javax.security.auth.login.AppConfigurationEntry Java Examples

The following examples show how to use javax.security.auth.login.AppConfigurationEntry. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source Project: deprecated-security-advanced-modules   Author: opendistro-for-elasticsearch   File: JaasKrbUtil.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(final String name) {
    final Map<String, String> options = new HashMap<String, String>();
    options.put("keyTab", keytabPath.toAbsolutePath().toString());
    options.put("principal", principal);
    options.put("useKeyTab", "true");
    options.put("storeKey", "true");
    options.put("doNotPrompt", "true");
    options.put("renewTGT", "false");
    options.put("refreshKrb5Config", "true");
    options.put("isInitiator", String.valueOf(initiator));
    options.put("debug", String.valueOf(debug));

    return new AppConfigurationEntry[] { new AppConfigurationEntry(getKrb5LoginModuleName(),
            AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options) };
}
 
Example #2
Source Project: jdk8u-jdk   Author: frohoff   File: JMXPluggableAuthenticator.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of <code>FileLoginConfig</code>
 *
 * @param passwordFile A filepath that identifies the password file to use.
 *                     If null then the default password file is used.
 */
public FileLoginConfig(String passwordFile) {

    Map<String, String> options;
    if (passwordFile != null) {
        options = new HashMap<String, String>(1);
        options.put(PASSWORD_FILE_OPTION, passwordFile);
    } else {
        options = Collections.emptyMap();
    }

    entries = new AppConfigurationEntry[] {
        new AppConfigurationEntry(FILE_LOGIN_MODULE,
            AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
                options)
    };
}
 
Example #3
Source Project: cxf   Author: apache   File: JAASLoginInterceptorTest.java    License: Apache License 2.0 6 votes vote down vote up
private JAASLoginInterceptor createTestJaasLoginInterceptor() {
    JAASLoginInterceptor jaasInt = new JAASLoginInterceptor();
    jaasInt.setReportFault(true);
    Configuration config = new Configuration() {

        @Override
        public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
            Map<String, String> options = new HashMap<>();
            AppConfigurationEntry configEntry = new AppConfigurationEntry(
                                                                          TestUserPasswordLoginModule.class
                                                                              .getName(),
                                                                          LoginModuleControlFlag.REQUIRED,
                                                                          options);
            return Collections.singleton(configEntry).toArray(new AppConfigurationEntry[] {});
        }
    };
    jaasInt.setLoginConfig(config);
    return jaasInt;
}
 
Example #4
Source Project: big-c   Author: yncxcw   File: TestKMS.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
  Map<String, String> options = new HashMap<String, String>();
  options.put("keyTab", keytab);
  options.put("principal", principal);
  options.put("useKeyTab", "true");
  options.put("storeKey", "true");
  options.put("doNotPrompt", "true");
  options.put("useTicketCache", "true");
  options.put("renewTGT", "true");
  options.put("refreshKrb5Config", "true");
  options.put("isInitiator", Boolean.toString(isInitiator));
  String ticketCache = System.getenv("KRB5CCNAME");
  if (ticketCache != null) {
    options.put("ticketCache", ticketCache);
  }
  options.put("debug", "true");

  return new AppConfigurationEntry[]{
      new AppConfigurationEntry(getKrb5LoginModuleName(),
          AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
          options)};
}
 
Example #5
Source Project: lams   Author: lamsfoundation   File: BaseAuthenticationInfo.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * <p>
 * Creates and returns a copy of the specified list of {@code AppConfigurationEntry} objects, adding the security
 * domain option when necessary. Execution of this method requires a {@code getLoginConfiguration} permission.
 * 
 * </p>
 * 
 * @param entries a {@code List} containing the {@code AppConfigurationEntry} objects to be copied.
 * @return an {@code AppConfigurationEntry} array containing the copied entries.
 */
protected AppConfigurationEntry[] copyAppConfigurationEntry(List<Object> entries)
{
   SecurityManager sm = System.getSecurityManager();
   if (sm != null)
      sm.checkPermission(GET_CONFIG_ENTRY_PERM);
   AppConfigurationEntry[] copy = new AppConfigurationEntry[entries.size()];
   for (int i = 0; i < copy.length; i++)
   {
      AppConfigurationEntry entry = (AppConfigurationEntry) entries.get(i);
      HashMap<String, Object> options = new HashMap<String, Object>(entry.getOptions());
      if (!disableSecurityDomainInOptions())
      {
         options.put(SecurityConstants.SECURITY_DOMAIN_OPTION, this.getName());
      }
      copy[i] = new AppConfigurationEntry(entry.getLoginModuleName(), entry.getControlFlag(), options);
   }
   return copy;
}
 
Example #6
Source Project: hadoop   Author: naver   File: KerberosTestUtils.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
  Map<String, String> options = new HashMap<String, String>();
  options.put("keyTab", KerberosTestUtils.getKeytabFile());
  options.put("principal", principal);
  options.put("useKeyTab", "true");
  options.put("storeKey", "true");
  options.put("doNotPrompt", "true");
  options.put("useTicketCache", "true");
  options.put("renewTGT", "true");
  options.put("refreshKrb5Config", "true");
  options.put("isInitiator", "true");
  String ticketCache = System.getenv("KRB5CCNAME");
  if (ticketCache != null) {
    options.put("ticketCache", ticketCache);
  }
  options.put("debug", "true");

  return new AppConfigurationEntry[]{
    new AppConfigurationEntry(KerberosUtil.getKrb5LoginModuleName(),
                              AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
                              options),};
}
 
Example #7
Source Project: pulsar   Author: apache   File: SaslConstants.java    License: Apache License 2.0 6 votes vote down vote up
public static boolean isUsingTicketCache(String configurationEntry) {
    AppConfigurationEntry[] entries = Configuration.getConfiguration()
        .getAppConfigurationEntry(configurationEntry);
    if (entries == null) {
        return false;
    }
    for (AppConfigurationEntry entry : entries) {
        // there will only be a single entry, so this for() loop will only be iterated through once.
        if (entry.getOptions().get("useTicketCache") != null) {
            String val = (String) entry.getOptions().get("useTicketCache");
            if (val.equals("true")) {
                return true;
            }
        }
    }
    return false;
}
 
Example #8
Source Project: Flink-CEPplus   Author: ljygz   File: DynamicConfiguration.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Retrieve the AppConfigurationEntries for the specified <i>name</i>
 * from this Configuration.
 *
 * @param name the name used to index the Configuration.
 *
 * @return an array of AppConfigurationEntries for the specified <i>name</i>
 *          from this Configuration, or null if there are no entries
 *          for the specified <i>name</i>
 */
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
	AppConfigurationEntry[] entry = null;
	if (delegate != null) {
		entry = delegate.getAppConfigurationEntry(name);
	}
	final AppConfigurationEntry[] existing = dynamicEntries.get(name);
	if (existing != null) {
		if (entry != null) {
			entry = merge(entry, existing);
		}
		else {
			entry = Arrays.copyOf(existing, existing.length);
		}
	}
	return entry;
}
 
Example #9
Source Project: nifi   Author: apache   File: TestKeytabConfiguration.java    License: Apache License 2.0 6 votes vote down vote up
@Test
public void testCreatingKeytabConfiguration() {
    final String principal = "[email protected]";
    final String keytab = "src/test/resources/foo.keytab";

    final KeytabConfiguration configuration = new KeytabConfiguration(principal, keytab);
    assertEquals(principal, configuration.getPrincipal());
    assertEquals(keytab, configuration.getKeytabFile());

    final AppConfigurationEntry[] entries = configuration.getAppConfigurationEntry("KeytabConfig");
    assertNotNull(entries);
    assertEquals(1, entries.length);

    final AppConfigurationEntry entry = entries[0];
    assertEquals(ConfigurationUtil.SUN_KRB5_LOGIN_MODULE, entry.getLoginModuleName());
    assertEquals(principal, entry.getOptions().get("principal"));
    assertEquals(keytab, entry.getOptions().get("keyTab"));
}
 
Example #10
Source Project: big-c   Author: yncxcw   File: RegistrySecurity.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Resolve the context of an entry. This is an effective test of
 * JAAS setup, because it will relay detected problems up
 * @param context context name
 * @return the entry
 * @throws RuntimeException if there is no context entry found
 */
public static AppConfigurationEntry[] validateContext(String context)  {
  if (context == null) {
    throw new RuntimeException("Null context argument");
  }
  if (context.isEmpty()) {
    throw new RuntimeException("Empty context argument");
  }
  javax.security.auth.login.Configuration configuration =
      javax.security.auth.login.Configuration.getConfiguration();
  AppConfigurationEntry[] entries =
      configuration.getAppConfigurationEntry(context);
  if (entries == null) {
    throw new RuntimeException(
        String.format("Entry \"%s\" not found; " +
                      "JAAS config = %s",
            context,
            describeProperty(Environment.JAAS_CONF_KEY) ));
  }
  return entries;
}
 
Example #11
Source Project: hottub   Author: dsrg-uoft   File: ConfigFile.java    License: GNU General Public License v2.0 6 votes vote down vote up
private void readConfig(Reader reader,
    Map<String, List<AppConfigurationEntry>> newConfig)
    throws IOException {

    linenum = 1;

    if (!(reader instanceof BufferedReader)) {
        reader = new BufferedReader(reader);
    }

    st = new StreamTokenizer(reader);
    st.quoteChar('"');
    st.wordChars('$', '$');
    st.wordChars('_', '_');
    st.wordChars('-', '-');
    st.wordChars('*', '*');
    st.lowerCaseMode(false);
    st.slashSlashComments(true);
    st.slashStarComments(true);
    st.eolIsSignificant(true);

    lookahead = nextToken();
    while (lookahead != StreamTokenizer.TT_EOF) {
        parseLoginEntry(newConfig);
    }
}
 
Example #12
Source Project: lams   Author: lamsfoundation   File: AuthenticationConfigParser.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Parse the <authentication> element
 * @param reader
 * @return
 * @throws XMLStreamException
 */
public Set<AppConfigurationEntry> parse(XMLStreamReader reader) throws XMLStreamException
{
   Set<AppConfigurationEntry> entries = new LinkedHashSet<AppConfigurationEntry>();
   while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
   {
      final Element element = Element.forName(reader.getLocalName());
      AppConfigurationEntry entry = null;
      if (element.equals(Element.LOGIN_MODULE))
      {
         entry = getEntry(reader);
      }
      else
         throw StaxParserUtil.unexpectedElement(reader);
      entries.add(entry);
   }
   return entries;
}
 
Example #13
Source Project: flink   Author: flink-tpc-ds   File: DynamicConfiguration.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Retrieve the AppConfigurationEntries for the specified <i>name</i>
 * from this Configuration.
 *
 * @param name the name used to index the Configuration.
 *
 * @return an array of AppConfigurationEntries for the specified <i>name</i>
 *          from this Configuration, or null if there are no entries
 *          for the specified <i>name</i>
 */
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
	AppConfigurationEntry[] entry = null;
	if (delegate != null) {
		entry = delegate.getAppConfigurationEntry(name);
	}
	final AppConfigurationEntry[] existing = dynamicEntries.get(name);
	if (existing != null) {
		if (entry != null) {
			entry = merge(entry, existing);
		}
		else {
			entry = Arrays.copyOf(existing, existing.length);
		}
	}
	return entry;
}
 
Example #14
Source Project: gcp-token-broker   Author: GoogleCloudPlatform   File: SpnegoAuthenticator.java    License: Apache License 2.0 6 votes vote down vote up
private static Configuration getConfiguration(String principal, File keytabFile) {
    return new Configuration() {
        @Override
        public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
            Map<String, String> options = new HashMap<String, String>();
            options.put("principal", principal);
            options.put("keyTab", keytabFile.getPath());
            options.put("doNotPrompt", "true");
            options.put("useKeyTab", "true");
            options.put("storeKey", "true");
            options.put("isInitiator", "false");
            return new AppConfigurationEntry[] {
                new AppConfigurationEntry(
                    "com.sun.security.auth.module.Krb5LoginModule",
                    AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options)
            };
        }
    };
}
 
Example #15
Source Project: openjdk-jdk9   Author: AdoptOpenJDK   File: ConfigFile.java    License: GNU General Public License v2.0 6 votes vote down vote up
private void readConfig(Reader reader,
    Map<String, List<AppConfigurationEntry>> newConfig)
    throws IOException {

    linenum = 1;

    if (!(reader instanceof BufferedReader)) {
        reader = new BufferedReader(reader);
    }

    st = new StreamTokenizer(reader);
    st.quoteChar('"');
    st.wordChars('$', '$');
    st.wordChars('_', '_');
    st.wordChars('-', '-');
    st.wordChars('*', '*');
    st.lowerCaseMode(false);
    st.slashSlashComments(true);
    st.slashStarComments(true);
    st.eolIsSignificant(true);

    lookahead = nextToken();
    while (lookahead != StreamTokenizer.TT_EOF) {
        parseLoginEntry(newConfig);
    }
}
 
Example #16
Source Project: dragonwell8_jdk   Author: alibaba   File: ConfigFile.java    License: GNU General Public License v2.0 6 votes vote down vote up
private void init(URL config,
                  Map<String, List<AppConfigurationEntry>> newConfig)
                  throws IOException {

    try (InputStreamReader isr
            = new InputStreamReader(getInputStream(config), "UTF-8")) {
        readConfig(isr, newConfig);
    } catch (FileNotFoundException fnfe) {
        if (debugConfig != null) {
            debugConfig.println(fnfe.toString());
        }
        throw new IOException(ResourcesMgr.getString
            ("Configuration.Error.No.such.file.or.directory",
            "sun.security.util.AuthResources"));
    }
}
 
Example #17
Source Project: dragonwell8_jdk   Author: alibaba   File: ConfigFile.java    License: GNU General Public License v2.0 6 votes vote down vote up
private void readConfig(Reader reader,
    Map<String, List<AppConfigurationEntry>> newConfig)
    throws IOException {

    linenum = 1;

    if (!(reader instanceof BufferedReader)) {
        reader = new BufferedReader(reader);
    }

    st = new StreamTokenizer(reader);
    st.quoteChar('"');
    st.wordChars('$', '$');
    st.wordChars('_', '_');
    st.wordChars('-', '-');
    st.wordChars('*', '*');
    st.lowerCaseMode(false);
    st.slashSlashComments(true);
    st.slashStarComments(true);
    st.eolIsSignificant(true);

    lookahead = nextToken();
    while (lookahead != StreamTokenizer.TT_EOF) {
        parseLoginEntry(newConfig);
    }
}
 
Example #18
Source Project: incubator-retired-wave   Author: apache   File: AuthTestUtil.java    License: Apache License 2.0 6 votes vote down vote up
public static Configuration makeConfiguration() {
  return new Configuration() {
    @Override
    public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
      if (name.equals("Wave")) {
        AppConfigurationEntry entry =
            new AppConfigurationEntry(AccountStoreLoginModule.class.getName(),
                LoginModuleControlFlag.REQUIRED, new HashMap<String, Object>());

        return new AppConfigurationEntry[] {entry};
      } else {
        return null;
      }
    }
  };
}
 
Example #19
Source Project: dragonwell8_jdk   Author: alibaba   File: JMXPluggableAuthenticator.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of <code>FileLoginConfig</code>
 *
 * @param passwordFile A filepath that identifies the password file to use.
 *                     If null then the default password file is used.
 */
public FileLoginConfig(String passwordFile) {

    Map<String, String> options;
    if (passwordFile != null) {
        options = new HashMap<String, String>(1);
        options.put(PASSWORD_FILE_OPTION, passwordFile);
    } else {
        options = Collections.emptyMap();
    }

    entries = new AppConfigurationEntry[] {
        new AppConfigurationEntry(FILE_LOGIN_MODULE,
            AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
                options)
    };
}
 
Example #20
Source Project: TencentKona-8   Author: Tencent   File: ConfigFile.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Retrieve an entry from the Configuration using an application name
 * as an index.
 *
 * @param applicationName the name used to index the Configuration.
 * @return an array of AppConfigurationEntries which correspond to
 *         the stacked configuration of LoginModules for this
 *         application, or null if this application has no configured
 *         LoginModules.
 */
@Override
public AppConfigurationEntry[] engineGetAppConfigurationEntry
    (String applicationName) {

    List<AppConfigurationEntry> list = null;
    synchronized (configuration) {
        list = configuration.get(applicationName);
    }

    if (list == null || list.size() == 0) {
        return null;
    }

    AppConfigurationEntry[] entries =
                            new AppConfigurationEntry[list.size()];
    Iterator<AppConfigurationEntry> iterator = list.iterator();
    for (int i = 0; iterator.hasNext(); i++) {
        AppConfigurationEntry e = iterator.next();
        entries[i] = new AppConfigurationEntry(e.getLoginModuleName(),
                                               e.getControlFlag(),
                                               e.getOptions());
    }
    return entries;
}
 
Example #21
Source Project: TencentKona-8   Author: Tencent   File: JMXPluggableAuthenticator.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of <code>FileLoginConfig</code>
 *
 * @param passwordFile A filepath that identifies the password file to use.
 *                     If null then the default password file is used.
 */
public FileLoginConfig(String passwordFile) {

    Map<String, String> options;
    if (passwordFile != null) {
        options = new HashMap<String, String>(1);
        options.put(PASSWORD_FILE_OPTION, passwordFile);
    } else {
        options = Collections.emptyMap();
    }

    entries = new AppConfigurationEntry[] {
        new AppConfigurationEntry(FILE_LOGIN_MODULE,
            AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
                options)
    };
}
 
Example #22
Source Project: jstorm   Author: alibaba   File: ClientCallbackHandler.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Constructor based on a JAAS configuration
 * 
 * For digest, you should have a pair of user name and password defined.
 * 
 * @param configuration
 * @throws IOException
 */
public ClientCallbackHandler(Configuration configuration) throws IOException {
    if (configuration == null)
        return;
    AppConfigurationEntry configurationEntries[] = configuration.getAppConfigurationEntry(AuthUtils.LOGIN_CONTEXT_CLIENT);
    if (configurationEntries == null) {
        String errorMessage = "Could not find a '" + AuthUtils.LOGIN_CONTEXT_CLIENT + "' entry in this configuration: Client cannot start.";
        throw new IOException(errorMessage);
    }

    _password = "";
    for (AppConfigurationEntry entry : configurationEntries) {
        if (entry.getOptions().get(USERNAME) != null) {
            _username = (String) entry.getOptions().get(USERNAME);
        }
        if (entry.getOptions().get(PASSWORD) != null) {
            _password = (String) entry.getOptions().get(PASSWORD);
        }
    }
}
 
Example #23
Source Project: jdk8u60   Author: chenghanpeng   File: LoginConfigImpl.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Default value for a caller-mech pair when no entry is defined in
 * the system-wide Configuration object.
 */
private AppConfigurationEntry[] getDefaultConfigurationEntry() {
    HashMap <String, String> options = new HashMap <String, String> (2);

    if (mechName == null || mechName.equals("krb5")) {
        if (isServerSide(caller)) {
            // Assuming the keytab file can be found through
            // krb5 config file or under user home directory
            options.put("useKeyTab", "true");
            options.put("storeKey", "true");
            options.put("doNotPrompt", "true");
            options.put("principal", "*");
            options.put("isInitiator", "false");
        } else {
            options.put("useTicketCache", "true");
            options.put("doNotPrompt", "false");
        }
        return new AppConfigurationEntry[] {
            new AppConfigurationEntry(
                    "com.sun.security.auth.module.Krb5LoginModule",
                    AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
                    options)
        };
    }
    return null;
}
 
Example #24
Source Project: jdk8u60   Author: chenghanpeng   File: ConfigFile.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Retrieve an entry from the Configuration using an application name
 * as an index.
 *
 * @param applicationName the name used to index the Configuration.
 * @return an array of AppConfigurationEntries which correspond to
 *         the stacked configuration of LoginModules for this
 *         application, or null if this application has no configured
 *         LoginModules.
 */
@Override
public AppConfigurationEntry[] engineGetAppConfigurationEntry
    (String applicationName) {

    List<AppConfigurationEntry> list = null;
    synchronized (configuration) {
        list = configuration.get(applicationName);
    }

    if (list == null || list.size() == 0) {
        return null;
    }

    AppConfigurationEntry[] entries =
                            new AppConfigurationEntry[list.size()];
    Iterator<AppConfigurationEntry> iterator = list.iterator();
    for (int i = 0; iterator.hasNext(); i++) {
        AppConfigurationEntry e = iterator.next();
        entries[i] = new AppConfigurationEntry(e.getLoginModuleName(),
                                               e.getControlFlag(),
                                               e.getOptions());
    }
    return entries;
}
 
Example #25
Source Project: jdk8u60   Author: chenghanpeng   File: JMXPluggableAuthenticator.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of <code>FileLoginConfig</code>
 *
 * @param passwordFile A filepath that identifies the password file to use.
 *                     If null then the default password file is used.
 */
public FileLoginConfig(String passwordFile) {

    Map<String, String> options;
    if (passwordFile != null) {
        options = new HashMap<String, String>(1);
        options.put(PASSWORD_FILE_OPTION, passwordFile);
    } else {
        options = Collections.emptyMap();
    }

    entries = new AppConfigurationEntry[] {
        new AppConfigurationEntry(FILE_LOGIN_MODULE,
            AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
                options)
    };
}
 
Example #26
Source Project: jdk8u_jdk   Author: JetBrains   File: JMXPluggableAuthenticator.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates an instance of <code>FileLoginConfig</code>
 *
 * @param passwordFile A filepath that identifies the password file to use.
 *                     If null then the default password file is used.
 */
public FileLoginConfig(String passwordFile) {

    Map<String, String> options;
    if (passwordFile != null) {
        options = new HashMap<String, String>(1);
        options.put(PASSWORD_FILE_OPTION, passwordFile);
    } else {
        options = Collections.emptyMap();
    }

    entries = new AppConfigurationEntry[] {
        new AppConfigurationEntry(FILE_LOGIN_MODULE,
            AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
                options)
    };
}
 
Example #27
Source Project: JDKSourceCode1.8   Author: wupeixuan   File: JMXPluggableAuthenticator.java    License: MIT License 6 votes vote down vote up
/**
 * Creates an instance of <code>FileLoginConfig</code>
 *
 * @param passwordFile A filepath that identifies the password file to use.
 *                     If null then the default password file is used.
 */
public FileLoginConfig(String passwordFile) {

    Map<String, String> options;
    if (passwordFile != null) {
        options = new HashMap<String, String>(1);
        options.put(PASSWORD_FILE_OPTION, passwordFile);
    } else {
        options = Collections.emptyMap();
    }

    entries = new AppConfigurationEntry[] {
        new AppConfigurationEntry(FILE_LOGIN_MODULE,
            AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
                options)
    };
}
 
Example #28
Source Project: hadoop   Author: naver   File: RegistrySecurity.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Resolve the context of an entry. This is an effective test of
 * JAAS setup, because it will relay detected problems up
 * @param context context name
 * @return the entry
 * @throws RuntimeException if there is no context entry found
 */
public static AppConfigurationEntry[] validateContext(String context)  {
  if (context == null) {
    throw new RuntimeException("Null context argument");
  }
  if (context.isEmpty()) {
    throw new RuntimeException("Empty context argument");
  }
  javax.security.auth.login.Configuration configuration =
      javax.security.auth.login.Configuration.getConfiguration();
  AppConfigurationEntry[] entries =
      configuration.getAppConfigurationEntry(context);
  if (entries == null) {
    throw new RuntimeException(
        String.format("Entry \"%s\" not found; " +
                      "JAAS config = %s",
            context,
            describeProperty(Environment.JAAS_CONF_KEY) ));
  }
  return entries;
}
 
Example #29
Source Project: pxf   Author: greenplum-db   File: PxfUserGroupInformation.java    License: Apache License 2.0 6 votes vote down vote up
public AppConfigurationEntry[] getAppConfigurationEntry(String appName) {
    if ("hadoop-simple".equals(appName)) {
        return SIMPLE_CONF;
    } else if ("hadoop-user-kerberos".equals(appName)) {
        return USER_KERBEROS_CONF;
    } else if ("hadoop-keytab-kerberos".equals(appName)) {
        if (PlatformName.IBM_JAVA) {
            KEYTAB_KERBEROS_OPTIONS.put("useKeytab", prependFileAuthority(keytabFile));
        } else {
            KEYTAB_KERBEROS_OPTIONS.put("keyTab", keytabFile);
        }

        KEYTAB_KERBEROS_OPTIONS.put("principal", keytabPrincipal);
        return KEYTAB_KERBEROS_CONF;
    } else {
        return null;
    }
}
 
Example #30
Source Project: openjdk-8   Author: bpupadhyaya   File: ConfigFile.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Retrieve an entry from the Configuration using an application name
 * as an index.
 *
 * @param applicationName the name used to index the Configuration.
 * @return an array of AppConfigurationEntries which correspond to
 *         the stacked configuration of LoginModules for this
 *         application, or null if this application has no configured
 *         LoginModules.
 */
@Override
public AppConfigurationEntry[] engineGetAppConfigurationEntry
    (String applicationName) {

    List<AppConfigurationEntry> list = null;
    synchronized (configuration) {
        list = configuration.get(applicationName);
    }

    if (list == null || list.size() == 0) {
        return null;
    }

    AppConfigurationEntry[] entries =
                            new AppConfigurationEntry[list.size()];
    Iterator<AppConfigurationEntry> iterator = list.iterator();
    for (int i = 0; iterator.hasNext(); i++) {
        AppConfigurationEntry e = iterator.next();
        entries[i] = new AppConfigurationEntry(e.getLoginModuleName(),
                                               e.getControlFlag(),
                                               e.getOptions());
    }
    return entries;
}