external-software/github_OpenIdentityPlatform_OpenDJ.git

parent: 7d40ebc1 | patch | commit | show whitespace

Fix OPENDJ-350: ldaptools with --usePasswordPolicyControl don't display pas...

Matthew Swift

08.21.2012 889d0dee661b46c8dde1bff0cddcb5699f841d51

Fix OPENDJ-350: ldaptools with --usePasswordPolicyControl don't display password policy response warning

Switch back to using tool specified authenticated connection provided and ensure that required controls are added to the bind request.

2 files modified

	opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/AuthenticatedConnectionFactory.java	12 ●●●●● patch \| view \| raw \| blame \| history
	opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/ConnectionFactoryProvider.java	35 ●●●●● patch \| view \| raw \| blame \| history

 opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/AuthenticatedConnectionFactory.java

@@ -64,7 +64,7 @@
  /**
   * An authenticated connection supports all operations except Bind operations.
   */
  public static final class AuthenticatedConnection extends ConnectionDecorator
  static final class AuthenticatedConnection extends ConnectionDecorator
  {

    private final BindRequest request;
@@ -129,7 +129,7 @@
     * @return The Bind result which was returned from the server after
     *         authentication.
     */
    public BindResult getAuthenticatedBindResult()
    BindResult getAuthenticatedBindResult()
    {
      return result;
    }
@@ -151,7 +151,7 @@
     *           If this connection has already been closed, i.e. if
     *           {@code isClosed() == true}.
     */
    public FutureResult<BindResult> rebindAsync(
    FutureResult<BindResult> rebindAsync(
        final ResultHandler<? super BindResult> handler)
    {
      if (request == null)
@@ -299,7 +299,7 @@
   * @throws NullPointerException
   *           If {@code factory} or {@code request} was {@code null}.
   */
  public AuthenticatedConnectionFactory(final ConnectionFactory factory,
  AuthenticatedConnectionFactory(final ConnectionFactory factory,
      final BindRequest request)
  {
    Validator.ensureNotNull(factory, request);
@@ -362,7 +362,7 @@
   * @return allowRebinds {@code true} if the {@code rebind} operation is to be
   *         supported, otherwise {@code false}.
   */
  public boolean isRebindAllowed()
  boolean isRebindAllowed()
  {
    return allowRebinds;
  }
@@ -382,7 +382,7 @@
   *          otherwise {@code false}.
   * @return A reference to this connection factory.
   */
  public AuthenticatedConnectionFactory setRebindAllowed(
  AuthenticatedConnectionFactory setRebindAllowed(
      final boolean allowRebinds)
  {
    this.allowRebinds = allowRebinds;

 opendj3/opendj-ldap-toolkit/src/main/java/com/forgerock/opendj/ldap/tools/ConnectionFactoryProvider.java

@@ -23,7 +23,7 @@
 *
 *
 *      Copyright 2010 Sun Microsystems, Inc.
 *      Portions copyright 2011 ForgeRock AS
 *      Portions copyright 2011-2012 ForgeRock AS
 */

package com.forgerock.opendj.ldap.tools;
@@ -51,6 +51,8 @@

import org.forgerock.i18n.LocalizableMessage;
import org.forgerock.opendj.ldap.*;
import org.forgerock.opendj.ldap.controls.AuthorizationIdentityRequestControl;
import org.forgerock.opendj.ldap.controls.PasswordPolicyRequestControl;
import org.forgerock.opendj.ldap.requests.*;


@@ -155,12 +157,12 @@
   * Whether to request that the server return the authorization ID in the bind
   * response.
   */
  private final BooleanArgument reportAuthzID;
  private final BooleanArgument reportAuthzIDArg;

  /**
   * Whether to use the password policy control in the bind request.
   */
  private final BooleanArgument usePasswordPolicyControl;
  private final BooleanArgument usePasswordPolicyControlArg;

  private int port = 389;

@@ -317,15 +319,15 @@
    certNicknameArg.setPropertyName(OPTION_LONG_CERT_NICKNAME);
    argumentParser.addLdapConnectionArgument(certNicknameArg);

    reportAuthzID = new BooleanArgument("reportauthzid", 'E',
    reportAuthzIDArg = new BooleanArgument("reportauthzid", 'E',
        OPTION_LONG_REPORT_AUTHZ_ID, INFO_DESCRIPTION_REPORT_AUTHZID.get());
    reportAuthzID.setPropertyName(OPTION_LONG_REPORT_AUTHZ_ID);
    argumentParser.addArgument(reportAuthzID);
    reportAuthzIDArg.setPropertyName(OPTION_LONG_REPORT_AUTHZ_ID);
    argumentParser.addArgument(reportAuthzIDArg);

    usePasswordPolicyControl = new BooleanArgument("usepwpolicycontrol", null,
    usePasswordPolicyControlArg = new BooleanArgument("usepwpolicycontrol", null,
        OPTION_LONG_USE_PW_POLICY_CTL, INFO_DESCRIPTION_USE_PWP_CONTROL.get());
    usePasswordPolicyControl.setPropertyName(OPTION_LONG_USE_PW_POLICY_CTL);
    argumentParser.addArgument(usePasswordPolicyControl);
    usePasswordPolicyControlArg.setPropertyName(OPTION_LONG_USE_PW_POLICY_CTL);
    argumentParser.addArgument(usePasswordPolicyControlArg);
  }


@@ -474,8 +476,7 @@
      BindRequest bindRequest = getBindRequest();
      if(bindRequest != null)
      {
        authenticatedConnFactory =
            Connections.newAuthenticatedConnectionFactory(
        authenticatedConnFactory = new AuthenticatedConnectionFactory(
                authenticatedConnFactory, bindRequest);
      }
    }
@@ -648,6 +649,18 @@
        throw new ArgumentException(ERR_LDAPAUTH_UNSUPPORTED_SASL_MECHANISM
            .get(mech));
      }

      if (reportAuthzIDArg.isPresent())
      {
        bindRequest.addControl(AuthorizationIdentityRequestControl
            .newControl(false));
      }

      if (usePasswordPolicyControlArg.isPresent())
      {
        bindRequest.addControl(PasswordPolicyRequestControl
            .newControl(false));
      }
    }
    return bindRequest;
  }

			@@ -64,7 +64,7 @@
			/**
			* An authenticated connection supports all operations except Bind operations.
			*/
			public static final class AuthenticatedConnection extends ConnectionDecorator
			static final class AuthenticatedConnection extends ConnectionDecorator
			{

			private final BindRequest request;
			@@ -129,7 +129,7 @@
			* @return The Bind result which was returned from the server after
			* authentication.
			*/
			public BindResult getAuthenticatedBindResult()
			BindResult getAuthenticatedBindResult()
			{
			return result;
			}
			@@ -151,7 +151,7 @@
			* If this connection has already been closed, i.e. if
			* {@code isClosed() == true}.
			*/
			public FutureResult<BindResult> rebindAsync(
			FutureResult<BindResult> rebindAsync(
			final ResultHandler<? super BindResult> handler)
			{
			if (request == null)
			@@ -299,7 +299,7 @@
			* @throws NullPointerException
			* If {@code factory} or {@code request} was {@code null}.
			*/
			public AuthenticatedConnectionFactory(final ConnectionFactory factory,
			AuthenticatedConnectionFactory(final ConnectionFactory factory,
			final BindRequest request)
			{
			Validator.ensureNotNull(factory, request);
			@@ -362,7 +362,7 @@
			* @return allowRebinds {@code true} if the {@code rebind} operation is to be
			* supported, otherwise {@code false}.
			*/
			public boolean isRebindAllowed()
			boolean isRebindAllowed()
			{
			return allowRebinds;
			}
			@@ -382,7 +382,7 @@
			* otherwise {@code false}.
			* @return A reference to this connection factory.
			*/
			public AuthenticatedConnectionFactory setRebindAllowed(
			AuthenticatedConnectionFactory setRebindAllowed(
			final boolean allowRebinds)
			{
			this.allowRebinds = allowRebinds;

			@@ -23,7 +23,7 @@
			*
			*
			* Copyright 2010 Sun Microsystems, Inc.
			* Portions copyright 2011 ForgeRock AS
			* Portions copyright 2011-2012 ForgeRock AS
			*/

			package com.forgerock.opendj.ldap.tools;
			@@ -51,6 +51,8 @@

			import org.forgerock.i18n.LocalizableMessage;
			import org.forgerock.opendj.ldap.*;
			import org.forgerock.opendj.ldap.controls.AuthorizationIdentityRequestControl;
			import org.forgerock.opendj.ldap.controls.PasswordPolicyRequestControl;
			import org.forgerock.opendj.ldap.requests.*;


			@@ -155,12 +157,12 @@
			* Whether to request that the server return the authorization ID in the bind
			* response.
			*/
			private final BooleanArgument reportAuthzID;
			private final BooleanArgument reportAuthzIDArg;

			/**
			* Whether to use the password policy control in the bind request.
			*/
			private final BooleanArgument usePasswordPolicyControl;
			private final BooleanArgument usePasswordPolicyControlArg;

			private int port = 389;

			@@ -317,15 +319,15 @@
			certNicknameArg.setPropertyName(OPTION_LONG_CERT_NICKNAME);
			argumentParser.addLdapConnectionArgument(certNicknameArg);

			reportAuthzID = new BooleanArgument("reportauthzid", 'E',
			reportAuthzIDArg = new BooleanArgument("reportauthzid", 'E',
			OPTION_LONG_REPORT_AUTHZ_ID, INFO_DESCRIPTION_REPORT_AUTHZID.get());
			reportAuthzID.setPropertyName(OPTION_LONG_REPORT_AUTHZ_ID);
			argumentParser.addArgument(reportAuthzID);
			reportAuthzIDArg.setPropertyName(OPTION_LONG_REPORT_AUTHZ_ID);
			argumentParser.addArgument(reportAuthzIDArg);

			usePasswordPolicyControl = new BooleanArgument("usepwpolicycontrol", null,
			usePasswordPolicyControlArg = new BooleanArgument("usepwpolicycontrol", null,
			OPTION_LONG_USE_PW_POLICY_CTL, INFO_DESCRIPTION_USE_PWP_CONTROL.get());
			usePasswordPolicyControl.setPropertyName(OPTION_LONG_USE_PW_POLICY_CTL);
			argumentParser.addArgument(usePasswordPolicyControl);
			usePasswordPolicyControlArg.setPropertyName(OPTION_LONG_USE_PW_POLICY_CTL);
			argumentParser.addArgument(usePasswordPolicyControlArg);
			}


			@@ -474,8 +476,7 @@
			BindRequest bindRequest = getBindRequest();
			if(bindRequest != null)
			{
			authenticatedConnFactory =
			Connections.newAuthenticatedConnectionFactory(
			authenticatedConnFactory = new AuthenticatedConnectionFactory(
			authenticatedConnFactory, bindRequest);
			}
			}
			@@ -648,6 +649,18 @@
			throw new ArgumentException(ERR_LDAPAUTH_UNSUPPORTED_SASL_MECHANISM
			.get(mech));
			}

			if (reportAuthzIDArg.isPresent())
			{
			bindRequest.addControl(AuthorizationIdentityRequestControl
			.newControl(false));
			}

			if (usePasswordPolicyControlArg.isPresent())
			{
			bindRequest.addControl(PasswordPolicyRequestControl
			.newControl(false));
			}
			}
			return bindRequest;
			}