org.apache.directory.server.kerberos.sam

Class SamSubsystem

java.lang.Object

org.apache.directory.server.kerberos.sam.SamSubsystem

public final class SamSubsystem
extends java.lang.Object

The Subsystem that enables the Kerberos server to use plugable Single-use Authentication mechanisms.

Field Summary

Fields

Modifier and Type	Field and Description
private static SamSubsystem	instance the SAM subsystem instance
private KeyIntegrityChecker	keyChecker the key integrity checker used by the subsystem for all sam types
static java.lang.String	PROPKEY_BASE the property key base used for SAM algorithm verifiers
private java.lang.String	userBaseRdn
private javax.naming.directory.DirContext	userContext the user context the SamSubsystem would use to verify passwords
private java.util.Map<SamType,SamVerifier>	verifiers a map of verifiers so we do not need to create a new one every time

Constructor Summary

Constructors

Constructor and Description
SamSubsystem()

Method Summary

Modifier and Type	Method and Description
static SamSubsystem	getInstance() Gets the singleton instance of the SamSubsystem.
void	setIntegrityChecker(KeyIntegrityChecker keyChecker) Sets the KeyIntegrityChecker used by the entire SamSubsystem.
void	setUserContext(javax.naming.directory.DirContext userContext, java.lang.String userBaseRdn) Sets the context under which user entries can be found.
javax.security.auth.kerberos.KerberosKey	verify(PrincipalStoreEntry entry, byte[] sad) Uses the principal entry information to load the approapriate SamVerifier and verify the Single-use password.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

PROPKEY_BASE

public static final java.lang.String PROPKEY_BASE

the property key base used for SAM algorithm verifiers

See Also:

Constant Field Values

instance

private static SamSubsystem instance

the SAM subsystem instance

verifiers

private final java.util.Map<SamType,SamVerifier> verifiers

a map of verifiers so we do not need to create a new one every time

keyChecker

private KeyIntegrityChecker keyChecker

the key integrity checker used by the subsystem for all sam types

userContext

private javax.naming.directory.DirContext userContext

the user context the SamSubsystem would use to verify passwords

userBaseRdn

private java.lang.String userBaseRdn

Constructor Detail

SamSubsystem

public SamSubsystem()

Method Detail

getInstance

public static SamSubsystem getInstance()

Gets the singleton instance of the SamSubsystem.

Returns:

the singleton for the SamSubsystem

setIntegrityChecker

public void setIntegrityChecker(KeyIntegrityChecker keyChecker)

Sets the KeyIntegrityChecker used by the entire SamSubsystem.

Parameters:

keyChecker - the KeyIntegrityChecker used by the entire SamSubsystem

verify

public javax.security.auth.kerberos.KerberosKey verify(PrincipalStoreEntry entry,
                                                       byte[] sad)
                                                throws SamException

Uses the principal entry information to load the approapriate SamVerifier and verify the Single-use password.

Parameters:

entry - the store entry for the Kerberos principal

sad - the single-use authentication data encrypted timestamp payload

Returns:

true if verification passed, false otherwise

Throws:

SamException - thrown when there is a failure within the verifier or a verifier cannot be found.

setUserContext

public void setUserContext(javax.naming.directory.DirContext userContext,
                           java.lang.String userBaseRdn)

Sets the context under which user entries can be found.

Parameters:

userContext - the jndi context under which users can be found.

userBaseRdn - the container with users