From 4509df3ca8f1f87f0bda14f5156201d45b9ce0ce Mon Sep 17 00:00:00 2001 From: Juan Carlos Luciani Date: Thu, 25 May 2006 17:04:07 +0000 Subject: [PATCH] Made changes so that file operations also work on Windows. Fixed PwdAuthenticate to do searches of the sub-tree and to validate the password. Still need to make changes in Krb5Authenticate to do sub-tree searches. --- .../novell/casa/authtoksvc/Authenticate.java | 30 +++++++++---------- .../casa/authtoksvc/EnabledSvcsConfig.java | 28 ++++++++--------- .../casa/authtoksvc/PwdAuthenticate.java | 13 ++++++-- .../src/com/novell/casa/authtoksvc/Rpc.java | 6 ++-- .../com/novell/casa/authtoksvc/SvcConfig.java | 8 ++--- 5 files changed, 45 insertions(+), 40 deletions(-) diff --git a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Authenticate.java b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Authenticate.java index b40ac93a..8b5864f6 100644 --- a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Authenticate.java +++ b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Authenticate.java @@ -76,7 +76,7 @@ public class Authenticate implements RpcMethod // contains folders for each installed authentication mechanism. The name of these // folders usually match the name of the Authentication mechanisms. String svcConfigPath = svcConfig.getSetting(SvcConfig.ConfigFolderPath); - File mechanismsConfigFolder = new File(svcConfigPath + "/auth_mechanisms"); + File mechanismsConfigFolder = new File(svcConfigPath, "auth_mechanisms"); try { String[] mechanismsConfigFolderObjs = mechanismsConfigFolder.list(); @@ -95,7 +95,7 @@ public class Authenticate implements RpcMethod // Try to obtain the mechanism settings try { - AuthMechConfig mechConfig = new AuthMechConfig(mechanismFolder + "/" + m_mechanismSettingsFileName); + AuthMechConfig mechConfig = new AuthMechConfig(mechanismFolder + File.separator + m_mechanismSettingsFileName); // Mechanism settings obtained, now instantiate it and place it in our map. // @@ -141,19 +141,19 @@ public class Authenticate implements RpcMethod } catch (MalformedURLException e) { - System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } catch (ClassNotFoundException e) { - System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } catch (InstantiationException e) { - System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } catch (IllegalAccessException e) { - System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } } else @@ -195,35 +195,35 @@ public class Authenticate implements RpcMethod } catch (MalformedURLException e) { - System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } catch (ClassNotFoundException e) { - System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } catch (InstantiationException e) { - System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } catch (IllegalAccessException e) { - System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } } else { - System.err.println("Authenticate.init()- No configuration to find class path to load " + mechanismFolder + "/" + m_mechanismSettingsFileName); + System.err.println("Authenticate.init()- No configuration to find class path to load " + mechanismFolder + File.separator + m_mechanismSettingsFileName); } } } else { - System.err.println("Authenticate.init()- No configured mechanism class name for " + mechanismFolder + "/" + m_mechanismSettingsFileName); + System.err.println("Authenticate.init()- No configured mechanism class name for " + mechanismFolder + File.separator + m_mechanismSettingsFileName); } } catch (SecurityException e) { - System.err.println("Authenticate.init()- SecurityException accessing " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- SecurityException accessing " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } catch (FileNotFoundException e) { @@ -231,11 +231,11 @@ public class Authenticate implements RpcMethod } catch (IOException e) { - System.err.println("Authenticate.init()- IOException reading " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- IOException reading " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } catch (Exception e) { - System.err.println("Authenticate.init()- Exception instantiating mechConfig or mechanism " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString()); + System.err.println("Authenticate.init()- Exception instantiating mechConfig or mechanism " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString()); } } } diff --git a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java index c866e3be..59301e54 100644 --- a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java +++ b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/EnabledSvcsConfig.java @@ -92,7 +92,7 @@ public class EnabledSvcsConfig // Try to obtain the default authentication policy try { - File f = new File(configFolder, "/" + m_authPolicyFileName); + File f = new File(configFolder, m_authPolicyFileName); defaultAuthPolicyData = new byte[(int) f.length()]; FileInputStream inStream = new FileInputStream(f); int bytesRead = inStream.read(defaultAuthPolicyData); @@ -104,21 +104,21 @@ public class EnabledSvcsConfig } catch (SecurityException e) { - System.err.println("EnabledSvcsConfig()- SecurityException accessing " + configFolder + "/" + m_authPolicyFileName + " Exception=" + e.toString()); + System.err.println("EnabledSvcsConfig()- SecurityException accessing " + configFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString()); } catch (FileNotFoundException e) { - System.err.println("EnabledSvcsConfig()- File " + configFolder + "/" + m_authPolicyFileName + " not found"); + System.err.println("EnabledSvcsConfig()- File " + configFolder + File.separator + m_authPolicyFileName + " not found"); } catch (IOException e) { - System.err.println("EnabledSvcsConfig()- IOException reading " + configFolder + "/" + m_authPolicyFileName + " Exception=" + e.toString()); + System.err.println("EnabledSvcsConfig()- IOException reading " + configFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString()); } // Try to obtain the default authentication token settings try { - defaultAuthTokenConfig = new AuthTokenConfig(configFolder + "/" + m_authTokenSettingsFileName); + defaultAuthTokenConfig = new AuthTokenConfig(configFolder + File.separator + m_authTokenSettingsFileName); } catch (Exception e) { @@ -130,7 +130,7 @@ public class EnabledSvcsConfig // Try to obtain the default identity token settings try { - defaultIdenTokenConfig = new IdenTokenConfig(configFolder + "/" + m_idenTokenSettingsFileName); + defaultIdenTokenConfig = new IdenTokenConfig(configFolder + File.separator + m_idenTokenSettingsFileName); } catch (Exception e) { @@ -143,7 +143,7 @@ public class EnabledSvcsConfig // contains folders for each host for which there are enabled services. The folders // in the services config folder must match the DNS name of the hosts where // the enabled services reside. - File servicesConfigFolder = new File(svcConfigPath + "/enabled_services"); + File servicesConfigFolder = new File(svcConfigPath, "enabled_services"); try { String[] servicesConfigFolderObjs = servicesConfigFolder.list(); @@ -186,7 +186,7 @@ public class EnabledSvcsConfig try { - File policyFile = new File(serviceFolder, "/" + m_authPolicyFileName); + File policyFile = new File(serviceFolder, m_authPolicyFileName); authPolicyData = new byte[(int) policyFile.length()]; FileInputStream inStream = new FileInputStream(policyFile); int bytesRead = inStream.read(authPolicyData); @@ -198,7 +198,7 @@ public class EnabledSvcsConfig } catch (SecurityException e) { - System.err.println("EnabledSvcsConfig()- SecurityException accessing " + serviceFolder + "/" + m_authPolicyFileName + " Exception=" + e.toString()); + System.err.println("EnabledSvcsConfig()- SecurityException accessing " + serviceFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString()); } catch (FileNotFoundException e) { @@ -206,25 +206,25 @@ public class EnabledSvcsConfig } catch (IOException e) { - System.err.println("EnabledSvcsConfig()- IOException reading " + serviceFolder + "/" + m_authPolicyFileName + " Exception=" + e.toString()); + System.err.println("EnabledSvcsConfig()- IOException reading " + serviceFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString()); } try { - authTokenConfig = new AuthTokenConfig(serviceFolder + "/" + m_authTokenSettingsFileName); + authTokenConfig = new AuthTokenConfig(serviceFolder + File.separator + m_authTokenSettingsFileName); } catch (Exception e) { - System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + "/" + m_authTokenSettingsFileName + " Exception=" + e.toString()); + System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + File.separator + m_authTokenSettingsFileName + " Exception=" + e.toString()); } try { - idenTokenConfig = new IdenTokenConfig(serviceFolder + "/" + m_idenTokenSettingsFileName); + idenTokenConfig = new IdenTokenConfig(serviceFolder + File.separator + m_idenTokenSettingsFileName); } catch (Exception e) { - System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + "/" + m_idenTokenSettingsFileName + " Exception=" + e.toString()); + System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + File.separator + m_idenTokenSettingsFileName + " Exception=" + e.toString()); } // Make sure that we have a policy file diff --git a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java index d21c8ed5..35ef194c 100644 --- a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java +++ b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java @@ -40,6 +40,7 @@ import javax.naming.directory.InitialDirContext; import javax.naming.directory.DirContext; import javax.naming.directory.Attributes; import javax.naming.directory.SearchResult; +import javax.naming.directory.SearchControls; import javax.naming.NamingException; import org.bandit.ia.IAContext; @@ -143,10 +144,13 @@ public class PwdAuthenticate implements AuthMechanism, Serializable DirContext ctx = new InitialDirContext(env); // Now search for a user with a matching surname - Attributes matchAttrs = new BasicAttributes(true); // ignore attribute name case - matchAttrs.put(new BasicAttribute("cn", pwToken.getUsername())); + SearchControls controls = new SearchControls(); + controls.setSearchScope(SearchControls.SUBTREE_SCOPE); - NamingEnumeration answer = ctx.search(m_svcConfig.getSetting(SvcConfig.StartSearchContext), matchAttrs); + NamingEnumeration answer = ctx.search(m_svcConfig.getSetting(SvcConfig.StartSearchContext), + "(cn={0})", + new String[] {pwToken.getUsername()}, + controls); // Enumerate through the users returned checking the password while (answer.hasMore()) @@ -160,6 +164,9 @@ public class PwdAuthenticate implements AuthMechanism, Serializable env2.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory"); env2.put(IAContext.IA_REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile)); env2.put(IAContext.IA_REALM_SELECTOR, authReqMsg.getRealm()); + env2.put(Context.SECURITY_AUTHENTICATION, "simple"); + env2.put(Context.SECURITY_PRINCIPAL, sr.getName()); + env2.put(Context.SECURITY_CREDENTIALS, pwToken.getPassword()); if ((new InitialDirContext(env2)) != null) { diff --git a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Rpc.java b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Rpc.java index d976c1e3..2ca062c4 100644 --- a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Rpc.java +++ b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/Rpc.java @@ -36,8 +36,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - - /** * Rpc Servlet Class. * @@ -73,10 +71,10 @@ public class Rpc extends javax.servlet.http.HttpServlet implements javax.servlet ServletContext context = config.getServletContext(); // Read service configuration - SvcConfig svcConfig = new SvcConfig(context.getRealPath("/"), context.getRealPath("/") + "WEB-INF/conf"); + SvcConfig svcConfig = new SvcConfig(context.getRealPath(File.separator), context.getRealPath(File.separator) + "WEB-INF/conf"); // Read enabled services configuration - EnabledSvcsConfig enabledSvcsConfig = new EnabledSvcsConfig(context.getRealPath("/") + "WEB-INF/conf"); + EnabledSvcsConfig enabledSvcsConfig = new EnabledSvcsConfig(context.getRealPath(File.separator) + "WEB-INF/conf"); // Create a map to keep track of the Rpc methods m_methodsMap = new HashMap(); diff --git a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SvcConfig.java b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SvcConfig.java index 6ac63230..5e2ad335 100644 --- a/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SvcConfig.java +++ b/auth_token/server/AuthTokenSvc/src/com/novell/casa/authtoksvc/SvcConfig.java @@ -203,7 +203,7 @@ public class SvcConfig try { // Get an input stream to services settings file - File settingsFile = new File(svcConfigPath + "/" + m_svcSettingsFileName); + File settingsFile = new File(svcConfigPath, m_svcSettingsFileName); FileInputStream inStream = new FileInputStream(settingsFile); // Parse the file @@ -227,15 +227,15 @@ public class SvcConfig } catch (SecurityException e) { - System.err.println("SvcConfig()- SecurityException caught while accessing " + svcConfigPath + "/" + m_svcSettingsFileName + " Exception=" + e.toString()); + System.err.println("SvcConfig()- SecurityException caught while accessing " + svcConfigPath + File.separator + m_svcSettingsFileName + " Exception=" + e.toString()); } catch (FileNotFoundException e) { - System.err.println("SvcConfig()- File " + svcConfigPath + "/" + m_svcSettingsFileName + " not found"); + System.err.println("SvcConfig()- File " + svcConfigPath + File.separator + m_svcSettingsFileName + " not found"); } catch (IOException e) { - System.err.println("SvcConfig()- IOException caught while trying to read " + svcConfigPath + "/" + m_svcSettingsFileName + " Exception=" + e.toString()); + System.err.println("SvcConfig()- IOException caught while trying to read " + svcConfigPath + File.separator + m_svcSettingsFileName + " Exception=" + e.toString()); } }