldapService );
125
126
127 if ( ! isConfidentialityRequirementSatisfied( session ) )
128 {
129 if ( message instanceof ExtendedRequest )
130 {
131
132 ExtendedRequest req = ( ExtendedRequest ) message;
133 if ( ! req.getID().equals( StartTlsHandler.EXTENSION_OID ) )
134 {
135 rejectWithoutConfidentiality( session, req.getResultResponse() );
136 return;
137 }
138
139
140 }
141 else if ( message instanceof ResultResponseRequest )
142 {
143
144 rejectWithoutConfidentiality( session, ( ( ResultResponseRequest ) message ).getResultResponse() );
145 return;
146 }
147 else
148 {
149 return;
150 }
151 }
152
153
154
155 if ( message instanceof BindRequest )
156 {
157 handle( ldapSession, message );
158 }
159 else
160 {
161 CoreSession coreSession = null;
162
163
164
165
166
167
168 if ( ldapSession.isAuthenticated() )
169 {
170 coreSession = ldapSession.getCoreSession();
171 handle( ldapSession, message );
172 return;
173 }
174
175 coreSession = getLdapServer().getDirectoryService().getSession();
176 ldapSession.setCoreSession( coreSession );
177
178 if ( message instanceof AbandonRequest )
179 {
180 return;
181 }
182
183 handle( ldapSession, message );
184 return;
185 }
186 }
187
188
189
190
191
192
193
194
195
196 public abstract void handle( LdapSession session, T message ) throws Exception;
197 }