1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.kerberos.shared.store;
21
22
23 import java.io.IOException;
24 import java.util.HashMap;
25 import java.util.Map;
26
27 import javax.naming.NamingException;
28 import javax.security.auth.kerberos.KerberosPrincipal;
29
30 import org.apache.directory.server.core.entry.ServerStringValue;
31 import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
32 import org.apache.directory.server.kerberos.shared.io.decoder.EncryptionKeyDecoder;
33 import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
34 import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
35 import org.apache.directory.server.kerberos.shared.messages.value.SamType;
36 import org.apache.directory.shared.ldap.entry.EntryAttribute;
37 import org.apache.directory.shared.ldap.entry.Value;
38
39
40
41
42
43
44 public class PrincipalStoreEntryModifier
45 {
46
47 private String distinguishedName;
48 private String commonName;
49 private KerberosPrincipal principal;
50 private String realmName;
51
52
53 private String userId;
54
55
56
57 private int keyVersionNumber;
58
59 private KerberosTime validStart;
60 private KerberosTime validEnd;
61 private KerberosTime passwordEnd;
62 private int maxLife;
63 private int maxRenew;
64 private int kdcFlags;
65 private SamType samType;
66
67 private boolean disabled = false;
68 private boolean lockedOut = false;
69 private KerberosTime expiration = KerberosTime.INFINITY;
70
71 private Map<EncryptionType, EncryptionKey> keyMap;
72
73
74
75
76
77
78
79 public PrincipalStoreEntry getEntry()
80 {
81 return new PrincipalStoreEntry( distinguishedName, commonName, userId, principal, keyVersionNumber, validStart,
82 validEnd, passwordEnd, maxLife, maxRenew, kdcFlags, keyMap, realmName, samType, disabled, lockedOut,
83 expiration );
84 }
85
86
87
88
89
90
91
92 public void setDisabled( boolean disabled )
93 {
94 this.disabled = disabled;
95 }
96
97
98
99
100
101
102
103 public void setLockedOut( boolean lockedOut )
104 {
105 this.lockedOut = lockedOut;
106 }
107
108
109
110
111
112
113
114 public void setExpiration( KerberosTime expiration )
115 {
116 this.expiration = expiration;
117 }
118
119
120
121
122
123
124
125 public void setDistinguishedName( String distinguishedName )
126 {
127 this.distinguishedName = distinguishedName;
128 }
129
130
131
132
133
134
135
136 public void setCommonName( String commonName )
137 {
138 this.commonName = commonName;
139 }
140
141
142
143
144
145
146
147 public void setUserId( String userId )
148 {
149 this.userId = userId;
150 }
151
152
153
154
155
156
157
158 public void setKDCFlags( int kdcFlags )
159 {
160 this.kdcFlags = kdcFlags;
161 }
162
163
164
165
166
167
168
169 public void setKeyMap( Map<EncryptionType, EncryptionKey> keyMap )
170 {
171 this.keyMap = keyMap;
172 }
173
174
175
176
177
178
179
180 public void setKeyVersionNumber( int keyVersionNumber )
181 {
182 this.keyVersionNumber = keyVersionNumber;
183 }
184
185
186
187
188
189
190
191 public void setMaxLife( int maxLife )
192 {
193 this.maxLife = maxLife;
194 }
195
196
197
198
199
200
201
202 public void setMaxRenew( int maxRenew )
203 {
204 this.maxRenew = maxRenew;
205 }
206
207
208
209
210
211
212
213 public void setPasswordEnd( KerberosTime passwordEnd )
214 {
215 this.passwordEnd = passwordEnd;
216 }
217
218
219
220
221
222
223
224 public void setPrincipal( KerberosPrincipal principal )
225 {
226 this.principal = principal;
227 }
228
229
230
231
232
233
234
235 public void setRealmName( String realmName )
236 {
237 this.realmName = realmName;
238 }
239
240
241
242
243
244
245
246 public void setValidEnd( KerberosTime validEnd )
247 {
248 this.validEnd = validEnd;
249 }
250
251
252
253
254
255
256
257 public void setValidStart( KerberosTime validStart )
258 {
259 this.validStart = validStart;
260 }
261
262
263
264
265
266
267
268 public void setSamType( SamType samType )
269 {
270 this.samType = samType;
271 }
272
273
274
275
276
277
278
279
280
281
282 public Map<EncryptionType, EncryptionKey> reconstituteKeyMap( EntryAttribute krb5key ) throws Exception
283 {
284 Map<EncryptionType, EncryptionKey> map = new HashMap<EncryptionType, EncryptionKey>();
285
286 for ( Value<?> val : krb5key )
287 {
288 if ( val instanceof ServerStringValue )
289 {
290 throw new IllegalStateException( "Kerberos key should not be a String." );
291 }
292
293 byte[] encryptionKeyBytes = ( byte[] ) val.get();
294 EncryptionKey encryptionKey = EncryptionKeyDecoder.decode( encryptionKeyBytes );
295 map.put( encryptionKey.getKeyType(), encryptionKey );
296 }
297
298 return map;
299 }
300 }