Versions Compared

Old Version 3

changes.mady.by.user Christine Koppelt

Saved on

compared with

New Version 4

changes.mady.by.user Emmanuel Lécharny

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Note
titleWork in progress

This site is in the process of being reviewed and updated.

What is it?

The mechanism is a means for injecting and isolating orthogonal services into calls against the nexus. The nexus is the hub used to route calls to partitions to perform CRUD operations upon entries. By injecting these services at this level, partition implementators need not duplicate fuctionality. Services such as authentication, authorization, schema checking, normalization, operational attribute maintenance and more are introduced using Interceptors. By using interceptors, partition implementors need not be concerned with these aspects and can focus on raw CRUD operations against their backing stores what ever they may be.

How does it work?

Before we talk more about interceptors we must quickly cover the JNDI provider implementation since it is somewhat related.

JNDI Implementation

The JNDI implementation is composed of a set of JNDI Context implementations, a ContextFactory implementation and a set of helper classes.

...

Additional processing may occur before or after a call is made by a context on its proxy to manage JNDI provider specific functions. One such example is the handling of Java objects for serialization and the use of object and state factories.

The nexus proxy object

As mentioned above, each Context that is created has a nexus proxy. The proxy maintains a handle on the context as well.

...

Warning
titleWarning

This page needs to be overworked

Operation handling within interceptors

Each operation is associated with a method in each interceptors, even if it does nothing else than calling the next interceptor.

...

Each interceptor process the pre action, call the next interceptor, wait for the response, execute the post action, and returns. We have to implement this chain of interceptors in a way which allows us to add new interceptors, or new pre or post actions, without having to modify the existing code or mechanism. 

 

Bind Operation

The Bind  operation call the interceptor chain in the PartitionNexusProxy class, where we can found a bind method :

...

  • The DN used to bind
  • The password (credentials)
  • The list of supported mechanisms 
  • The SASL authent
    We will often use only the two first elements.

Normalization interceptor

This interceptor will just normalize the DN used to bind. If the DN is invalid, an exception will be thrown.

...

We can call the next interceptor :

Authentication interceptor

We must check that this bind request is valid, that is the DN and the associated password are known by the server. We have two cases :

...

We are done with the bind operation.

 Add operation

An add operation is more complex. What we need to do is to check if the current user has enough right to add an entry, and that the entry can be added.

...