Added a retry limit for dealing with communication exceptions.

Updated the README to reflect the new mechanism info changes for
the Krb5 and Pwd authentication mechanisms.

CASA-auth-token/server-java/Svc/README

@@ -184,12 +184,12 @@ The following is an example auth.policy file:
 	<auth_source>
 		<realm>CorpTree</realm>
 		<mechanism>Krb5Authenticate</mechanism>
-		<mechanism_info>host/tokenserver.company.novell.com@KRB_REALM</mechanism_info>
+		<mechanism_info>SVC_PRINCIPAL=host/tokenserver.company.novell.com@KRB_REALM</mechanism_info>
 	</auth_source>
 	<auth_source>
 		<realm>CorpTree</realm>
 		<mechanism>PwdAuthenticate</mechanism>
-		<mechanism_info></mechanism_info>
+		<mechanism_info>REALM_CREDENTIALS_ONLY=true</mechanism_info>
 	</auth_source>
 </auth_policy>
 
@@ -212,10 +212,16 @@ Note the following about the sample auth.policy file:
   
 - The name of the Krb5 Authentication mechanism is "Krb5Authenticate". This mechanism
   defaults the service principal name to host/hostname@KERBEROS_REALM. You can use a
-  different service principal name under the mechanism_info key.
+  different service principal name by setting the SVC_PRINCIPAL setting equal to it
+  under the mechanism_info key. Notice that mechanism info settings for this mechanism
+  are separated using a semicolon and no-white space is allowed.
   
 - The name of the username/password authentication mechanism is "PwdAuthenticate" and
-  it does not require any information to be included under the mechanism_info key.
+  it does not require any information to be included under the mechanism_info key. You
+  can specify to the client to only utilize credentials for the specified realm by
+  setting the mechanism info setting REALM_CREDENTIALS_ONLY equal to "true". Notice that
+  mechanism info settings for this mechanism are separated using a semicolon and no-white
+  space is allowed.
   
 The authtoken.settings file contains settings that should be applied to authentication
 tokens issued to authenticate to the service.

CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/CasaIdentityToken.java

@@ -42,7 +42,6 @@ import org.xml.sax.SAXException;
 import org.xml.sax.XMLReader;
 import org.xml.sax.helpers.XMLReaderFactory;
 
-import org.bandit.ia.IAContext;
 import org.bandit.util.config.Realm;
 import org.apache.log4j.Logger;
 
@@ -716,7 +715,8 @@ public final class CasaIdentityToken implements IdentityToken
          env.put(Realm.REALM_CONFIG_LOCATION, svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
          env.put(Realm.REALM_SELECTOR, sourceName);
 
-         while (true)
+         int retries = 3;
+         while (retries != 0)
          {
             // Instantiate DirContext watching for an exception since it
             // would be an indication that we should not retry the
@@ -801,6 +801,7 @@ public final class CasaIdentityToken implements IdentityToken
                m_log.warn("initialize()- ServiceUnavailable exception caught looking up attributes, msg = " + e.getMessage());
 
                // Retry the operation
+               retries --;
                continue;
             }
 

CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/Krb5Authenticate.java

@@ -43,7 +43,6 @@ import org.ietf.jgss.GSSManager;
 import org.ietf.jgss.GSSName;
 import org.ietf.jgss.Oid;
 
-import org.bandit.ia.IAContext;
 import org.bandit.util.config.Realm;
 import org.apache.log4j.Logger;
 
@@ -213,7 +212,8 @@ public final class Krb5Authenticate implements AuthMechanism, Serializable
          env.put(Realm.REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
          env.put(Realm.REALM_SELECTOR, authReqMsg.getRealm());
 
-         while (true)
+         int retries = 3;
+         while (retries != 0)
          {
             // Instantiate DirContext watching for an exception since it
             // would be an indication that we should not retry the
@@ -305,6 +305,7 @@ public final class Krb5Authenticate implements AuthMechanism, Serializable
                m_log.warn("invoke()- ServiceUnavailable exception caught looking up attributes, msg = " + e.getMessage());
 
                // Retry the operation
+               retries --;
                continue;
             }
 

CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/PwdAuthenticate.java

@@ -39,7 +39,6 @@ import javax.naming.directory.SearchControls;
 import javax.naming.NamingException;
 import javax.naming.ServiceUnavailableException;
 
-import org.bandit.ia.IAContext;
 import org.bandit.util.config.Realm;
 import org.apache.log4j.Logger;
 
@@ -188,7 +187,8 @@ public final class PwdAuthenticate implements AuthMechanism, Serializable
          env.put(Realm.REALM_CONFIG_LOCATION, m_svcConfig.getSetting(SvcConfig.IdentityAbstractionConfigFile));
          env.put(Realm.REALM_SELECTOR, authReqMsg.getRealm());
 
-         while (true)
+         int retries = 3;
+         while (retries != 0)
          {
             // Instantiate DirContext watching for an exception since it
             // would be an indication that we should not retry the
@@ -300,6 +300,7 @@ public final class PwdAuthenticate implements AuthMechanism, Serializable
                m_log.warn("invoke()- ServiceUnavailable exception caught looking up attributes, msg = " + e.getMessage());
 
                // Retry the operation
+               retries --;
                continue;
             }
 

CASA-auth-token/server-java/Svc/src/com/novell/casa/authtoksvc/RealmsInfo.java

@@ -28,13 +28,11 @@ import org.bandit.util.config.gen.*;
 
 import javax.naming.Context;
 import javax.naming.NamingEnumeration;
-import javax.naming.CommunicationException;
 import javax.naming.ServiceUnavailableException;
 import javax.naming.directory.DirContext;
 import javax.naming.directory.InitialDirContext;
 import javax.naming.directory.Attributes;
 
-import org.bandit.ia.IAContext;
 import org.bandit.util.config.Realm;
 import org.apache.log4j.Logger;
 
@@ -137,7 +135,7 @@ public class RealmsInfo
                         else if (env[iii].getProp().equalsIgnoreCase("com.novell.casa.authtoksvc.directory_type"))
                         {
                            // We are dealing with a directory type, decode it and record the result.
-                           String realmDirectoryType = env[iii].getValue();;
+                           String realmDirectoryType = env[iii].getValue();
                            if (realmDirectoryType.equalsIgnoreCase("eDir"))
                            {
                               realmInfo.m_keyValueMap.put(RealmType, eDirectoryRealm);
@@ -184,7 +182,8 @@ public class RealmsInfo
                   env.put(Realm.REALM_CONFIG_LOCATION, realmConfigFilePath);
                   env.put(Realm.REALM_SELECTOR, realm.getId());
 
-                  while (true)                             
+                  int retries = 3;
+                  while (retries != 0)
                   {
                      // Instantiate DirContext watching for an exception since it
                      // would be an indication that we should not retry the
@@ -224,6 +223,7 @@ public class RealmsInfo
                         m_log.warn("Constructor()- ServiceUnavailable exception caught looking up attributes, msg = " + e.getMessage());
 
                         // Retry the operation
+                        retries --;
                         continue;
                      }
                      catch (Exception e)