View Javadoc

1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  
21  package org.apache.directory.server.kerberos.shared.store;
22  
23  
24  import java.util.Map;
25  
26  import javax.naming.NamingException;
27  import javax.security.auth.kerberos.KerberosPrincipal;
28  
29  import org.apache.directory.server.core.CoreSession;
30  import org.apache.directory.server.core.DirectoryService;
31  import org.apache.directory.server.kerberos.shared.store.operations.AddPrincipal;
32  import org.apache.directory.server.kerberos.shared.store.operations.ChangePassword;
33  import org.apache.directory.server.kerberos.shared.store.operations.DeletePrincipal;
34  import org.apache.directory.server.kerberos.shared.store.operations.GetAllPrincipals;
35  import org.apache.directory.server.kerberos.shared.store.operations.GetPrincipal;
36  import org.apache.directory.server.protocol.shared.ServiceConfigurationException;
37  import org.apache.directory.server.protocol.shared.catalog.Catalog;
38  import org.apache.directory.server.protocol.shared.catalog.GetCatalog;
39  import org.apache.directory.server.protocol.shared.store.DirectoryServiceOperation;
40  
41  
42  /**
43   * A JNDI-backed search strategy implementation.  This search strategy builds a
44   * catalog from configuration in the DIT to determine where realms are to search
45   * for Kerberos principals.
46   *
47   * TODO are exception messages reasonable? I changed them to use the catalog key rather than the catalog value.
48   * 
49   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
50   * @version $Rev: 682235 $, $Date: 2008-08-04 02:43:52 +0200 (Mo, 04 Aug 2008) $
51   */
52  class MultiBaseSearch implements PrincipalStore
53  {
54      private final Catalog catalog;
55      private final DirectoryService directoryService;
56  
57  
58      MultiBaseSearch( String catalogBaseDn, DirectoryService directoryService )
59      {
60          this.directoryService = directoryService;
61          try
62          {
63              catalog = new KerberosCatalog( ( Map ) execute( directoryService.getSession(), new GetCatalog() ) );
64          }
65          catch ( Exception e )
66          {
67              String message = "Failed to get catalog context " + catalogBaseDn;
68              throw new ServiceConfigurationException( message, e );
69          }
70      }
71  
72  
73      public String addPrincipal( PrincipalStoreEntry entry ) throws Exception
74      {
75          try
76          {
77              return ( String ) execute( directoryService.getSession(), new AddPrincipal( entry ) );
78          }
79          catch ( NamingException ne )
80          {
81              String message = "Failed to get initial context " + entry.getRealmName();
82              throw new ServiceConfigurationException( message, ne );
83          }
84      }
85  
86      public String deletePrincipal( KerberosPrincipal principal ) throws Exception
87      {
88          try
89          {
90              return ( String ) execute( directoryService.getSession(), new DeletePrincipal( principal ) );
91          }
92          catch ( NamingException ne )
93          {
94              String message = "Failed to get initial context " + principal.getRealm();
95              throw new ServiceConfigurationException( message, ne );
96          }
97      }
98  
99  
100     public PrincipalStoreEntry[] getAllPrincipals( String realm ) throws Exception
101     {
102         try
103         {
104             return ( PrincipalStoreEntry[] ) execute( directoryService.getSession(), new GetAllPrincipals() );
105         }
106         catch ( NamingException ne )
107         {
108             String message = "Failed to get initial context " + realm;
109             throw new ServiceConfigurationException( message, ne );
110         }
111     }
112 
113 
114     public PrincipalStoreEntry getPrincipal( KerberosPrincipal principal ) throws Exception
115     {
116         try
117         {
118             return ( PrincipalStoreEntry ) execute( directoryService.getSession(), new GetPrincipal( principal ) );
119         }
120         catch ( NamingException ne )
121         {
122             String message = "Failed to get initial context " + principal.getRealm();
123             throw new ServiceConfigurationException( message, ne );
124         }
125     }
126 
127 
128     public String changePassword( KerberosPrincipal principal, String newPassword ) throws Exception
129     {
130         try
131         {
132             return ( String ) execute( directoryService.getSession(), new ChangePassword( principal, newPassword ) );
133         }
134         catch ( NamingException ne )
135         {
136             String message = "Failed to get initial context " + principal.getRealm();
137             throw new ServiceConfigurationException( message, ne );
138         }
139     }
140 
141 
142     private Object execute( CoreSession session, DirectoryServiceOperation operation ) throws Exception
143     {
144         return operation.execute( session, null );
145     }
146 }