/** * TODO - perhaps we should just use a flag that is calculated on creation * of this session * * @see org.apache.directory.server.core.api.CoreSession#isAdministrator() */ @Override public boolean isAdministrator() { String normName = getEffectivePrincipal().getName(); return normName.equals( ServerDNConstants.ADMIN_SYSTEM_DN_NORMALIZED ); }
/** * Get back an anonymous session */ public CoreSession getSession() { return new DefaultCoreSession( new LdapPrincipal( schemaManager ), this ); }
/** * Serializes a LdapPrincipal instance. * * @param principal The LdapPrincipal instance to serialize * @param out The stream into which we will write the serialized instance * @throws IOException If the stream can't be written */ public static void serialize( LdapPrincipal principal, ObjectOutput out ) throws IOException { // The Authentication level out.writeInt( principal.getAuthenticationLevel().getLevel() ); // The principal's DN if ( principal.getDn() == null ) { Dn.EMPTY_DN.writeExternal( out ); } else { principal.getDn().writeExternal( out ); } }
/** * Creates a new instance of a DefaultCoreSession * @param principal The principal to use to process operation for this session * @param directoryService The DirectoryService to which we will send requests */ public DefaultCoreSession( LdapPrincipal principal, DirectoryService directoryService ) { this.directoryService = directoryService; authenticatedPrincipal = principal; if ( principal.getAuthenticationLevel() == AuthenticationLevel.NONE ) { anonymousPrincipal = principal; } else { anonymousPrincipal = new LdapPrincipal( directoryService.getSchemaManager() ); } // setup attribute type value objectClassAT = directoryService.getSchemaManager().getAttributeType( SchemaConstants.OBJECT_CLASS_AT ); }
/** * User has already been authenticated during SASL negotiation. Set the authentication level * to strong and return an {@link LdapPrincipal}. */ @Override public LdapPrincipal authenticate( BindOperationContext bindContext ) throws LdapAuthenticationException { // Possibly check if user account is disabled, other account checks. LdapPrincipal principal = new LdapPrincipal( getDirectoryService().getSchemaManager(), bindContext.getDn(), AuthenticationLevel.STRONG ); IoSession session = bindContext.getIoSession(); if ( session != null ) { SocketAddress clientAddress = session.getRemoteAddress(); principal.setClientAddress( clientAddress ); SocketAddress serverAddress = session.getServiceAddress(); principal.setServerAddress( serverAddress ); } return principal; } }
principal = new LdapPrincipal( getDirectoryService().getSchemaManager(), bindContext.getDn(), AuthenticationLevel.SIMPLE ); principal.setUserPassword( storedPasswords );
byte[] password = null; if ( ldapPrincipal.getUserPasswords() != null ) password = ldapPrincipal.getUserPasswords()[0]; CoreSession userSession = ds.getSession( ldapPrincipal.getDn(), password, saslMechanism, null );
principal.setClientAddress( clientAddress ); SocketAddress serverAddress = session.getServiceAddress(); principal.setServerAddress( serverAddress ); byte[][] storedPasswords = principal.getUserPasswords();
LdapPrincipal clonedPrincipal = ( LdapPrincipal ) ( principal.clone() ); clonedPrincipal.setUserPassword( Strings.EMPTY_BYTES );
/** * {@inheritDoc} */ @Override public boolean isAnonymous() { if ( ( authorizedPrincipal == null ) && ( authenticatedPrincipal == null ) ) { return true; } else { return authenticatedPrincipal.getAuthenticationLevel() == AuthenticationLevel.NONE; } }
/** * Clone the object. This is done so that we don't store the * password in a LdapPrincipal more than necessary. */ @Override public Object clone() throws CloneNotSupportedException { LdapPrincipal clone = ( LdapPrincipal ) super.clone(); if ( userPasswords != null ) { clone.setUserPassword( userPasswords ); } return clone; }
principal = new LdapPrincipal( getDirectoryService().getSchemaManager(), bindDn, AuthenticationLevel.SIMPLE, bindContext.getCredentials() ); principal.setClientAddress( clientAddress ); SocketAddress serverAddress = session.getServiceAddress(); principal.setServerAddress( serverAddress );
/** * {@inheritDoc} */ @Override public AuthenticationLevel getAuthenticationLevel() { return getEffectivePrincipal().getAuthenticationLevel(); }
writer.write( principal.getName() ); writer.write( '\n' );
LdapPrincipal principal = new LdapPrincipal( schemaManager, dn, authenticationLevel );
/** * Creates a new instance of UnbindOperationContext. * * @param session The session to use */ public UnbindOperationContext( CoreSession session ) { super( session, session.getEffectivePrincipal().getDn() ); setInterceptors( session.getDirectoryService().getInterceptors( OperationEnum.UNBIND ) ); }
String adminDn = session.getEffectivePrincipal().getName();