View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.directory.server.ldap.handlers.sasl;
21  
22  
23  import javax.security.sasl.SaslServer;
24  
25  import org.apache.directory.server.ldap.LdapSession;
26  import org.apache.mina.core.filterchain.IoFilterChain;
27  import org.apache.mina.core.session.IoSession;
28  import org.slf4j.Logger;
29  import org.slf4j.LoggerFactory;
30  
31  
32  /**
33   * 
34   * An abstract class for all the MechanismHandlers, implementing some common methods
35   *
36   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
37   */
38  public abstract class AbstractMechanismHandler implements MechanismHandler
39  {
40      /** A logger for this class **/
41      private static final Logger LOG = LoggerFactory.getLogger( AbstractMechanismHandler.class );
42  
43  
44      /**
45       * Inject a SaslFilter into the Filter chain, to deal with modified
46       * PDU sent when some mechanisms have been negotiated (DIGEST-MD5, GSSAPI, 
47       * for instance)
48       *
49       * @param ldapSession the LdapSession instance
50       */
51      protected void insertSaslFilter( LdapSession ldapSession )
52      {
53          LOG.debug( "Inserting SaslFilter to engage negotiated security layer." );
54          IoSession ioSession = ldapSession.getIoSession();
55  
56          // get the Io chain
57          IoFilterChain chain = ioSession.getFilterChain();
58  
59          if ( !chain.contains( SaslConstants.SASL_FILTER ) )
60          {
61              SaslServer saslServer = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );
62              chain.addBefore( "codec", SaslConstants.SASL_FILTER, new SaslFilter( saslServer ) );
63          }
64  
65          /*
66           * We disable the SASL security layer once, to write the outbound SUCCESS
67           * message without SASL security layer processing.
68           */
69          ioSession.setAttribute( SaslFilter.DISABLE_SECURITY_LAYER_ONCE, Boolean.TRUE );
70      }
71  }