mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
blame | history | patch | commit | commitdiff | ignore whitespace
Matthew Swift
25.27.2011 3883d2297c3422d8aec2b40530c2d2b0a00ee57d 
 opends/src/server/org/opends/server/extensions/PlainSASLMechanismHandler.java


@@ -23,44 +23,35 @@


 *


 *


 *      Copyright 2006-2009 Sun Microsystems, Inc.


 *      Portions copyright 2011 ForgeRock AS.


 */


package org.opends.server.extensions;


import org.opends.messages.Message;








import static org.opends.messages.ExtensionMessages.*;


import static org.opends.server.loggers.debug.DebugLogger.debugEnabled;


import static org.opends.server.loggers.debug.DebugLogger.getTracer;


import static org.opends.server.util.ServerConstants.SASL_MECHANISM_PLAIN;


import static org.opends.server.util.StaticUtils.toLowerCase;




import java.util.ArrayList;


import java.util.List;


import java.util.concurrent.locks.Lock;




import org.opends.messages.Message;


import org.opends.server.admin.server.ConfigurationChangeListener;


import org.opends.server.admin.std.server.PlainSASLMechanismHandlerCfg;


import org.opends.server.admin.std.server.SASLMechanismHandlerCfg;


import org.opends.server.api.AuthenticationPolicyState;


import org.opends.server.api.IdentityMapper;


import org.opends.server.api.SASLMechanismHandler;


import org.opends.server.config.ConfigException;


import org.opends.server.core.BindOperation;


import org.opends.server.core.DirectoryServer;


import org.opends.server.core.PasswordPolicyState;


import org.opends.server.protocols.internal.InternalClientConnection;


import org.opends.server.types.AuthenticationInfo;


import org.opends.server.types.ByteString;


import org.opends.server.types.ConfigChangeResult;


import org.opends.server.types.DirectoryException;


import org.opends.server.types.DN;


import org.opends.server.types.Entry;


import org.opends.server.types.InitializationException;


import org.opends.server.types.LockManager;


import org.opends.server.types.Privilege;


import org.opends.server.types.ResultCode;




import static org.opends.server.loggers.debug.DebugLogger.*;


import org.opends.server.loggers.debug.DebugTracer;


import org.opends.server.types.DebugLogLevel;


import static org.opends.messages.ExtensionMessages.*;




import static org.opends.server.util.ServerConstants.*;


import static org.opends.server.util.StaticUtils.*;


import org.opends.server.protocols.internal.InternalClientConnection;


import org.opends.server.types.*;








@@ -508,12 +499,14 @@


    // provided password was correct.


    try


    {


      PasswordPolicyState pwPolicyState =


           new PasswordPolicyState(userEntry, false);


      if (! pwPolicyState.passwordMatches(ByteString.valueOf(password)))


      // FIXME: we should store store the auth state in with the bind operation


      // so that any state updates, such as cached passwords, are persisted to


      // the user's entry when the bind completes.


      AuthenticationPolicyState authState = AuthenticationPolicyState.forUser(


          userEntry, false);


      if (!authState.passwordMatches(ByteString.valueOf(password)))


      {


        bindOperation.setResultCode(ResultCode.INVALID_CREDENTIALS);




        Message message = ERR_SASLPLAIN_INVALID_PASSWORD.get();


        bindOperation.setAuthFailureReason(message);


        return;