View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.directory.server.ldap.handlers.sasl.external.certificate;
21  
22  import org.apache.directory.api.ldap.model.message.BindRequest;
23  import org.apache.directory.server.core.api.CoreSession;
24  import org.apache.directory.server.ldap.LdapSession;
25  import org.apache.directory.server.ldap.handlers.sasl.AbstractMechanismHandler;
26  import org.apache.directory.server.ldap.handlers.sasl.SaslConstants;
27  
28  import javax.security.sasl.SaslServer;
29  
30  /**
31   * The External Sasl mechanism handler which to authenticate user by client certificate (ssl).
32   *
33   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
34   */
35  public class CertificateMechanismHandler extends AbstractMechanismHandler
36  {
37      public SaslServer handleMechanism( LdapSession ldapSession, BindRequest bindRequest ) throws Exception
38      {
39          SaslServer ss = ( SaslServer ) ldapSession.getSaslProperty( SaslConstants.SASL_SERVER );
40  
41          if ( ss == null )
42          {
43              String saslHost = ldapSession.getLdapServer().getSaslHost();
44              String userBaseDn = ldapSession.getLdapServer().getSearchBaseDn();
45              ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
46              ldapSession.putSaslProperty( SaslConstants.SASL_USER_BASE_DN, userBaseDn );
47  
48              CoreSession adminSession = ldapSession.getLdapServer().getDirectoryService().getAdminSession();
49  
50              ss = new ExternalSaslServer( ldapSession, adminSession, bindRequest );
51  
52              ldapSession.putSaslProperty( SaslConstants.SASL_SERVER, ss );
53          }
54  
55          return ss;
56      }
57  
58  
59      /**
60       * {@inheritDoc}
61       */
62      public void init( LdapSession ldapSession )
63      {
64          // Store the host in the ldap session
65          String saslHost = ldapSession.getLdapServer().getSaslHost();
66          ldapSession.putSaslProperty( SaslConstants.SASL_HOST, saslHost );
67      }
68  
69  
70      /**
71       * Remove the SaslServer and Mechanism property.
72       * 
73       * @param ldapSession the Ldapsession instance
74       */
75      public void cleanup( LdapSession ldapSession )
76      {
77          ldapSession.clearSaslProperties();
78      }
79  }