From 29c3668f95f8f1b2780b2ee10132e170edbca810 Mon Sep 17 00:00:00 2001
From: Jean-Noel Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Tue, 23 Apr 2013 16:34:52 +0000
Subject: [PATCH] Added a comment. Reordered the inner classes so they appear in the same order as they are executed.
---
opends/src/server/org/opends/server/protocols/http/CollectClientConnectionsFilter.java | 100 +++++++++++++++++++++++++------------------------
1 files changed, 51 insertions(+), 49 deletions(-)
diff --git a/opends/src/server/org/opends/server/protocols/http/CollectClientConnectionsFilter.java b/opends/src/server/org/opends/server/protocols/http/CollectClientConnectionsFilter.java
index 8a4c71e..f03cc51 100644
--- a/opends/src/server/org/opends/server/protocols/http/CollectClientConnectionsFilter.java
+++ b/opends/src/server/org/opends/server/protocols/http/CollectClientConnectionsFilter.java
@@ -99,6 +99,57 @@
}
/**
+ * This result handler invokes a bind after a successful search on the user
+ * name used for authentication.
+ */
+ private final class DoBindResultHandler implements
+ ResultHandler<SearchResultEntry>
+ {
+ private HTTPRequestContext ctx;
+
+ private DoBindResultHandler(HTTPRequestContext ctx)
+ {
+ this.ctx = ctx;
+ }
+
+ @Override
+ public void handleErrorResult(ErrorResultException error)
+ {
+ final ResultCode rc = error.getResult().getResultCode();
+ if (ResultCode.CLIENT_SIDE_NO_RESULTS_RETURNED.equals(rc)
+ || ResultCode.CLIENT_SIDE_UNEXPECTED_RESULTS_RETURNED.equals(rc))
+ {
+ // Avoid information leak:
+ // do not hint to the user that it is the username that is invalid
+ sendAuthenticationFailure(ctx);
+ }
+ else
+ {
+ onFailure(error, ctx);
+ }
+ }
+
+ @Override
+ public void handleResult(SearchResultEntry resultEntry)
+ {
+ final DN bindDN = resultEntry.getName();
+ if (bindDN == null)
+ {
+ sendAuthenticationFailure(ctx);
+ }
+ else
+ {
+ final BindRequest bindRequest =
+ Requests.newSimpleBindRequest(bindDN.toString(), ctx.password
+ .getBytes(Charset.forName("UTF-8")));
+ ctx.connection.bindAsync(bindRequest, null,
+ new CallDoFilterResultHandler(ctx, resultEntry));
+ }
+ }
+
+ }
+
+ /**
* This result handler calls {@link javax.servlet.Filter#doFilter()} after a
* successful bind.
*/
@@ -140,55 +191,6 @@
}
- /**
- * This result handler invokes a bind after a successful search on the user
- * name used for authentication.
- */
- private final class DoBindResultHandler implements
- ResultHandler<SearchResultEntry>
- {
- private HTTPRequestContext ctx;
-
- private DoBindResultHandler(HTTPRequestContext ctx)
- {
- this.ctx = ctx;
- }
-
- @Override
- public void handleErrorResult(ErrorResultException error)
- {
- final ResultCode rc = error.getResult().getResultCode();
- if (ResultCode.CLIENT_SIDE_NO_RESULTS_RETURNED.equals(rc)
- || ResultCode.CLIENT_SIDE_UNEXPECTED_RESULTS_RETURNED.equals(rc))
- {
- sendAuthenticationFailure(ctx);
- }
- else
- {
- onFailure(error, ctx);
- }
- }
-
- @Override
- public void handleResult(SearchResultEntry resultEntry)
- {
- final DN bindDN = resultEntry.getName();
- if (bindDN == null)
- {
- sendAuthenticationFailure(ctx);
- }
- else
- {
- final BindRequest bindRequest =
- Requests.newSimpleBindRequest(bindDN.toString(), ctx.password
- .getBytes(Charset.forName("UTF-8")));
- ctx.connection.bindAsync(bindRequest, null,
- new CallDoFilterResultHandler(ctx, resultEntry));
- }
- }
-
- }
-
/** HTTP Header sent by the client with HTTP basic authentication. */
static final String HTTP_BASIC_AUTH_HEADER = "Authorization";
--
Gitblit v1.10.0