001 /* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020 package org.apache.directory.server.ldap.handlers.bind.cramMD5; 021 022 023 import org.apache.directory.server.core.CoreSession; 024 import org.apache.directory.server.ldap.LdapSession; 025 import org.apache.directory.server.ldap.handlers.bind.AbstractMechanismHandler; 026 import org.apache.directory.server.ldap.handlers.bind.SaslConstants; 027 import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms; 028 import org.apache.directory.shared.ldap.message.internal.InternalBindRequest; 029 030 import javax.security.auth.callback.CallbackHandler; 031 import javax.security.sasl.Sasl; 032 import javax.security.sasl.SaslServer; 033 import java.util.HashMap; 034 import java.util.Map; 035 036 037 /** 038 * The CRAM-MD Sasl mechanism handler. 039 * 040 * @org.apache.xbean.XBean 041 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 042 * @version $Rev$, $Date$ 043 */ 044 public class CramMd5MechanismHandler extends AbstractMechanismHandler 045 { 046 public SaslServer handleMechanism( LdapSession ldapSession, InternalBindRequest bindRequest ) throws Exception 047 { 048 SaslServer ss = (SaslServer)ldapSession.getSaslProperty( SaslConstants.SASL_SERVER ); 049 050 // TODO - don't use session properties anymore 051 if ( ss == null ) 052 { 053 String saslHost = ldapSession.getLdapServer().getSaslHost(); 054 String userBaseDn = ldapSession.getLdapServer().getSearchBaseDn(); 055 ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost ); 056 ldapSession.putSaslProperty( SaslConstants.SASL_USER_BASE_DN, userBaseDn ); 057 Map<String, String> saslProps = new HashMap<String, String>(); 058 059 CoreSession adminSession = ldapSession.getLdapServer().getDirectoryService().getAdminSession(); 060 061 CallbackHandler callbackHandler = new CramMd5CallbackHandler( ldapSession, adminSession, bindRequest ); 062 063 ss = Sasl.createSaslServer( SupportedSaslMechanisms.CRAM_MD5, SaslConstants.LDAP_PROTOCOL, saslHost, saslProps, callbackHandler ); 064 ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss ); 065 } 066 067 return ss; 068 } 069 070 071 /** 072 * {@inheritDoc} 073 */ 074 public void init( LdapSession ldapSession ) 075 { 076 // Store the host in the ldap session 077 String saslHost = ldapSession.getLdapServer().getSaslHost(); 078 ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost ); 079 } 080 081 082 /** 083 * Remove the SaslServer and Mechanism property. 084 * 085 * @param ldapSession the Ldapsession instance 086 */ 087 public void cleanup( LdapSession ldapSession ) 088 { 089 ldapSession.clearSaslProperties(); 090 } 091 092 }