From 959c9ded0c297d00500678a0c80d7d6d8a5265fe Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Tue, 10 Jul 2007 16:03:42 +0000
Subject: [PATCH] Fix a set of problems with the configuration interface in which there were a number of cases in which insufficient validation was performed.  In particular, if a new configuration object was added over protocol or an existing configuration object was changed from disabled to enabled, then the server would only perform generic validation for that component and would not have any way to perform more detailed validation that could detect larger numbers of problems.

---
 opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java |   52 +++++++++++++++++++++++++++++++++++++++++++---------
 1 files changed, 43 insertions(+), 9 deletions(-)

diff --git a/opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java b/opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java
index 6069980..3e5d3dc 100644
--- a/opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java
+++ b/opends/src/server/org/opends/server/core/PasswordValidatorConfigManager.java
@@ -30,6 +30,7 @@
 
 import java.lang.reflect.Method;
 import java.util.ArrayList;
+import java.util.Iterator;
 import java.util.List;
 import java.util.concurrent.ConcurrentHashMap;
 
@@ -127,7 +128,8 @@
         try
         {
           PasswordValidator<? extends PasswordValidatorCfg>
-               validator = loadValidator(className, validatorConfiguration);
+               validator = loadValidator(className, validatorConfiguration,
+                                         true);
           passwordValidators.put(validatorConfiguration.dn(), validator);
           DirectoryServer.registerPasswordValidator(validatorConfiguration.dn(),
                                                     validator);
@@ -159,7 +161,7 @@
       String className = configuration.getValidatorClass();
       try
       {
-        loadValidator(className, null);
+        loadValidator(className, configuration, false);
       }
       catch (InitializationException ie)
       {
@@ -199,7 +201,7 @@
     String className = configuration.getValidatorClass();
     try
     {
-      passwordValidator = loadValidator(className, configuration);
+      passwordValidator = loadValidator(className, configuration, true);
     }
     catch (InitializationException ie)
     {
@@ -275,7 +277,7 @@
       String className = configuration.getValidatorClass();
       try
       {
-        loadValidator(className, null);
+        loadValidator(className, configuration, false);
       }
       catch (InitializationException ie)
       {
@@ -346,7 +348,7 @@
          passwordValidator = null;
     try
     {
-      passwordValidator = loadValidator(className, configuration);
+      passwordValidator = loadValidator(className, configuration, true);
     }
     catch (InitializationException ie)
     {
@@ -377,8 +379,9 @@
    * @param  className      The fully-qualified name of the password validator
    *                        class to load, instantiate, and initialize.
    * @param  configuration  The configuration to use to initialize the
-   *                        password validator, or {@code null} if the
-   *                        password validator should not be initialized.
+   *                        password validator.  It must not be {@code null}.
+   * @param  initialize     Indicates whether the password validator instance
+   *                        should be initialized.
    *
    * @return  The possibly initialized password validator.
    *
@@ -387,7 +390,8 @@
    */
   private PasswordValidator<? extends PasswordValidatorCfg>
                loadValidator(String className,
-                             PasswordValidatorCfg configuration)
+                             PasswordValidatorCfg configuration,
+                             boolean initialize)
           throws InitializationException
   {
     try
@@ -402,13 +406,43 @@
            (PasswordValidator<? extends PasswordValidatorCfg>)
            validatorClass.newInstance();
 
-      if (configuration != null)
+      if (initialize)
       {
         Method method =
              validator.getClass().getMethod("initializePasswordValidator",
                   configuration.definition().getServerConfigurationClass());
         method.invoke(validator, configuration);
       }
+      else
+      {
+        Method method =
+             validator.getClass().getMethod("isConfigurationAcceptable",
+                                            PasswordValidatorCfg.class,
+                                            List.class);
+
+        List<String> unacceptableReasons = new ArrayList<String>();
+        Boolean acceptable = (Boolean) method.invoke(validator, configuration,
+                                                     unacceptableReasons);
+        if (! acceptable)
+        {
+          StringBuilder buffer = new StringBuilder();
+          if (! unacceptableReasons.isEmpty())
+          {
+            Iterator<String> iterator = unacceptableReasons.iterator();
+            buffer.append(iterator.next());
+            while (iterator.hasNext())
+            {
+              buffer.append(".  ");
+              buffer.append(iterator.next());
+            }
+          }
+
+          int    msgID   = MSGID_CONFIG_PWVALIDATOR_CONFIG_NOT_ACCEPTABLE;
+          String message = getMessage(msgID, String.valueOf(configuration.dn()),
+                                      buffer.toString());
+          throw new InitializationException(msgID, message);
+        }
+      }
 
       return validator;
     }

--
Gitblit v1.10.0