geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Modifications due to continue development and re-structuring of

Browse Source 
auth_token.
This commit is contained in:
Juan Carlos Luciani
2006-04-26 22:05:29 +00:00
parent 51da351af7
commit abacf42fa4
15 changed files with 79 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
auth_token/server/CasaAuthServer/.classpath
View File

@@ -1,8 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" path="src"/>
<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.web.container"/>
<classpathentry kind="lib" path="/usr/share/java/servletapi5.jar"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
<classpathentry kind="lib" path="/usr/share/java/servletapi5.jar"/>
<classpathentry kind="lib" path="identity-abstraction.jar"/>
<classpathentry kind="output" path="build/classes"/>
</classpath>

7
auth_token/server/CasaAuthServer/.project
View File

@@ -32,4 +32,11 @@
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
</natures>
<linkedResources>
<link>
<name>identity-abstraction.jar</name>
<type>1</type>
<location>/home/jluciani/dev-local/bandit/trunk/IdentityAbstraction/build/identity-abstraction.jar</location>
</link>
</linkedResources>
</projectDescription>

13
auth_token/server/CasaAuthServer/.settings/.component
View File

@@ -1,9 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<project-modules id="moduleCoreId">
<wb-module deploy-name="CasaAuthServer">
<wb-resource source-path="/WebContent" deploy-path="/"/>
<property name="context-root" value="CasaAuthServer"/>
<property name="java-output-path" value="/build/classes/"/>
</wb-module>
<wb-module deploy-name="CasaAuthServer">
<wb-resource deploy-path="/" source-path="/WebContent"/>
<wb-resource deploy-path="/WEB-INF/classes" source-path="/build/classes"/>
<wb-resource deploy-path="/WEB-INF/lib/identity-abstraction.jar" source-path="/identity-abstraction.jar"/>
<property name="context-root" value="CasaAuthServer"/>
<property name="java-output-path" value="/build/classes/"/>
</wb-module>
</project-modules>

12
auth_token/server/CasaAuthServer/.settings/org.eclipse.jdt.core.prefs
View File

@@ -1,11 +1,11 @@
#Tue Mar 21 11:49:00 MST 2006
#Tue Apr 11 11:04:50 MDT 2006
eclipse.preferences.version=1
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.2
org.eclipse.jdt.core.compiler.compliance=1.4
org.eclipse.jdt.core.compiler.problem.assertIdentifier=warning
org.eclipse.jdt.core.compiler.problem.enumIdentifier=warning
org.eclipse.jdt.core.compiler.source=1.3
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5
org.eclipse.jdt.core.compiler.compliance=1.5
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.source=1.5
org.eclipse.jdt.core.formatter.align_type_members_on_columns=false
org.eclipse.jdt.core.formatter.alignment_for_arguments_in_allocation_expression=16
org.eclipse.jdt.core.formatter.alignment_for_arguments_in_enum_constant=16

4
auth_token/server/CasaAuthServer/.settings/org.eclipse.jst.common.project.facet.core.prefs
View File

@@ -1,3 +1,3 @@
#Thu Mar 09 09:05:25 MST 2006
classpath.helper/org.eclipse.jdt.launching.JRE_CONTAINER\:\:org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType\:\:java-1.4.2-sun-1.4.2.10/owners=jst.java\:1.4
#Tue Apr 11 11:50:34 MDT 2006
classpath.helper/org.eclipse.jdt.launching.JRE_CONTAINER\:\:org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType\:\:java-1.5.0-sun-1.5.0/owners=jst.java\:5.0
eclipse.preferences.version=1

4
auth_token/server/CasaAuthServer/.settings/org.eclipse.wst.common.project.facet.core.xml
View File

@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<faceted-project>
<fixed facet="jst.web"/>
<fixed facet="jst.java"/>
<installed facet="jst.java" version="1.4"/>
<fixed facet="jst.web"/>
<installed facet="jst.web" version="2.4"/>
<installed facet="jst.java" version="5.0"/>
</faceted-project>

11
auth_token/server/CasaAuthServer/src/com/novell/casa/authserver/AuthToken.java
View File

@@ -350,7 +350,7 @@ public class AuthToken {
m_identityToken.append(identityToken.getEncodedToken());
m_identityTokenType = identityToken.getProviderType();
m_lifetime = "tbd";
m_lifetime = "56"; // tbd
// Generate a signature
// tbd - Over identToken, identToken type, and lifetime data.
@@ -364,9 +364,9 @@ public class AuthToken {
sb.append("<" + ProtoDefs.authTokenElementName + ">" + "\r\n");
sb.append("<" + ProtoDefs.signatureElementName + ">" + m_signature + "</" + ProtoDefs.signatureElementName + ">" + "\r\n");
sb.append("<" + ProtoDefs.lifetimeElementName + ">" + m_lifetime + "</" + ProtoDefs.lifetimeElementName + ">" + "\r\n");
sb.append("<" + ProtoDefs.identTokenElementName + " mode=\"escaped\">"
sb.append("<" + ProtoDefs.identTokenElementName + ">"
+ "<" + ProtoDefs.typeElementName + ">" + m_identityTokenType + "</" + ProtoDefs.typeElementName + ">"
+ "<![CDATA["+ m_identityToken + "]]>" + "</" + ProtoDefs.identTokenElementName + ">" + "\r\n");
+ m_identityToken + "</" + ProtoDefs.identTokenElementName + ">" + "\r\n");
sb.append("</" + ProtoDefs.authTokenElementName + ">" + "\r\n");
// Save the token
@@ -441,10 +441,11 @@ public class AuthToken {
{
return m_identityToken.toString();
}
/*
* Returns the identity token provider type.
* Returns the identity token type.
*/
public String getIdentityTokenProviderType()
public String getIdentityTokenType()
{
return m_identityTokenType;
}

17
auth_token/server/CasaAuthServer/src/com/novell/casa/authserver/CasaIdentityToken.java
View File

@@ -41,6 +41,7 @@ import org.xml.sax.SAXException;
import org.xml.sax.XMLReader;
import org.xml.sax.helpers.XMLReaderFactory;
import org.bandit.ia.IAContext;
/*
* CasaIdentityToken Class.
@@ -494,21 +495,19 @@ public class CasaIdentityToken implements IdentityToken
m_sourceUrl = "ldap://jcserver.provo.novell.com:389"; // tbd - Obtain from config or Higgins
m_service = targetService;
m_host = targetHost;
try
{
// tbd - Read parameters from configuration and leverage Higgins.
//
// Open a directory context and use it to read the identity attributes.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://jcserver.provo.novell.com:389");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=admin,o=novell");
env.put(Context.SECURITY_CREDENTIALS, "novell");
env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
env.put(IAContext.IA_REALM_CONFIG_LOCATION, "/home/jluciani/workspace/IdentityAbstraction/realms.xml");
// env.put(IAContext.IA_REALM_SELECTOR, "");
DirContext ctx = new InitialDirContext(env);
// Setup a string buffer for building the IdentityToken, notice for now
// we are not going to wrap the identity token.
StringBuffer sb = new StringBuffer();
@@ -561,7 +560,7 @@ public class CasaIdentityToken implements IdentityToken
catch (NamingException e)
{
// tbd - Log the event???
System.err.println("CasaIdentityToken.initialize()- Naming Exception on Proxy User: " + e.getExplanation());
System.err.println("CasaIdentityToken.initialize()- Exception: " + e.getExplanation());
}
catch (Exception e)
{

15
auth_token/server/CasaAuthServer/src/com/novell/casa/authserver/Krb5Authenticate.java
View File

@@ -49,6 +49,7 @@ import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;
import org.bandit.ia.IAContext;
/**
* Krb5Authenticate Servlet Class.
@@ -192,18 +193,16 @@ import org.ietf.jgss.Oid;
// Open a directory context and use it to identify the users
// associated with the specified surname.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://jcserver.provo.novell.com:389");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=admin,o=novell");
env.put(Context.SECURITY_CREDENTIALS, "novell");
env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
env.put(IAContext.IA_REALM_CONFIG_LOCATION, "/home/jluciani/workspace/IdentityAbstraction/realms.xml");
// env.put(IAContext.IA_REALM_SELECTOR, "");
DirContext ctx = new InitialDirContext(env);
// Now search for a user with a matching kerberos principal name
Attributes matchAttrs = new BasicAttributes(true); // ignore attribute name case
matchAttrs.put(new BasicAttribute("krbPrincipalName", krb5Token.getPrincipalName()));
NamingEnumeration answer = ctx.search("o=novell", matchAttrs);
// Proceed based on the result of the search
@@ -241,7 +240,7 @@ import org.ietf.jgss.Oid;
{
// tbd
// Log the error
System.err.println("Krb5Authenticate.doPost()- Naming Exception on Proxy User: " + e.getExplanation());
System.err.println("Krb5Authenticate.doPost()- Exception caught: " + e.getExplanation());
// Write out the response
try
@@ -258,7 +257,7 @@ import org.ietf.jgss.Oid;
catch (Exception e)
{
// tbd
System.err.println("Krb5Authenticate.doPost()- Exception caught: " + e.toString());
System.err.println("Krb5Authenticate.doPost()- Exception: " + e.toString());
// Write out the response
try

30
auth_token/server/CasaAuthServer/src/com/novell/casa/authserver/PwdAuthenticate.java
View File

@@ -45,6 +45,8 @@ import javax.naming.directory.Attributes;
import javax.naming.directory.SearchResult;
import javax.naming.NamingException;
import org.bandit.ia.IAContext;
/**
* PwdAuthenticate Servlet Class.
@@ -142,25 +144,23 @@ import javax.naming.NamingException;
// Read and parse the AuthReqMsg sent from the client
InputStream inStream = request.getInputStream();
AuthReqMsg authReqMsg = new AuthReqMsg(inStream);
// Now parse the PW Token
PwToken pwToken = new PwToken(authReqMsg.getAuthMechToken());
// Open a directory context and use it to identify the users
// associated with the specified surname.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://jcserver.provo.novell.com:389");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=admin,o=novell");
env.put(Context.SECURITY_CREDENTIALS, "novell");
env.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
env.put(IAContext.IA_REALM_CONFIG_LOCATION, "/home/jluciani/workspace/IdentityAbstraction/realms.xml");
// env.put(IAContext.IA_REALM_SELECTOR, "");
DirContext ctx = new InitialDirContext(env);
// Now search for a user with a matching surname
Attributes matchAttrs = new BasicAttributes(true); // ignore attribute name case
matchAttrs.put(new BasicAttribute("cn", pwToken.getUsername()));
NamingEnumeration answer = ctx.search("o=novell", matchAttrs);
// Enumerate through the users returned checking the password
@@ -170,16 +170,20 @@ import javax.naming.NamingException;
SearchResult sr = (SearchResult)answer.next();
System.err.println(sr.getName());
// Open a directory context for the user as a way of verifying its password
try
{
Hashtable env2 = new Hashtable();
env2.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env2.put(Context.PROVIDER_URL, "ldap://jcserver.provo.novell.com:389");
env2.put(Context.SECURITY_AUTHENTICATION, "simple");
env2.put(Context.SECURITY_PRINCIPAL, sr.getName() + ",o=novell");
env2.put(Context.SECURITY_CREDENTIALS, pwToken.getPassword());
env2.put(Context.INITIAL_CONTEXT_FACTORY, "org.bandit.ia.IAInitialCtxFactory");
env2.put(IAContext.IA_REALM_CONFIG_LOCATION, "/home/jluciani/workspace/IdentityAbstraction/realms.xml");
// env2.put(IAContext.IA_REALM_SELECTOR, "");
// env2.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
// env2.put(Context.PROVIDER_URL, "ldap://jcserver.provo.novell.com:389");
// env2.put(Context.SECURITY_AUTHENTICATION, "simple");
// env2.put(Context.SECURITY_PRINCIPAL, sr.getName() + ",o=novell");
// env2.put(Context.SECURITY_CREDENTIALS, pwToken.getPassword());
if ((new InitialDirContext(env2)) != null)
{