001    /*
002     *  Licensed to the Apache Software Foundation (ASF) under one
003     *  or more contributor license agreements.  See the NOTICE file
004     *  distributed with this work for additional information
005     *  regarding copyright ownership.  The ASF licenses this file
006     *  to you under the Apache License, Version 2.0 (the
007     *  "License"); you may not use this file except in compliance
008     *  with the License.  You may obtain a copy of the License at
009     *
010     *    http://www.apache.org/licenses/LICENSE-2.0
011     *
012     *  Unless required by applicable law or agreed to in writing,
013     *  software distributed under the License is distributed on an
014     *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     *  KIND, either express or implied.  See the License for the
016     *  specific language governing permissions and limitations
017     *  under the License.
018     *
019     */
020    package org.apache.directory.server.ldap.handlers.bind.cramMD5;
021    
022    
023    import org.apache.directory.server.core.CoreSession;
024    import org.apache.directory.server.ldap.LdapSession;
025    import org.apache.directory.server.ldap.handlers.bind.AbstractMechanismHandler;
026    import org.apache.directory.server.ldap.handlers.bind.SaslConstants;
027    import org.apache.directory.shared.ldap.constants.SupportedSaslMechanisms;
028    import org.apache.directory.shared.ldap.message.internal.InternalBindRequest;
029    
030    import javax.security.auth.callback.CallbackHandler;
031    import javax.security.sasl.Sasl;
032    import javax.security.sasl.SaslServer;
033    import java.util.HashMap;
034    import java.util.Map;
035    
036    
037    /**
038     * The CRAM-MD Sasl mechanism handler.
039     *
040     * @org.apache.xbean.XBean
041     * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
042     * @version $Rev$, $Date$
043     */
044    public class CramMd5MechanismHandler extends AbstractMechanismHandler
045    {
046        public SaslServer handleMechanism( LdapSession ldapSession, InternalBindRequest bindRequest ) throws Exception
047        {
048            SaslServer ss = (SaslServer)ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );
049    
050            // TODO - don't use session properties anymore
051            if ( ss == null )
052            {
053                String saslHost = ldapSession.getLdapServer().getSaslHost();
054                String userBaseDn = ldapSession.getLdapServer().getSearchBaseDn();
055                ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
056                ldapSession.putSaslProperty( SaslConstants.SASL_USER_BASE_DN, userBaseDn );
057                Map<String, String> saslProps = new HashMap<String, String>();
058                
059                CoreSession adminSession = ldapSession.getLdapServer().getDirectoryService().getAdminSession();
060    
061                CallbackHandler callbackHandler = new CramMd5CallbackHandler( ldapSession, adminSession, bindRequest );
062    
063                ss = Sasl.createSaslServer( SupportedSaslMechanisms.CRAM_MD5, SaslConstants.LDAP_PROTOCOL, saslHost, saslProps, callbackHandler );
064                ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss );
065            }
066    
067            return ss;
068        }
069        
070    
071        /**
072         * {@inheritDoc}
073         */
074        public void init( LdapSession ldapSession )
075        {
076            // Store the host in the ldap session
077            String saslHost = ldapSession.getLdapServer().getSaslHost();
078            ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
079        }
080        
081    
082        /**
083         * Remove the SaslServer and Mechanism property.
084         * 
085         * @param ldapSession the Ldapsession instance
086         */
087        public void cleanup( LdapSession ldapSession )
088        {
089            ldapSession.clearSaslProperties();
090        }
091    
092    }