You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ha...@apache.org on 2015/04/28 14:45:37 UTC
[1/2] directory-kerby git commit: DIRKRB-225 Enhance kadmin to
support modify principal. Contributed by Jiajia
Repository: directory-kerby
Updated Branches:
refs/heads/master aebcc0b0c -> c74a12d6d
DIRKRB-225 Enhance kadmin to support modify principal. Contributed by Jiajia
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/c2d93036
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/c2d93036
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/c2d93036
Branch: refs/heads/master
Commit: c2d930363c84d14d69f1494f5b73aaf522b502f1
Parents: aebcc0b
Author: Lin <li...@foxmail.com>
Authored: Tue Apr 28 20:41:26 2015 -0700
Committer: Lin <li...@foxmail.com>
Committed: Tue Apr 28 20:41:26 2015 -0700
----------------------------------------------------------------------
.../identitybackend/JsonIdentityBackend.java | 7 +-
.../kerby/kerberos/tool/kadmin/Kadmin.java | 6 +
.../executor/ModifyPrincipalExecutor.java | 128 +++++++++++++++++++
.../kerberos/tool/kadmin/tool/KadminTool.java | 5 +
.../main/java/org/apache/kerby/KOptions.java | 23 ++++
5 files changed, 167 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c2d93036/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java b/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
index 5b76ee5..4c89db6 100644
--- a/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
+++ b/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
@@ -138,9 +138,12 @@ public class JsonIdentityBackend extends AbstractIdentityBackend {
@Override
protected KrbIdentity doUpdateIdentity(KrbIdentity identity) {
checkAndLoad();
- ids.put(identity.getPrincipalName(), identity);
+ if (ids.containsKey(identity.getPrincipalName())) {
+ ids.put(identity.getPrincipalName(), identity);
+ } else {
+ throw new RuntimeException("Principal does not exist.");
+ }
idsToFile(ids);
-
return identity;
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c2d93036/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/Kadmin.java
----------------------------------------------------------------------
diff --git a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/Kadmin.java b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/Kadmin.java
index 33737b8..4c631d2 100644
--- a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/Kadmin.java
+++ b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/Kadmin.java
@@ -25,6 +25,7 @@ import org.apache.kerby.kerberos.tool.kadmin.executor.AddPrincipalExecutor;
import org.apache.kerby.kerberos.tool.kadmin.executor.DeletePrincipalExecutor;
import org.apache.kerby.kerberos.tool.kadmin.executor.KadminCommandExecutor;
import org.apache.kerby.kerberos.tool.kadmin.executor.KeytabAddExecutor;
+import org.apache.kerby.kerberos.tool.kadmin.executor.ModifyPrincipalExecutor;
import java.io.File;
import java.io.IOException;
@@ -68,6 +69,8 @@ public class Kadmin {
private static Conf backendConfig;
private static void execute(String command) {
+ //omit the leading and trailing whitespace.
+ command = command.trim();
if (command.equals("list_requests") ||
command.equals("lr") ||
command.equals("?")) {
@@ -86,6 +89,9 @@ public class Kadmin {
} else if (command.startsWith("delete_principal") ||
command.startsWith("delprinc")) {
executor = new DeletePrincipalExecutor(backendConfig);
+ } else if (command.startsWith("modify_principal") ||
+ command.startsWith("modprinc")) {
+ executor = new ModifyPrincipalExecutor(kdcConfig, backendConfig);
}
if (executor == null) {
System.out.println("Unknown request \"" + command + "\". Type \"?\" for a request list.");
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c2d93036/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/executor/ModifyPrincipalExecutor.java
----------------------------------------------------------------------
diff --git a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/executor/ModifyPrincipalExecutor.java b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/executor/ModifyPrincipalExecutor.java
new file mode 100644
index 0000000..fb264fe
--- /dev/null
+++ b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/executor/ModifyPrincipalExecutor.java
@@ -0,0 +1,128 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.tool.kadmin.executor;
+
+import org.apache.kerby.KOptionType;
+import org.apache.kerby.KOptions;
+import org.apache.kerby.config.Config;
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.identity.backend.IdentityBackend;
+import org.apache.kerby.kerberos.kerb.server.KdcConfig;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.tool.kadmin.tool.KadminOption;
+import org.apache.kerby.kerberos.tool.kadmin.tool.KadminTool;
+
+import java.util.Date;
+
+public class ModifyPrincipalExecutor implements KadminCommandExecutor {
+ private static final String USAGE = "Usage: modify_principal [options] principal\n" +
+ "\toptions are:\n" +
+ "\t\t[-expire dd/MM/yy:HH:mm:ss]\n" +
+ "\t\t[-disabled true/false]\n" +
+ "\t\t[-locked true/false]\n" +
+ "\tExample:\n" +
+ "\t\tmodify_principal -expire 23/04/15:01:01:01 -disabled false -locked true test@EXAMPLE.COM";
+
+ private Config backendConfig;
+ private KOptions kOptions;
+ private String principal;
+
+ public ModifyPrincipalExecutor(KdcConfig kdcConfig, Config backendConfig) {
+ this.backendConfig = backendConfig;
+ kOptions = new KOptions();
+ }
+
+ @Override
+ public void execute(String input) {
+ String[] commands = input.split(" ");
+ if (commands.length < 2) {
+ KadminTool.printUsage("missing operand!", USAGE);
+ return;
+ }
+ parseOptions(commands);
+ modifyPrincipal(principal);
+ }
+
+ private void parseOptions(String[] commands) {
+ KadminOption kOption;
+ String opt, error, param;
+ int i = 1;
+ while (i < commands.length) {
+ error = null;
+ opt = commands[i++];
+ if (opt.startsWith("-")) {
+ kOption = KadminOption.fromName(opt);
+ if (kOption == KadminOption.NONE) {
+ error = "Invalid option:" + opt;
+ break;
+ }
+ } else {
+ principal = opt;
+ kOption = KadminOption.NONE;
+ }
+
+ if (kOption.getType() != KOptionType.NOV) { // require a parameter
+ param = null;
+ if (i < commands.length) {
+ param = commands[i++];
+ }
+ if (param != null) {
+ kOptions.parseSetValue(kOption, param);
+ } else {
+ error = "Option " + opt + " require a parameter";
+ }
+ }
+ if (error != null) {
+ KadminTool.printUsage(error, USAGE);
+ }
+ kOptions.add(kOption);
+ }
+ if(principal == null) {
+ KadminTool.printUsage("missing principal name!", USAGE);
+ }
+ }
+
+ private void modifyPrincipal(String principal) {
+ IdentityBackend backend = KadminTool.getBackend(backendConfig);
+
+ KrbIdentity originIdentity = backend.getIdentity(principal);
+ KrbIdentity identity = createUpdatedIdentity(originIdentity);
+ try {
+ backend.updateIdentity(identity);
+ System.out.println("Principal \"" + principal + "\" modified.");
+ } catch (Exception e) {
+ System.err.println("Principal \"" + principal + "\" fail to modify." + e.getMessage());
+ }
+ }
+
+ protected KrbIdentity createUpdatedIdentity(KrbIdentity kid) {
+ if (kOptions.contains(KadminOption.EXPIRE)) {
+ Date date = kOptions.getDateOption(KadminOption.EXPIRE);
+ kid.setExpireTime(new KerberosTime(date.getTime()));
+ }
+ if (kOptions.contains(KadminOption.DISABLED)) {
+ kid.setDisabled(kOptions.getBooleanOption(KadminOption.DISABLED));
+ }
+ if (kOptions.contains(KadminOption.LOCKED)) {
+ kid.setLocked(kOptions.getBooleanOption(KadminOption.LOCKED));
+ }
+ return kid;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c2d93036/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/tool/KadminTool.java
----------------------------------------------------------------------
diff --git a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/tool/KadminTool.java b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/tool/KadminTool.java
index fe0f244..acc8b17 100644
--- a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/tool/KadminTool.java
+++ b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kadmin/tool/KadminTool.java
@@ -55,4 +55,9 @@ public class KadminTool {
backend.initialize();
return backend;
}
+
+ public static void printUsage(String error, String USAGE) {
+ System.err.println(error + "\n");
+ System.err.println(USAGE);
+ }
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c2d93036/lib/kerby-util/src/main/java/org/apache/kerby/KOptions.java
----------------------------------------------------------------------
diff --git a/lib/kerby-util/src/main/java/org/apache/kerby/KOptions.java b/lib/kerby-util/src/main/java/org/apache/kerby/KOptions.java
index b31cb7b..2cccdf2 100644
--- a/lib/kerby-util/src/main/java/org/apache/kerby/KOptions.java
+++ b/lib/kerby-util/src/main/java/org/apache/kerby/KOptions.java
@@ -20,7 +20,11 @@
package org.apache.kerby;
import java.io.File;
+import java.text.DateFormat;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
import java.util.ArrayList;
+import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -66,6 +70,17 @@ public class KOptions {
}
} else if (kt == KOptionType.STR) {
kopt.setValue(strValue);
+ } else if (kt == KOptionType.DATE) {
+ DateFormat df = new SimpleDateFormat("dd/MM/yy:HH:mm:ss");
+ Date date = null;
+ try {
+ date = df.parse(strValue);
+ kopt.setValue(date);
+ } catch (ParseException e) {
+ throw new IllegalArgumentException("Fail to parse the date: " + strValue);
+ }
+ } else if (kt == KOptionType.BOOL) {
+ kopt.setValue(Boolean.valueOf(strValue));
} else {
throw new IllegalArgumentException("Not recognised option:" + strValue);
}
@@ -162,4 +177,12 @@ public class KOptions {
}
return null;
}
+
+ public Date getDateOption(KOption option) {
+ Object value = getOptionValue(option);
+ if (value instanceof Date) {
+ return (Date) value;
+ }
+ return null;
+ }
}
[2/2] directory-kerby git commit: Remove an inappropriate javadoc.
Posted by ha...@apache.org.
Remove an inappropriate javadoc.
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/c74a12d6
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/c74a12d6
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/c74a12d6
Branch: refs/heads/master
Commit: c74a12d6dd3af03fab2fbada317ac42fbe5b67ec
Parents: c2d9303
Author: Lin <li...@foxmail.com>
Authored: Tue Apr 28 20:44:48 2015 -0700
Committer: Lin <li...@foxmail.com>
Committed: Tue Apr 28 20:44:48 2015 -0700
----------------------------------------------------------------------
.../kerby/kerberos/kerb/crypto/PrfTest.java | 53 +++++++++-----------
1 file changed, 25 insertions(+), 28 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c74a12d6/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/PrfTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/PrfTest.java b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/PrfTest.java
index 6a53576..1e17df7 100644
--- a/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/PrfTest.java
+++ b/kerby-kerb/kerb-crypto/src/test/java/org/apache/kerby/kerberos/kerb/crypto/PrfTest.java
@@ -27,23 +27,21 @@ import java.util.Arrays;
import static org.assertj.core.api.Assertions.fail;
-/**
- * Created by yaningxu on 4/13/2015.
- */
public class PrfTest {
- static class TestCase {
- EncryptionType encType;
- String keyData;
- String seed;
- String answer;
- TestCase(EncryptionType encType, String keyData,
- String seed, String answer) {
- this.encType = encType;
- this.keyData = keyData;
- this.seed = seed;
- this.answer = answer;
- }
+ private static void performTest(TestCase testCase) throws Exception {
+ byte[] keyData = EncryptionHandler.getEncHandler(testCase.encType).str2key(testCase.keyData, testCase.keyData, null);
+ byte[] seed = HexUtil.hex2bytes(testCase.seed);
+ byte[] answer = HexUtil.hex2bytes(testCase.answer);
+ byte[] outkey = EncryptionHandler.getEncHandler(testCase.encType).prf(keyData, seed);
+ if (! Arrays.equals(answer, outkey)) {
+ System.err.println("failed with:");
+ System.err.println("outKey:" + HexUtil.bytesToHex(outkey));
+ System.err.println("answer:" + testCase.answer);
+ fail("KeyDerive test failed for " + testCase.encType.getName());
+ } else {
+ System.out.println("Prf test OK for " + testCase.encType.getName());
+ }
}
@Test
@@ -146,19 +144,18 @@ public class PrfTest {
));
}
- private static void performTest(TestCase testCase) throws Exception {
- byte[] keyData = EncryptionHandler.getEncHandler(testCase.encType).str2key(testCase.keyData, testCase.keyData, null);
- byte[] seed = HexUtil.hex2bytes(testCase.seed);
- byte[] answer = HexUtil.hex2bytes(testCase.answer);
- byte[] outkey = EncryptionHandler.getEncHandler(testCase.encType).prf(keyData, seed);
-
- if (! Arrays.equals(answer, outkey)) {
- System.err.println("failed with:");
- System.err.println("outKey:" + HexUtil.bytesToHex(outkey));
- System.err.println("answer:" + testCase.answer);
- fail("KeyDerive test failed for " + testCase.encType.getName());
- } else {
- System.out.println("Prf test OK for " + testCase.encType.getName());
+ static class TestCase {
+ EncryptionType encType;
+ String keyData;
+ String seed;
+ String answer;
+ TestCase(EncryptionType encType, String keyData,
+ String seed, String answer) {
+ this.encType = encType;
+ this.keyData = keyData;
+ this.seed = seed;
+ this.answer = answer;
}
+
}
}