You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by rl...@apache.org on 2015/01/13 19:29:25 UTC
ambari git commit: AMBARI-9014. Design admin principal session
expiration handling API call (rlevas)
Repository: ambari
Updated Branches:
refs/heads/trunk efe79f015 -> 3d445e739
AMBARI-9014. Design admin principal session expiration handling API call (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/3d445e73
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/3d445e73
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/3d445e73
Branch: refs/heads/trunk
Commit: 3d445e739019815d51233114dac5cb5889dd0896
Parents: efe79f0
Author: Robert Levas <rl...@hortonworks.com>
Authored: Tue Jan 13 13:29:15 2015 -0500
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Tue Jan 13 13:29:15 2015 -0500
----------------------------------------------------------------------
.../KerberosAdminAuthenticationException.java | 45 +++++++++
.../KerberosKDCConnectionException.java | 45 +++++++++
.../KerberosLDAPContainerException.java | 45 +++++++++
.../kerberos/KerberosOperationException.java | 47 +++++++++
.../kerberos/KerberosRealmException.java | 46 +++++++++
.../kerberos/TrustingSSLSocketFactory.java | 100 +++++++++++++++++++
6 files changed, 328 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/3d445e73/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosAdminAuthenticationException.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosAdminAuthenticationException.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosAdminAuthenticationException.java
new file mode 100644
index 0000000..d85f57c
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosAdminAuthenticationException.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+/**
+ * KerberosAdminAuthenticationException is a KerberosOperationException thrown in the event a the
+ * administrative credentials failed to validate while authenticating with the KDC.
+ */
+public class KerberosAdminAuthenticationException extends KerberosOperationException {
+
+ /**
+ * Creates a new KerberosAdminAuthenticationException with a message
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ */
+ public KerberosAdminAuthenticationException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new KerberosAdminAuthenticationException with a message and a cause
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ * @param cause a Throwable declaring the previously thrown Throwable that led to this exception
+ */
+ public KerberosAdminAuthenticationException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3d445e73/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosKDCConnectionException.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosKDCConnectionException.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosKDCConnectionException.java
new file mode 100644
index 0000000..a908eb9
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosKDCConnectionException.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+/**
+ * KerberosKDCConnectionException is a KerberosOperationException thrown in the event a connection
+ * to the KDC was not able to be made.
+ */
+public class KerberosKDCConnectionException extends KerberosOperationException {
+
+ /**
+ * Creates a new KerberosKDCConnectionException with a message
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ */
+ public KerberosKDCConnectionException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new KerberosKDCConnectionException with a message and a cause
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ * @param cause a Throwable declaring the previously thrown Throwable that led to this exception
+ */
+ public KerberosKDCConnectionException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3d445e73/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosLDAPContainerException.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosLDAPContainerException.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosLDAPContainerException.java
new file mode 100644
index 0000000..f9ed50d
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosLDAPContainerException.java
@@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+/**
+ * KerberosLDAPContainerException is a KerberosOperationException thrown in the event a connection
+ * to the KDC was not able to be made.
+ */
+public class KerberosLDAPContainerException extends KerberosOperationException {
+
+ /**
+ * Creates a new KerberosLDAPContainerException with a message
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ */
+ public KerberosLDAPContainerException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new KerberosLDAPContainerException with a message and a cause
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ * @param cause a Throwable declaring the previously thrown Throwable that led to this exception
+ */
+ public KerberosLDAPContainerException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3d445e73/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationException.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationException.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationException.java
new file mode 100644
index 0000000..8d9f9b9
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosOperationException.java
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+/**
+ * KerberosOperationException is an Exception implementation that is thrown in the even an error
+ * occurs while executing a Kerberos-related operation.
+ * <p/>
+ * Classes may extend this class to specialize on specific Kerberos-related error conditions.
+ */
+public class KerberosOperationException extends Exception {
+
+ /**
+ * Creates a new KerberosOperationException with a message
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ */
+ public KerberosOperationException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new KerberosOperationException with a message and a cause
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ * @param cause a Throwable declaring the previously thrown Throwable that led to this exception
+ */
+ public KerberosOperationException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3d445e73/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosRealmException.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosRealmException.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosRealmException.java
new file mode 100644
index 0000000..4696f2d
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/KerberosRealmException.java
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+/**
+ * KerberosRealmException is a KerberosOperationException thrown in the event a connection
+ * to the KDC was not able to be made due to an unexpected realm.
+ * <p/>
+ * This can happen, for example, if the krb5.conf file does not have an entry in it for the realm.
+ */
+public class KerberosRealmException extends KerberosOperationException {
+ /**
+ * Creates a new KerberosRealmException with a message
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ */
+ public KerberosRealmException(String message) {
+ super(message);
+ }
+
+ /**
+ * Creates a new KerberosRealmException with a message and a cause
+ *
+ * @param message a String containing the message indicating the reason for this exception
+ * @param cause a Throwable declaring the previously thrown Throwable that led to this exception
+ */
+ public KerberosRealmException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3d445e73/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/TrustingSSLSocketFactory.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/TrustingSSLSocketFactory.java b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/TrustingSSLSocketFactory.java
new file mode 100644
index 0000000..73478c3
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/TrustingSSLSocketFactory.java
@@ -0,0 +1,100 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.serveraction.kerberos;
+
+import javax.net.SocketFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+import java.security.SecureRandom;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+public class TrustingSSLSocketFactory extends SSLSocketFactory {
+ private SSLSocketFactory socketFactory;
+
+ public TrustingSSLSocketFactory() {
+ try {
+ SSLContext ctx = SSLContext.getInstance("TLS");
+ ctx.init(null, new TrustManager[]{new LenientTrustManager()}, new SecureRandom());
+ socketFactory = ctx.getSocketFactory();
+ } catch (Exception ex) {
+ ex.printStackTrace(System.err); /* handle exception */
+ }
+ }
+
+ public static SocketFactory getDefault() {
+ return new TrustingSSLSocketFactory();
+ }
+
+ @Override
+ public String[] getDefaultCipherSuites() {
+ return socketFactory.getDefaultCipherSuites();
+ }
+
+ @Override
+ public String[] getSupportedCipherSuites() {
+ return socketFactory.getSupportedCipherSuites();
+ }
+
+ @Override
+ public Socket createSocket(Socket socket, String string, int i, boolean bln) throws IOException {
+ return socketFactory.createSocket(socket, string, i, bln);
+ }
+
+ @Override
+ public Socket createSocket(String string, int i) throws IOException, UnknownHostException {
+ return socketFactory.createSocket(string, i);
+ }
+
+ @Override
+ public Socket createSocket(String string, int i, InetAddress ia, int i1) throws IOException, UnknownHostException {
+ return socketFactory.createSocket(string, i, ia, i1);
+ }
+
+ @Override
+ public Socket createSocket(InetAddress ia, int i) throws IOException {
+ return socketFactory.createSocket(ia, i);
+ }
+
+ @Override
+ public Socket createSocket(InetAddress ia, int i, InetAddress ia1, int i1) throws IOException {
+ return socketFactory.createSocket(ia, i, ia1, i1);
+ }
+
+
+ public static class LenientTrustManager implements X509TrustManager {
+ public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
+ // do nothing
+ }
+
+ public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
+ // do nothing
+ }
+
+ public X509Certificate[] getAcceptedIssuers() {
+ return new java.security.cert.X509Certificate[0];
+ }
+ }
+}
\ No newline at end of file