Source code

001/*
002 *  Licensed to the Apache Software Foundation (ASF) under one
003 *  or more contributor license agreements.  See the NOTICE file
004 *  distributed with this work for additional information
005 *  regarding copyright ownership.  The ASF licenses this file
006 *  to you under the Apache License, Version 2.0 (the
007 *  "License"); you may not use this file except in compliance
008 *  with the License.  You may obtain a copy of the License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 *  Unless required by applicable law or agreed to in writing,
013 *  software distributed under the License is distributed on an
014 *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 *  KIND, either express or implied.  See the License for the
016 *  specific language governing permissions and limitations
017 *  under the License.
018 *
019 */
020package org.apache.directory.server.ldap.handlers.sasl.cramMD5;
021
022
023import java.util.HashMap;
024import java.util.Map;
025
026import javax.security.auth.callback.CallbackHandler;
027import javax.security.sasl.Sasl;
028import javax.security.sasl.SaslServer;
029
030import org.apache.directory.api.ldap.model.constants.SupportedSaslMechanisms;
031import org.apache.directory.api.ldap.model.message.BindRequest;
032import org.apache.directory.server.core.api.CoreSession;
033import org.apache.directory.server.ldap.LdapSession;
034import org.apache.directory.server.ldap.handlers.sasl.AbstractMechanismHandler;
035import org.apache.directory.server.ldap.handlers.sasl.SaslConstants;
036
037
038/**
039 * The CRAM-MD Sasl mechanism handler.
040 *
041 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
042 */
043public class CramMd5MechanismHandler extends AbstractMechanismHandler
044{
045    public SaslServer handleMechanism( LdapSession ldapSession, BindRequest bindRequest ) throws Exception
046    {
047        SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );
048
049        // TODO - don't use session properties anymore
050        if ( ss == null )
051        {
052            String saslHost = ldapSession.getLdapServer().getSaslHost();
053            String userBaseDn = ldapSession.getLdapServer().getSearchBaseDn();
054            ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
055            ldapSession.putSaslProperty( SaslConstants.SASL_USER_BASE_DN, userBaseDn );
056            Map<String, String> saslProps = new HashMap<>();
057
058            CoreSession adminSession = ldapSession.getLdapServer().getDirectoryService().getAdminSession();
059
060            CallbackHandler callbackHandler = new CramMd5CallbackHandler( ldapSession, adminSession, bindRequest );
061
062            ss = Sasl.createSaslServer( SupportedSaslMechanisms.CRAM_MD5, SaslConstants.LDAP_PROTOCOL, saslHost,
063                saslProps, callbackHandler );
064            ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss );
065        }
066
067        return ss;
068    }
069
070
071    /**
072     * {@inheritDoc}
073     */
074    public void init( LdapSession ldapSession )
075    {
076        // Store the host in the ldap session
077        String saslHost = ldapSession.getLdapServer().getSaslHost();
078        ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
079    }
080
081
082    /**
083     * Remove the SaslServer and Mechanism property.
084     * 
085     * @param ldapSession the Ldapsession instance
086     */
087    public void cleanup( LdapSession ldapSession )
088    {
089        ldapSession.clearSaslProperties();
090    }
091
092}