001 /* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020 package org.apache.directory.server.ldap.handlers.bind; 021 022 023 import org.apache.directory.server.core.CoreSession; 024 import org.apache.directory.server.core.interceptor.context.BindOperationContext; 025 import org.apache.directory.server.ldap.LdapProtocolUtils; 026 import org.apache.directory.server.ldap.LdapSession; 027 import org.apache.directory.shared.ldap.exception.LdapAuthenticationException; 028 import org.apache.directory.shared.ldap.exception.LdapException; 029 import org.apache.directory.shared.ldap.exception.LdapOperationException; 030 import org.apache.directory.shared.ldap.message.ResultCodeEnum; 031 import org.apache.directory.shared.ldap.message.internal.InternalBindRequest; 032 import org.apache.directory.shared.ldap.message.internal.InternalBindResponse; 033 import org.apache.directory.shared.ldap.message.internal.InternalLdapResult; 034 import org.apache.directory.shared.ldap.name.DN; 035 import org.apache.directory.shared.ldap.util.ExceptionUtils; 036 import org.slf4j.Logger; 037 import org.slf4j.LoggerFactory; 038 039 import javax.security.sasl.SaslServer; 040 041 042 /** 043 * A Dummy mechanism handler for Simple mechanism: not really used but needed 044 * for the mechanism map. 045 * 046 * @org.apache.xbean.XBean 047 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 048 * @version $$Rev$$ 049 */ 050 public class SimpleMechanismHandler implements MechanismHandler 051 { 052 /** The logger instance */ 053 private static final Logger LOG = LoggerFactory.getLogger( SimpleMechanismHandler.class ); 054 055 056 public SaslServer handleMechanism( LdapSession ldapSession, InternalBindRequest bindRequest ) throws Exception 057 { 058 // create a new Bind context, with a null session, as we don't have 059 // any context yet. 060 BindOperationContext opContext = new BindOperationContext( null ); 061 062 // Stores the DN of the user to check, and its password 063 opContext.setDn( bindRequest.getName() ); 064 opContext.setCredentials( bindRequest.getCredentials() ); 065 066 // Stores the request controls into the operation context 067 LdapProtocolUtils.setRequestControls( opContext, bindRequest ); 068 069 try 070 { 071 CoreSession adminSession = ldapSession.getLdapServer().getDirectoryService().getAdminSession(); 072 073 // And call the OperationManager bind operation. 074 adminSession.getDirectoryService().getOperationManager().bind( opContext ); 075 076 // As a result, store the created session in the Core Session 077 ldapSession.setCoreSession( opContext.getSession() ); 078 079 // Return the successful response 080 InternalBindResponse response = ( InternalBindResponse ) bindRequest.getResultResponse(); 081 response.getLdapResult().setResultCode( ResultCodeEnum.SUCCESS ); 082 LdapProtocolUtils.setResponseControls( opContext, response ); 083 084 // Write it back to the client 085 ldapSession.getIoSession().write( response ); 086 LOG.debug( "Returned SUCCESS message: {}.", response ); 087 } 088 catch ( LdapException e ) 089 { 090 // Something went wrong. Write back an error message 091 ResultCodeEnum code = null; 092 InternalLdapResult result = bindRequest.getResultResponse().getLdapResult(); 093 094 if ( e instanceof LdapOperationException ) 095 { 096 code = ( ( LdapOperationException ) e ).getResultCode(); 097 result.setResultCode( code ); 098 } 099 else 100 { 101 code = ResultCodeEnum.getBestEstimate( e, bindRequest.getType() ); 102 result.setResultCode( code ); 103 } 104 105 String msg = "Bind failed: " + e.getLocalizedMessage(); 106 107 if ( LOG.isDebugEnabled() ) 108 { 109 msg += ":\n" + ExceptionUtils.getStackTrace( e ); 110 msg += "\n\nBindRequest = \n" + bindRequest.toString(); 111 } 112 113 DN name = null; 114 115 if ( e instanceof LdapAuthenticationException ) 116 { 117 name = ((LdapAuthenticationException)e).getResolvedDn(); 118 } 119 120 if ( ( name != null ) 121 && ( ( code == ResultCodeEnum.NO_SUCH_OBJECT ) || ( code == ResultCodeEnum.ALIAS_PROBLEM ) 122 || ( code == ResultCodeEnum.INVALID_DN_SYNTAX ) || ( code == ResultCodeEnum.ALIAS_DEREFERENCING_PROBLEM ) ) ) 123 { 124 result.setMatchedDn( new DN( name ) ); 125 } 126 127 result.setErrorMessage( msg ); 128 ldapSession.getIoSession().write( bindRequest.getResultResponse() ); 129 } 130 131 return null; 132 } 133 134 135 /** 136 * {@inheritDoc} 137 */ 138 public void init( LdapSession ldapSession ) 139 { 140 // Do nothing 141 } 142 143 144 /** 145 * {@inheritDoc} 146 */ 147 public void cleanup( LdapSession ldapSession ) 148 { 149 ldapSession.clearSaslProperties(); 150 } 151 }