Examples of org.nasutekds.server.api.ClientConnection

org.nasutekds.server.api.ClientConnection
This class defines the set of methods and structures that must be implemented by a Directory Server client connection.

  {
    // If there is a delete operation, then make sure that the associated user
    // has both the CONFIG_READ and CONFIG_WRITE privileges.
    if (deleteOperation != null)
    {
      ClientConnection clientConnection = deleteOperation.getClientConnection();
      if (! (clientConnection.hasAllPrivileges(CONFIG_READ_AND_WRITE,
                                               deleteOperation)))
      {
        Message message = ERR_CONFIG_FILE_DELETE_INSUFFICIENT_PRIVILEGES.get();
        throw new DirectoryException(ResultCode.INSUFFICIENT_ACCESS_RIGHTS,
                                     message);

View Full Code Here

    // has both the CONFIG_READ and CONFIG_WRITE privileges.  Also, if the
    // operation targets the set of root privileges then make sure the user has
    // the PRIVILEGE_CHANGE privilege.
    if (modifyOperation != null)
    {
      ClientConnection clientConnection = modifyOperation.getClientConnection();
      if (! (clientConnection.hasAllPrivileges(CONFIG_READ_AND_WRITE,
                                               modifyOperation)))
      {
        Message message = ERR_CONFIG_FILE_MODIFY_INSUFFICIENT_PRIVILEGES.get();
        throw new DirectoryException(ResultCode.INSUFFICIENT_ACCESS_RIGHTS,
                                     message);
      }


      AttributeType privType =
           DirectoryServer.getAttributeType(ATTR_DEFAULT_ROOT_PRIVILEGE_NAME,
                                            true);
      for (Modification m : modifyOperation.getModifications())
      {
        if (m.getAttribute().getAttributeType().equals(privType))
        {
          if (! clientConnection.hasPrivilege(Privilege.PRIVILEGE_CHANGE,
                                              modifyOperation))
          {
            Message message =
                ERR_CONFIG_FILE_MODIFY_PRIVS_INSUFFICIENT_PRIVILEGES.get();
            throw new DirectoryException(ResultCode.INSUFFICIENT_ACCESS_RIGHTS,

View Full Code Here

  {
    // If there is a modify DN operation, then make sure that the associated
    // user has both the CONFIG_READ and CONFIG_WRITE privileges.
    if (modifyDNOperation != null)
    {
      ClientConnection clientConnection =
           modifyDNOperation.getClientConnection();
      if (! (clientConnection.hasAllPrivileges(CONFIG_READ_AND_WRITE,
                                               modifyDNOperation)))
      {
        Message message = ERR_CONFIG_FILE_MODDN_INSUFFICIENT_PRIVILEGES.get();
        throw new DirectoryException(ResultCode.INSUFFICIENT_ACCESS_RIGHTS,
                                     message);

View Full Code Here

  @Override()
  public void search(SearchOperation searchOperation)
         throws DirectoryException
  {
    // Make sure that the associated user has the CONFIG_READ privilege.
    ClientConnection clientConnection = searchOperation.getClientConnection();
    if (! clientConnection.hasPrivilege(Privilege.CONFIG_READ, searchOperation))
    {
      Message message = ERR_CONFIG_FILE_SEARCH_INSUFFICIENT_PRIVILEGES.get();
      throw new DirectoryException(ResultCode.INSUFFICIENT_ACCESS_RIGHTS,
                                   message);
    }

View Full Code Here

    setProcessingStartTime();


    // Log the bind request message.
    logBindRequest(this);


    ClientConnection clientConnection = getClientConnection();


    // Wipe out any existing authentication for the client connection and create
    // a placeholder that will be used if the bind is successful.
    clientConnection.setUnauthenticated();


    // Abandon any operations that may be in progress for the client.
    Message cancelReason = INFO_CANCELED_BY_BIND_REQUEST.get();
    CancelRequest cancelRequest = new CancelRequest(true, cancelReason);
    clientConnection.cancelAllOperationsExcept(cancelRequest, getMessageID());




    // Get the plugin config manager that will be used for invoking plugins.
    PluginConfigManager pluginConfigManager =
        DirectoryServer.getPluginConfigManager();




    // This flag is set to true as soon as a workflow has been executed.
    boolean workflowExecuted = false;




    try
    {
      // Invoke the pre-parse bind plugins.
      PluginResult.PreParse preParseResult =
          pluginConfigManager.invokePreParseBindPlugins(this);
      if (!preParseResult.continueProcessing())
      {
        setResultCode(preParseResult.getResultCode());
        appendErrorMessage(preParseResult.getErrorMessage());
        setMatchedDN(preParseResult.getMatchedDN());
        setReferralURLs(preParseResult.getReferralURLs());
        return;
      }




      // Process the bind DN to convert it from the raw form as provided by the
      // client into the form required for the rest of the bind processing.
      DN bindDN = getBindDN();
      if (bindDN == null){
        return;
      }


      // If this is a simple bind
      // Then check wether the bind DN is actually one of the alternate root DNs
      // defined in the server.  If so, then replace it with the actual DN
      // for that user.
      switch (getAuthenticationType())
      {
        case SIMPLE:
          DN actualRootDN = DirectoryServer.getActualRootBindDN(bindDN);
          if (actualRootDN != null)
          {
            bindDN = actualRootDN;
          }
      }




      // Special case to manage RootDNs
      // RootDNs are stored in cn=config but this workflow is not
      // available through non-admin network groups.
      // So if the bind DN is in cn=config, we directly retrieve
      // the workflow handling cn=config
      // FIXME: it would be better to store RootDNs in a separate backend.
      // Issue #3502 has been logged to track this request.
      boolean isInConfig;
      try {
        isInConfig = bindDN.isDescendantOf(DN.decode(DN_CONFIG_ROOT));
      } catch (DirectoryException ex) {
        // can not happen
        isInConfig = false;
      }


      Workflow workflow;
      if (isInConfig) {
        workflow = WorkflowImpl.getWorkflow("__config.ldif__#cn=config");
      } else {
        // Retrieve the network group attached to the client connection
        // and get a workflow to process the operation.
        NetworkGroup ng = getClientConnection().getNetworkGroup();
        workflow = ng.getWorkflowCandidate(bindDN);
      }
      if (workflow == null)
      {
        // We have found no workflow for the requested base DN, just return
        // a no such entry result code and stop the processing.
        updateOperationErrMsgAndResCode();
        return;
      }
      workflow.execute(this);
      workflowExecuted = true;


    }
    catch(CanceledOperationException coe)
    {
      // This shouldn't happen for bind operations. Just cancel anyways
      if (debugEnabled())
      {
        TRACER.debugCaught(DebugLogLevel.ERROR, coe);
      }


      setResultCode(ResultCode.CANCELED);


      appendErrorMessage(cancelRequest.getCancelReason());
    }
    finally
    {
      // Stop the processing timer.
      setProcessingStopTime();


      // Log the bind response.
      logBindResponse(this);


      // Send the bind response to the client.
      clientConnection.sendResponse(this);


      // If the bind processing is finished, then unset the "bind in progress"
      // flag to allow other operations to be processed on the connection.
      if (getResultCode() != ResultCode.SASL_BIND_IN_PROGRESS)
      {
        clientConnection.finishSaslBind();
      }


      clientConnection.finishBindOrStartTLS();


      // Invoke the post-response bind plugins.
      invokePostResponsePlugins(workflowExecuted);
    }
  }

View Full Code Here

  @DataProvider(name = "testData")
  public Object[][] createTestData() throws Exception
  {
    AddressMask matchAnything = AddressMask.decode("*.*.*.*");
    AddressMask matchNothing = AddressMask.decode("0.0.0.0");
    ClientConnection client =
        new MockClientConnection(12345, false, DN.nullDN(),
            AllowedAuthMethod.ANONYMOUS);


    Collection<AddressMask> emptyMasks = Collections.emptySet();

View Full Code Here

  @Test(dataProvider = "testData")
  public void testMatches(DN clientBindDN,
      Collection<PatternDN> allowedDNPatterns, boolean expectedResult)
      throws Exception
  {
    ClientConnection client =
        new MockClientConnection(12345, false, clientBindDN,
            AllowedAuthMethod.SIMPLE);


    BindDNConnectionCriteria criteria =
        BindDNConnectionCriteria.create(allowedDNPatterns);

View Full Code Here

  @Test(dataProvider = "testData")
  public void testWillMatchAfterBind(DN clientBindDN,
      Collection<PatternDN> allowedDNPatterns, boolean expectedResult)
      throws Exception
  {
    ClientConnection client =
        new MockClientConnection(12345, false, DN.nullDN(),
            AllowedAuthMethod.ANONYMOUS);


    BindDNConnectionCriteria criteria =
        BindDNConnectionCriteria.create(allowedDNPatterns);

View Full Code Here

    // Register the workflow with the network group.
    networkGroup1.registerWorkflow(workflow1);
    networkGroup2.registerWorkflow(workflow2);


    // Create a new ClientConnection
    ClientConnection connection = new InternalClientConnection(DN.NULL_DN);


    // Find a networkGroup for this connection
    // As the network groups define no criteria, the highest priority
    // must be chosen
    NetworkGroup ng = NetworkGroup.findMatchingNetworkGroup(connection);

View Full Code Here

    networkGroup3.register();
    networkGroup3.setConnectionCriteria(authCriteria3);
    networkGroup3.setNetworkGroupPriority(prio3);


    // Create a new client connection, with anonymous authentication
    ClientConnection connection1 = new InternalClientConnection(DN.NULL_DN);
    NetworkGroup ng = NetworkGroup.findMatchingNetworkGroup(connection1);
    assertEquals(ng, networkGroup1);


    // Use simple bind on this connection
    Entry userEntry = DirectoryServer.getEntry(
            DN.decode("cn=Directory Manager, cn=Root DNs, cn=config"));
    ByteString password = ByteString.valueOf("password");
    ClientConnection connection2 = new InternalClientConnection(
          new AuthenticationInfo(userEntry, userEntry.getDN(), password, true));
    ng = NetworkGroup.findMatchingNetworkGroup(connection2);
    assertEquals(ng, networkGroup2);


    // Use SASL on this connection
    ClientConnection connection3 = new InternalClientConnection(
            new AuthenticationInfo(userEntry, "external", ByteString.valueOf(
                "cn=Directory Manager, cn=Root DNs, cn=config"), true));
    ng = NetworkGroup.findMatchingNetworkGroup(connection3);
    assertEquals(ng, networkGroup3);

View Full Code Here

0 1 2 3 4 5 6

TOP

Related Classes of org.nasutekds.server.api.ClientConnection

org.nasutekds.messages.Message

org.nasutekds.server.backends.SchemaBackend

org.nasutekds.server.config.JMXMBean

org.nasutekds.server.core.BindOperationBasis

org.nasutekds.server.core.DirectoryServer

org.nasutekds.server.core.networkgroups.ANDConnectionCriteriaTest

org.nasutekds.server.core.networkgroups.AuthMethodConnectionCriteriaTest

org.nasutekds.server.core.networkgroups.BindDNConnectionCriteriaTest

org.nasutekds.server.core.networkgroups.IPConnectionCriteriaTest

org.nasutekds.server.core.networkgroups.NetworkGroupPlugin

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.