1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.server.kerberos.shared.store;
21
22
23 import java.util.HashMap;
24 import java.util.Map;
25
26 import javax.security.auth.kerberos.KerberosPrincipal;
27
28 import org.apache.directory.api.ldap.model.entry.Attribute;
29 import org.apache.directory.api.ldap.model.entry.Value;
30 import org.apache.directory.server.i18n.I18n;
31 import org.apache.directory.shared.kerberos.KerberosTime;
32 import org.apache.directory.shared.kerberos.codec.KerberosDecoder;
33 import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
34 import org.apache.directory.shared.kerberos.codec.types.SamType;
35 import org.apache.directory.shared.kerberos.components.EncryptionKey;
36 import org.apache.directory.shared.kerberos.exceptions.KerberosException;
37
38
39
40
41
42 public class PrincipalStoreEntryModifier
43 {
44
45 private String distinguishedName;
46 private String commonName;
47 private KerberosPrincipal principal;
48 private String realmName;
49
50
51 private String userId;
52
53
54
55 private int keyVersionNumber;
56
57 private KerberosTime validStart;
58 private KerberosTime validEnd;
59 private KerberosTime passwordEnd;
60 private int maxLife;
61 private int maxRenew;
62 private int kdcFlags;
63 private SamType samType;
64
65 private boolean disabled = false;
66 private boolean lockedOut = false;
67 private KerberosTime expiration = KerberosTime.INFINITY;
68
69 private Map<EncryptionType, EncryptionKey> keyMap;
70
71
72
73
74
75
76
77 public PrincipalStoreEntry getEntry()
78 {
79 return new PrincipalStoreEntry( distinguishedName, commonName, userId, principal, keyVersionNumber, validStart,
80 validEnd, passwordEnd, maxLife, maxRenew, kdcFlags, keyMap, realmName, samType, disabled, lockedOut,
81 expiration );
82 }
83
84
85
86
87
88
89
90 public void setDisabled( boolean disabled )
91 {
92 this.disabled = disabled;
93 }
94
95
96
97
98
99
100
101 public void setLockedOut( boolean lockedOut )
102 {
103 this.lockedOut = lockedOut;
104 }
105
106
107
108
109
110
111
112 public void setExpiration( KerberosTime expiration )
113 {
114 this.expiration = expiration;
115 }
116
117
118
119
120
121
122
123 public void setDistinguishedName( String distinguishedName )
124 {
125 this.distinguishedName = distinguishedName;
126 }
127
128
129
130
131
132
133
134 public void setCommonName( String commonName )
135 {
136 this.commonName = commonName;
137 }
138
139
140
141
142
143
144
145 public void setUserId( String userId )
146 {
147 this.userId = userId;
148 }
149
150
151
152
153
154
155
156 public void setKDCFlags( int kdcFlags )
157 {
158 this.kdcFlags = kdcFlags;
159 }
160
161
162
163
164
165
166
167 public void setKeyMap( Map<EncryptionType, EncryptionKey> keyMap )
168 {
169 this.keyMap = keyMap;
170 }
171
172
173
174
175
176
177
178 public void setKeyVersionNumber( int keyVersionNumber )
179 {
180 this.keyVersionNumber = keyVersionNumber;
181 }
182
183
184
185
186
187
188
189 public void setMaxLife( int maxLife )
190 {
191 this.maxLife = maxLife;
192 }
193
194
195
196
197
198
199
200 public void setMaxRenew( int maxRenew )
201 {
202 this.maxRenew = maxRenew;
203 }
204
205
206
207
208
209
210
211 public void setPasswordEnd( KerberosTime passwordEnd )
212 {
213 this.passwordEnd = passwordEnd;
214 }
215
216
217
218
219
220
221
222 public void setPrincipal( KerberosPrincipal principal )
223 {
224 this.principal = principal;
225 }
226
227
228
229
230
231
232
233 public void setRealmName( String realmName )
234 {
235 this.realmName = realmName;
236 }
237
238
239
240
241
242
243
244 public void setValidEnd( KerberosTime validEnd )
245 {
246 this.validEnd = validEnd;
247 }
248
249
250
251
252
253
254
255 public void setValidStart( KerberosTime validStart )
256 {
257 this.validStart = validStart;
258 }
259
260
261
262
263
264
265
266 public void setSamType( SamType samType )
267 {
268 this.samType = samType;
269 }
270
271
272
273
274
275
276
277
278
279 public Map<EncryptionType, EncryptionKey> reconstituteKeyMap( Attribute krb5key )
280 throws KerberosException
281 {
282 Map<EncryptionType, EncryptionKey> map = new HashMap<>();
283
284 for ( Value val : krb5key )
285 {
286 if ( val.isHumanReadable() )
287 {
288 throw new IllegalStateException( I18n.err( I18n.ERR_626 ) );
289 }
290
291 byte[] encryptionKeyBytes = val.getBytes();
292 EncryptionKey encryptionKey = KerberosDecoder.decodeEncryptionKey( encryptionKeyBytes );
293 map.put( encryptionKey.getKeyType(), encryptionKey );
294 }
295
296 return map;
297 }
298 }