Made changes so that file operations also work on Windows.
Fixed PwdAuthenticate to do searches of the sub-tree and to validate the password. Still need to make changes in Krb5Authenticate to do sub-tree searches.
This commit is contained in:
parent
d94014d505
commit
4509df3ca8
@ -76,7 +76,7 @@ public class Authenticate implements RpcMethod
|
|||||||
// contains folders for each installed authentication mechanism. The name of these
|
// contains folders for each installed authentication mechanism. The name of these
|
||||||
// folders usually match the name of the Authentication mechanisms.
|
// folders usually match the name of the Authentication mechanisms.
|
||||||
String svcConfigPath = svcConfig.getSetting(SvcConfig.ConfigFolderPath);
|
String svcConfigPath = svcConfig.getSetting(SvcConfig.ConfigFolderPath);
|
||||||
File mechanismsConfigFolder = new File(svcConfigPath + "/auth_mechanisms");
|
File mechanismsConfigFolder = new File(svcConfigPath, "auth_mechanisms");
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
String[] mechanismsConfigFolderObjs = mechanismsConfigFolder.list();
|
String[] mechanismsConfigFolderObjs = mechanismsConfigFolder.list();
|
||||||
@ -95,7 +95,7 @@ public class Authenticate implements RpcMethod
|
|||||||
// Try to obtain the mechanism settings
|
// Try to obtain the mechanism settings
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
AuthMechConfig mechConfig = new AuthMechConfig(mechanismFolder + "/" + m_mechanismSettingsFileName);
|
AuthMechConfig mechConfig = new AuthMechConfig(mechanismFolder + File.separator + m_mechanismSettingsFileName);
|
||||||
|
|
||||||
// Mechanism settings obtained, now instantiate it and place it in our map.
|
// Mechanism settings obtained, now instantiate it and place it in our map.
|
||||||
//
|
//
|
||||||
@ -141,19 +141,19 @@ public class Authenticate implements RpcMethod
|
|||||||
}
|
}
|
||||||
catch (MalformedURLException e)
|
catch (MalformedURLException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (ClassNotFoundException e)
|
catch (ClassNotFoundException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (InstantiationException e)
|
catch (InstantiationException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (IllegalAccessException e)
|
catch (IllegalAccessException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
@ -195,35 +195,35 @@ public class Authenticate implements RpcMethod
|
|||||||
}
|
}
|
||||||
catch (MalformedURLException e)
|
catch (MalformedURLException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- MalformedURLException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (ClassNotFoundException e)
|
catch (ClassNotFoundException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- ClassNotFoundException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (InstantiationException e)
|
catch (InstantiationException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- InstantiationException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (IllegalAccessException e)
|
catch (IllegalAccessException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- IllegalAccessException for " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- No configuration to find class path to load " + mechanismFolder + "/" + m_mechanismSettingsFileName);
|
System.err.println("Authenticate.init()- No configuration to find class path to load " + mechanismFolder + File.separator + m_mechanismSettingsFileName);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- No configured mechanism class name for " + mechanismFolder + "/" + m_mechanismSettingsFileName);
|
System.err.println("Authenticate.init()- No configured mechanism class name for " + mechanismFolder + File.separator + m_mechanismSettingsFileName);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
catch (SecurityException e)
|
catch (SecurityException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- SecurityException accessing " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- SecurityException accessing " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (FileNotFoundException e)
|
catch (FileNotFoundException e)
|
||||||
{
|
{
|
||||||
@ -231,11 +231,11 @@ public class Authenticate implements RpcMethod
|
|||||||
}
|
}
|
||||||
catch (IOException e)
|
catch (IOException e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- IOException reading " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- IOException reading " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
{
|
{
|
||||||
System.err.println("Authenticate.init()- Exception instantiating mechConfig or mechanism " + mechanismFolder + "/" + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
System.err.println("Authenticate.init()- Exception instantiating mechConfig or mechanism " + mechanismFolder + File.separator + m_mechanismSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -92,7 +92,7 @@ public class EnabledSvcsConfig
|
|||||||
// Try to obtain the default authentication policy
|
// Try to obtain the default authentication policy
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
File f = new File(configFolder, "/" + m_authPolicyFileName);
|
File f = new File(configFolder, m_authPolicyFileName);
|
||||||
defaultAuthPolicyData = new byte[(int) f.length()];
|
defaultAuthPolicyData = new byte[(int) f.length()];
|
||||||
FileInputStream inStream = new FileInputStream(f);
|
FileInputStream inStream = new FileInputStream(f);
|
||||||
int bytesRead = inStream.read(defaultAuthPolicyData);
|
int bytesRead = inStream.read(defaultAuthPolicyData);
|
||||||
@ -104,21 +104,21 @@ public class EnabledSvcsConfig
|
|||||||
}
|
}
|
||||||
catch (SecurityException e)
|
catch (SecurityException e)
|
||||||
{
|
{
|
||||||
System.err.println("EnabledSvcsConfig()- SecurityException accessing " + configFolder + "/" + m_authPolicyFileName + " Exception=" + e.toString());
|
System.err.println("EnabledSvcsConfig()- SecurityException accessing " + configFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (FileNotFoundException e)
|
catch (FileNotFoundException e)
|
||||||
{
|
{
|
||||||
System.err.println("EnabledSvcsConfig()- File " + configFolder + "/" + m_authPolicyFileName + " not found");
|
System.err.println("EnabledSvcsConfig()- File " + configFolder + File.separator + m_authPolicyFileName + " not found");
|
||||||
}
|
}
|
||||||
catch (IOException e)
|
catch (IOException e)
|
||||||
{
|
{
|
||||||
System.err.println("EnabledSvcsConfig()- IOException reading " + configFolder + "/" + m_authPolicyFileName + " Exception=" + e.toString());
|
System.err.println("EnabledSvcsConfig()- IOException reading " + configFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Try to obtain the default authentication token settings
|
// Try to obtain the default authentication token settings
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
defaultAuthTokenConfig = new AuthTokenConfig(configFolder + "/" + m_authTokenSettingsFileName);
|
defaultAuthTokenConfig = new AuthTokenConfig(configFolder + File.separator + m_authTokenSettingsFileName);
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
{
|
{
|
||||||
@ -130,7 +130,7 @@ public class EnabledSvcsConfig
|
|||||||
// Try to obtain the default identity token settings
|
// Try to obtain the default identity token settings
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
defaultIdenTokenConfig = new IdenTokenConfig(configFolder + "/" + m_idenTokenSettingsFileName);
|
defaultIdenTokenConfig = new IdenTokenConfig(configFolder + File.separator + m_idenTokenSettingsFileName);
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
{
|
{
|
||||||
@ -143,7 +143,7 @@ public class EnabledSvcsConfig
|
|||||||
// contains folders for each host for which there are enabled services. The folders
|
// contains folders for each host for which there are enabled services. The folders
|
||||||
// in the services config folder must match the DNS name of the hosts where
|
// in the services config folder must match the DNS name of the hosts where
|
||||||
// the enabled services reside.
|
// the enabled services reside.
|
||||||
File servicesConfigFolder = new File(svcConfigPath + "/enabled_services");
|
File servicesConfigFolder = new File(svcConfigPath, "enabled_services");
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
String[] servicesConfigFolderObjs = servicesConfigFolder.list();
|
String[] servicesConfigFolderObjs = servicesConfigFolder.list();
|
||||||
@ -186,7 +186,7 @@ public class EnabledSvcsConfig
|
|||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
File policyFile = new File(serviceFolder, "/" + m_authPolicyFileName);
|
File policyFile = new File(serviceFolder, m_authPolicyFileName);
|
||||||
authPolicyData = new byte[(int) policyFile.length()];
|
authPolicyData = new byte[(int) policyFile.length()];
|
||||||
FileInputStream inStream = new FileInputStream(policyFile);
|
FileInputStream inStream = new FileInputStream(policyFile);
|
||||||
int bytesRead = inStream.read(authPolicyData);
|
int bytesRead = inStream.read(authPolicyData);
|
||||||
@ -198,7 +198,7 @@ public class EnabledSvcsConfig
|
|||||||
}
|
}
|
||||||
catch (SecurityException e)
|
catch (SecurityException e)
|
||||||
{
|
{
|
||||||
System.err.println("EnabledSvcsConfig()- SecurityException accessing " + serviceFolder + "/" + m_authPolicyFileName + " Exception=" + e.toString());
|
System.err.println("EnabledSvcsConfig()- SecurityException accessing " + serviceFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (FileNotFoundException e)
|
catch (FileNotFoundException e)
|
||||||
{
|
{
|
||||||
@ -206,25 +206,25 @@ public class EnabledSvcsConfig
|
|||||||
}
|
}
|
||||||
catch (IOException e)
|
catch (IOException e)
|
||||||
{
|
{
|
||||||
System.err.println("EnabledSvcsConfig()- IOException reading " + serviceFolder + "/" + m_authPolicyFileName + " Exception=" + e.toString());
|
System.err.println("EnabledSvcsConfig()- IOException reading " + serviceFolder + File.separator + m_authPolicyFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
authTokenConfig = new AuthTokenConfig(serviceFolder + "/" + m_authTokenSettingsFileName);
|
authTokenConfig = new AuthTokenConfig(serviceFolder + File.separator + m_authTokenSettingsFileName);
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
{
|
{
|
||||||
System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + "/" + m_authTokenSettingsFileName + " Exception=" + e.toString());
|
System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + File.separator + m_authTokenSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
idenTokenConfig = new IdenTokenConfig(serviceFolder + "/" + m_idenTokenSettingsFileName);
|
idenTokenConfig = new IdenTokenConfig(serviceFolder + File.separator + m_idenTokenSettingsFileName);
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
{
|
{
|
||||||
System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + "/" + m_idenTokenSettingsFileName + " Exception=" + e.toString());
|
System.err.println("EnabledSvcsConfig()- Exception accessing " + serviceFolder + File.separator + m_idenTokenSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Make sure that we have a policy file
|
// Make sure that we have a policy file
|
||||||
|
@ -40,6 +40,7 @@ import javax.naming.directory.InitialDirContext;
|
|||||||
import javax.naming.directory.DirContext;
|
import javax.naming.directory.DirContext;
|
||||||
import javax.naming.directory.Attributes;
|
import javax.naming.directory.Attributes;
|
||||||
import javax.naming.directory.SearchResult;
|
import javax.naming.directory.SearchResult;
|
||||||
|
import javax.naming.directory.SearchControls;
|
||||||
import javax.naming.NamingException;
|
import javax.naming.NamingException;
|
||||||
|
|
||||||
import org.bandit.ia.IAContext;
|
import org.bandit.ia.IAContext;
|
||||||
@ -143,10 +144,13 @@ public class PwdAuthenticate implements AuthMechanism, Serializable
|
|||||||
DirContext ctx = new InitialDirContext(env);
|
DirContext ctx = new InitialDirContext(env);
|
||||||
|
|
||||||
// Now search for a user with a matching surname
|
// Now search for a user with a matching surname
|
||||||
Attributes matchAttrs = new BasicAttributes(true); // ignore attribute name case
|
SearchControls controls = new SearchControls();
|
||||||
matchAttrs.put(new BasicAttribute("cn", pwToken.getUsername()));
|
controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
|
||||||
|
|
||||||
NamingEnumeration answer = ctx.search(m_svcConfig.getSetting(SvcConfig.StartSearchContext), matchAttrs);
|
NamingEnumeration answer = ctx.search(m_svcConfig.getSetting(SvcConfig.StartSearchContext),
|
||||||
|
"(cn={0})",
|
||||||
|
new String[] {pwToken.getUsername()},
|
||||||
|
controls);
|
||||||
|
|
||||||
// Enumerate through the users returned checking the password
|
// Enumerate through the users returned checking the password
|
||||||
while (answer.hasMore())
|
while (answer.hasMore())
|
||||||
@ -160,6 +164,9 @@ public class PwdAuthenticate implements AuthMechanism, Serializable
|
|||||||
env2.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
|
env2.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
|
||||||
env2.put(IAContext.IA_REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
|
env2.put(IAContext.IA_REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
|
||||||
env2.put(IAContext.IA_REALM_SELECTOR, authReqMsg.getRealm());
|
env2.put(IAContext.IA_REALM_SELECTOR, authReqMsg.getRealm());
|
||||||
|
env2.put(Context.SECURITY_AUTHENTICATION, "simple");
|
||||||
|
env2.put(Context.SECURITY_PRINCIPAL, sr.getName());
|
||||||
|
env2.put(Context.SECURITY_CREDENTIALS, pwToken.getPassword());
|
||||||
|
|
||||||
if ((new InitialDirContext(env2)) != null)
|
if ((new InitialDirContext(env2)) != null)
|
||||||
{
|
{
|
||||||
|
@ -36,8 +36,6 @@ import javax.servlet.http.HttpServletRequest;
|
|||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Rpc Servlet Class.
|
* Rpc Servlet Class.
|
||||||
*
|
*
|
||||||
@ -73,10 +71,10 @@ public class Rpc extends javax.servlet.http.HttpServlet implements javax.servlet
|
|||||||
ServletContext context = config.getServletContext();
|
ServletContext context = config.getServletContext();
|
||||||
|
|
||||||
// Read service configuration
|
// Read service configuration
|
||||||
SvcConfig svcConfig = new SvcConfig(context.getRealPath("/"), context.getRealPath("/") + "WEB-INF/conf");
|
SvcConfig svcConfig = new SvcConfig(context.getRealPath(File.separator), context.getRealPath(File.separator) + "WEB-INF/conf");
|
||||||
|
|
||||||
// Read enabled services configuration
|
// Read enabled services configuration
|
||||||
EnabledSvcsConfig enabledSvcsConfig = new EnabledSvcsConfig(context.getRealPath("/") + "WEB-INF/conf");
|
EnabledSvcsConfig enabledSvcsConfig = new EnabledSvcsConfig(context.getRealPath(File.separator) + "WEB-INF/conf");
|
||||||
|
|
||||||
// Create a map to keep track of the Rpc methods
|
// Create a map to keep track of the Rpc methods
|
||||||
m_methodsMap = new HashMap();
|
m_methodsMap = new HashMap();
|
||||||
|
@ -203,7 +203,7 @@ public class SvcConfig
|
|||||||
try
|
try
|
||||||
{
|
{
|
||||||
// Get an input stream to services settings file
|
// Get an input stream to services settings file
|
||||||
File settingsFile = new File(svcConfigPath + "/" + m_svcSettingsFileName);
|
File settingsFile = new File(svcConfigPath, m_svcSettingsFileName);
|
||||||
FileInputStream inStream = new FileInputStream(settingsFile);
|
FileInputStream inStream = new FileInputStream(settingsFile);
|
||||||
|
|
||||||
// Parse the file
|
// Parse the file
|
||||||
@ -227,15 +227,15 @@ public class SvcConfig
|
|||||||
}
|
}
|
||||||
catch (SecurityException e)
|
catch (SecurityException e)
|
||||||
{
|
{
|
||||||
System.err.println("SvcConfig()- SecurityException caught while accessing " + svcConfigPath + "/" + m_svcSettingsFileName + " Exception=" + e.toString());
|
System.err.println("SvcConfig()- SecurityException caught while accessing " + svcConfigPath + File.separator + m_svcSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
catch (FileNotFoundException e)
|
catch (FileNotFoundException e)
|
||||||
{
|
{
|
||||||
System.err.println("SvcConfig()- File " + svcConfigPath + "/" + m_svcSettingsFileName + " not found");
|
System.err.println("SvcConfig()- File " + svcConfigPath + File.separator + m_svcSettingsFileName + " not found");
|
||||||
}
|
}
|
||||||
catch (IOException e)
|
catch (IOException e)
|
||||||
{
|
{
|
||||||
System.err.println("SvcConfig()- IOException caught while trying to read " + svcConfigPath + "/" + m_svcSettingsFileName + " Exception=" + e.toString());
|
System.err.println("SvcConfig()- IOException caught while trying to read " + svcConfigPath + File.separator + m_svcSettingsFileName + " Exception=" + e.toString());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user