You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2005/01/16 02:36:15 UTC
svn commit: r125330 - in incubator/directory/kerberos/trunk: main/src/java/org/apache/kerberos protocol/src/java/org/apache/kerberos/protocol
Author: erodriguez
Date: Sat Jan 15 17:36:14 2005
New Revision: 125330
URL: http://svn.apache.org/viewcvs?view=rev&rev=125330
Log:
First pass at MINA front-end for Kerberos.
Added:
incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/Main.java
incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosDecoder.java
incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosEncoder.java
incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolProvider.java
Added: incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/Main.java
Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/Main.java?view=auto&rev=125330
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/Main.java Sat Jan 15 17:36:14 2005
@@ -0,0 +1,183 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.util.Properties;
+
+import javax.naming.NamingException;
+import javax.naming.directory.InitialDirContext;
+
+import org.apache.kerberos.kdc.KdcConfiguration;
+import org.apache.kerberos.kdc.store.BootstrapStore;
+import org.apache.kerberos.kdc.store.EmbeddedEveStore;
+import org.apache.kerberos.kdc.store.PrincipalStore;
+import org.apache.kerberos.protocol.KerberosProtocolProvider;
+import org.apache.ldap.server.jndi.EnvKeys;
+import org.apache.mina.io.datagram.DatagramAcceptor;
+import org.apache.mina.io.filter.IoThreadPoolFilter;
+import org.apache.mina.io.socket.SocketAcceptor;
+import org.apache.mina.protocol.filter.ProtocolThreadPoolFilter;
+import org.apache.mina.protocol.io.IoProtocolAcceptor;
+
+
+public class Main
+{
+ private final KdcConfiguration config = new KdcConfiguration();
+ private final BootstrapStore bootstrap = new BootstrapStore( config );
+ private PrincipalStore store;
+
+ public Main( Properties env )
+ {
+ store = new EmbeddedEveStore( env );
+
+ init();
+
+ try
+ {
+ setup();
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public static void main( String[] args )
+ {
+ long startTime = System.currentTimeMillis();
+
+ if ( args.length == 0 )
+ {
+ System.err.println( "Path to configuration file required!" );
+
+ System.exit( 1 );
+ }
+
+ File file = new File( args[0] );
+
+ if ( ! file.exists() )
+ {
+ System.err.println( "Config file '" + file.getAbsolutePath() + "' does not exist!" );
+
+ System.exit( 2 );
+ }
+
+ Properties env = new Properties();
+
+ try
+ {
+ env.load( new FileInputStream( file ) );
+ }
+ catch ( IOException e )
+ {
+ System.err.println( "Failed while loading config file '" + file.getAbsolutePath() + "'" );
+
+ System.exit( 3 );
+ }
+
+ new Main( env );
+
+ System.out.println( "Apache Kerberos: started in "
+ + ( System.currentTimeMillis() - startTime )
+ + " milliseconds" );
+
+ while ( true )
+ {
+ try
+ {
+ // this is a big time cludge for now to just play
+ Thread.sleep( 20000 );
+
+ try
+ {
+ env.setProperty( EnvKeys.SYNC, "true" );
+ new InitialDirContext( env );
+ }
+ catch ( NamingException e )
+ {
+ e.printStackTrace();
+ }
+ }
+ catch ( InterruptedException e )
+ {
+ e.printStackTrace();
+ }
+ }
+ }
+
+ /**
+ * Instantiates the factory then gets a handle on the Frontend.
+ *
+ * @throws Exception due to create()
+ */
+ protected void setup() throws IOException
+ {
+ int port = config.getDefaultPort();
+
+ // Create I/O and Protocol thread pool filter.
+ // I/O thread pool performs encoding and decoding of messages.
+ // Protocol thread pool performs actual protocol flow.
+ IoThreadPoolFilter ioThreadPoolFilter = new IoThreadPoolFilter();
+ ProtocolThreadPoolFilter protocolThreadPoolFilter = new ProtocolThreadPoolFilter();
+
+ // and start both.
+ ioThreadPoolFilter.start();
+ protocolThreadPoolFilter.start();
+
+ // Create a TCP/IP acceptor.
+ IoProtocolAcceptor acceptor = new IoProtocolAcceptor( new SocketAcceptor() );
+
+ // Add both thread pool filters.
+ acceptor.getIoAcceptor().addFilter( Integer.MAX_VALUE, ioThreadPoolFilter );
+ acceptor.addFilter( Integer.MAX_VALUE, protocolThreadPoolFilter );
+
+ // Bind
+ acceptor.bind( new InetSocketAddress( port ), new KerberosProtocolProvider( bootstrap, store, config ) );
+
+ // Create a UDP/IP acceptor
+ IoProtocolAcceptor datagramAcceptor = new IoProtocolAcceptor( new DatagramAcceptor() );
+
+ // Add both thread pool filters.
+ datagramAcceptor.getIoAcceptor().addFilter( Integer.MAX_VALUE, ioThreadPoolFilter );
+ datagramAcceptor.addFilter( Integer.MAX_VALUE, protocolThreadPoolFilter );
+
+ // Bind
+ datagramAcceptor.bind( new InetSocketAddress( port ), new KerberosProtocolProvider( bootstrap, store, config ) );
+
+ System.out.println( "Apache Kerberos listening on port " + port );
+ }
+
+ private void init()
+ {
+ Runnable runnable = new Runnable()
+ {
+ public void run()
+ {
+ bootstrap.init();
+ store.init();
+ }
+ };
+ Thread storeInit = new Thread( runnable );
+ storeInit.start();
+ }
+}
+
Added: incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosDecoder.java
Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosDecoder.java?view=auto&rev=125330
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosDecoder.java Sat Jan 15 17:36:14 2005
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.protocol;
+
+import java.io.IOException;
+
+import org.apache.kerberos.io.decoder.KdcRequestDecoder;
+import org.apache.mina.common.ByteBuffer;
+import org.apache.mina.protocol.ProtocolDecoder;
+import org.apache.mina.protocol.ProtocolDecoderOutput;
+import org.apache.mina.protocol.ProtocolSession;
+import org.apache.mina.protocol.ProtocolViolationException;
+
+
+public class KerberosDecoder implements ProtocolDecoder
+{
+ private KdcRequestDecoder decoder = new KdcRequestDecoder();
+
+ public void decode( ProtocolSession session, ByteBuffer in, ProtocolDecoderOutput out )
+ throws ProtocolViolationException
+ {
+ try
+ {
+ out.write( decoder.decode( in.buf() ) );
+ }
+ catch ( IOException ioe)
+ {
+ ioe.printStackTrace();
+ }
+ }
+}
+
Added: incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosEncoder.java
Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosEncoder.java?view=auto&rev=125330
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosEncoder.java Sat Jan 15 17:36:14 2005
@@ -0,0 +1,67 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.protocol;
+
+import java.io.IOException;
+
+import org.apache.kerberos.io.encoder.ErrorMessageEncoder;
+import org.apache.kerberos.io.encoder.KdcReplyEncoder;
+import org.apache.kerberos.messages.ErrorMessage;
+import org.apache.kerberos.messages.KdcReply;
+import org.apache.mina.common.ByteBuffer;
+import org.apache.mina.protocol.ProtocolEncoder;
+import org.apache.mina.protocol.ProtocolEncoderOutput;
+import org.apache.mina.protocol.ProtocolSession;
+import org.apache.mina.protocol.ProtocolViolationException;
+
+
+public class KerberosEncoder implements ProtocolEncoder
+{
+ private KdcReplyEncoder replyEncoder = new KdcReplyEncoder();
+ private ErrorMessageEncoder errorEncoder = new ErrorMessageEncoder();
+
+ public void encode( ProtocolSession session, Object message, ProtocolEncoderOutput out )
+ throws ProtocolViolationException
+ {
+ ByteBuffer buf = ByteBuffer.allocate( 512 );
+
+ try
+ {
+ if ( message instanceof KdcReply )
+ {
+ replyEncoder.encode( (KdcReply)message, buf.buf() );
+ }
+ else
+ {
+ if ( message instanceof ErrorMessage )
+ {
+ errorEncoder.encode( (ErrorMessage)message, buf.buf() );
+ }
+ }
+
+ buf.flip();
+
+ out.write( buf );
+ }
+ catch ( IOException ioe )
+ {
+ throw new ProtocolViolationException();
+ }
+ }
+}
+
Added: incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java
Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java?view=auto&rev=125330
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java Sat Jan 15 17:36:14 2005
@@ -0,0 +1,121 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.protocol;
+
+import java.io.IOException;
+
+import org.apache.kerberos.kdc.AuthenticationService;
+import org.apache.kerberos.kdc.ErrorService;
+import org.apache.kerberos.kdc.KdcConfiguration;
+import org.apache.kerberos.kdc.KerberosException;
+import org.apache.kerberos.kdc.TicketGrantingService;
+import org.apache.kerberos.kdc.store.BootstrapStore;
+import org.apache.kerberos.kdc.store.PrincipalStore;
+import org.apache.kerberos.messages.AuthenticationReply;
+import org.apache.kerberos.messages.ErrorMessage;
+import org.apache.kerberos.messages.KdcRequest;
+import org.apache.kerberos.messages.TicketGrantReply;
+import org.apache.mina.common.IdleStatus;
+import org.apache.mina.protocol.ProtocolHandler;
+import org.apache.mina.protocol.ProtocolSession;
+
+
+public class KerberosProtocolHandler implements ProtocolHandler
+{
+ private AuthenticationService authService;
+ private TicketGrantingService tgsService;
+ private ErrorService errorService;
+
+ public KerberosProtocolHandler( BootstrapStore store, PrincipalStore bootstrap, KdcConfiguration config )
+ {
+ errorService = new ErrorService( config );
+ authService = new AuthenticationService( store, bootstrap, config );
+ tgsService = new TicketGrantingService( store, bootstrap, config );
+ }
+
+ public void sessionOpened( ProtocolSession session )
+ {
+ System.out.println( session.getRemoteAddress() + " OPENED" );
+ }
+
+ public void sessionClosed( ProtocolSession session )
+ {
+ System.out.println( session.getRemoteAddress() + " CLOSED" );
+ }
+
+ public void sessionIdle( ProtocolSession session, IdleStatus status )
+ {
+ System.out.println( session.getRemoteAddress() + " IDLE(" + status + ")" );
+ }
+
+ public void exceptionCaught( ProtocolSession session, Throwable cause )
+ {
+ System.out.println( session.getRemoteAddress() + " EXCEPTION" );
+ cause.printStackTrace( System.out );
+
+ session.close();
+ }
+
+ public void messageReceived( ProtocolSession session, Object message )
+ {
+ System.out.println( session.getRemoteAddress() + " RCVD: " + message );
+
+ try
+ {
+ KdcRequest request = (KdcRequest)message;
+
+ int messageType = request.getMessageType().getOrdinal();
+
+ switch ( messageType )
+ {
+ case 10:
+ AuthenticationReply authReply = authService.getReplyFor( request );
+ session.write( authReply );
+ break;
+
+ case 12:
+ TicketGrantReply ticketReply = tgsService.getReplyFor( request );
+ session.write( ticketReply );
+ break;
+
+ case 11:
+ case 13:
+ throw KerberosException.KRB_AP_ERR_BADDIRECTION;
+
+ default:
+ throw KerberosException.KRB_AP_ERR_MSG_TYPE;
+ }
+ }
+ catch ( KerberosException ke )
+ {
+ System.out.println( "Returning error message: " + ke.getMessage() );
+ ErrorMessage errorMessage = errorService.getReplyFor( ke );
+ session.write( errorMessage );
+ }
+ catch ( IOException ioe )
+ {
+ ioe.printStackTrace();
+ }
+ }
+
+ public void messageSent( ProtocolSession session, Object message )
+ {
+ System.out.println( session.getRemoteAddress() + " SENT: " + message );
+ }
+}
+
Added: incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolProvider.java
Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolProvider.java?view=auto&rev=125330
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolProvider.java Sat Jan 15 17:36:14 2005
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+package org.apache.kerberos.protocol;
+
+import org.apache.kerberos.kdc.KdcConfiguration;
+import org.apache.kerberos.kdc.store.BootstrapStore;
+import org.apache.kerberos.kdc.store.PrincipalStore;
+import org.apache.mina.protocol.ProtocolCodecFactory;
+import org.apache.mina.protocol.ProtocolDecoder;
+import org.apache.mina.protocol.ProtocolEncoder;
+import org.apache.mina.protocol.ProtocolHandler;
+import org.apache.mina.protocol.ProtocolProvider;
+
+
+public class KerberosProtocolProvider implements ProtocolProvider
+{
+ private BootstrapStore store;
+ private PrincipalStore bootstrap;
+ private KdcConfiguration config;
+
+ public KerberosProtocolProvider( BootstrapStore store, PrincipalStore bootstrap, KdcConfiguration config )
+ {
+ this.store = store;
+ this.bootstrap = bootstrap;
+ this.config = config;
+ }
+
+ // Protocol handler is usually a singleton.
+ private ProtocolHandler HANDLER = new KerberosProtocolHandler( store, bootstrap, config );
+
+ // Codec factory is also usually a singleton.
+ private static ProtocolCodecFactory CODEC_FACTORY = new ProtocolCodecFactory()
+ {
+ public ProtocolEncoder newEncoder()
+ {
+ // Create a new encoder.
+ return new KerberosEncoder();
+ }
+
+ public ProtocolDecoder newDecoder()
+ {
+ // Create a new decoder.
+ return new KerberosDecoder();
+ }
+ };
+
+ public ProtocolCodecFactory getCodecFactory()
+ {
+ return CODEC_FACTORY;
+ }
+
+ public ProtocolHandler getHandler()
+ {
+ return HANDLER;
+ }
+}
+