You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/03/14 05:27:24 UTC
directory-kerberos git commit: WIP: Working on identity backends
Repository: directory-kerberos
Updated Branches:
refs/heads/master 097d43c42 -> a713921a3
WIP: Working on identity backends
Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/a713921a
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/a713921a
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/a713921a
Branch: refs/heads/master
Commit: a713921a346f77817946ef433aa4646c9cd106c1
Parents: 097d43c
Author: Drankye <dr...@gmail.com>
Authored: Sat Mar 14 12:27:07 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Sat Mar 14 12:27:07 2015 +0800
----------------------------------------------------------------------
kdc-backend/Json-identity-backend/pom.xml | 46 ------
.../identitybackend/JsonIdentityBackend.java | 103 -------------
kdc-backend/json-backend/pom.xml | 46 ++++++
.../identitybackend/JsonIdentityBackend.java | 103 +++++++++++++
kdc-backend/ldap-backend/pom.xml | 50 ++++++
.../identitybackend/LdapIdentityBackend.java | 102 +++++++++++++
kdc-backend/ldap-identity-backend/pom.xml | 50 ------
.../identitybackend/LdapIdentityBackend.java | 102 -------------
kdc-backend/pom.xml | 5 +-
kdc-backend/zookeeper-backend/pom.xml | 50 ++++++
.../kerberos/kdc/identitybackend/ZKConfKey.java | 50 ++++++
.../ZookeeperIdentityBackend.java | 152 +++++++++++++++++++
.../kerberos/kerb/client/KrbConfigKey.java | 6 +-
.../kerberos/kerb/common/SectionConfigKey.java | 4 +-
.../backend/InMemoryIdentityBackend.java | 8 +
.../kerberos/kerb/server/KdcConfigKey.java | 7 +-
16 files changed, 571 insertions(+), 313 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/Json-identity-backend/pom.xml
----------------------------------------------------------------------
diff --git a/kdc-backend/Json-identity-backend/pom.xml b/kdc-backend/Json-identity-backend/pom.xml
deleted file mode 100644
index d233d9c..0000000
--- a/kdc-backend/Json-identity-backend/pom.xml
+++ /dev/null
@@ -1,46 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.apache.kerby</groupId>
- <artifactId>kdc-backend</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>Json-identity-backend</artifactId>
-
- <name>Json identity backend</name>
- <description>Json identity backend</description>
-
- <dependencies>
- <dependency>
- <groupId>org.apache.kerby</groupId>
- <artifactId>kerby-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.kerby</groupId>
- <artifactId>kerb-identity</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>com.googlecode.json-simple</groupId>
- <artifactId>json-simple</artifactId>
- <version>1.1.1</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/Json-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kdc-backend/Json-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java b/kdc-backend/Json-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
deleted file mode 100644
index a54ca08..0000000
--- a/kdc-backend/Json-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
+++ /dev/null
@@ -1,103 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kdc.identitybackend;
-
-import org.apache.kerby.config.Config;
-import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
-import org.apache.kerby.kerberos.kerb.identity.backend.InMemoryIdentityBackend;
-
-import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-
-/**
- * An LDAP based backend implementation.
- *
- */
-public class JsonIdentityBackend extends InMemoryIdentityBackend {
- public static final String JSON_IDENTITY_BACKEND_FILE =
- "kdc.identitybackend.json.file";
- private Config config;
- private File jsonKdbFile;
-
- /**
- * Constructing an instance using specified config that contains anything
- * to be used to initialize the json format database.
- * @param config
- */
- public JsonIdentityBackend(Config config) {
- this.config = config;
- }
-
- /**
- * Load identities from file
- */
- public void load() throws IOException {
- String jsonFile = config.getString(JSON_IDENTITY_BACKEND_FILE);
- if (jsonFile == null || jsonFile.isEmpty()) {
- throw new RuntimeException("No json kdb file is found");
- }
-
- jsonKdbFile = new File(jsonFile);
- if (! jsonKdbFile.exists()) {
- throw new FileNotFoundException("File not found:" + jsonFile);
- }
-
- // TODO: load the kdb file.
- }
-
- private void checkAndLoad() {
- // TODO: check kdb file timestamp to see if it's changed or not. If
- // necessary load the kdb again.
- }
-
- /**
- * Persist the updated identities back
- */
- public void save() {
- // TODO: save into the kdb file
- }
-
- @Override
- public KrbIdentity getIdentity(String name) {
- return super.getIdentity(name);
- }
-
- @Override
- public void addIdentity(KrbIdentity identity) {
- super.addIdentity(identity);
-
- // TODO: save
- }
-
- @Override
- public void updateIdentity(KrbIdentity identity) {
- super.updateIdentity(identity);
-
- // TODO: save
- }
-
- @Override
- public void deleteIdentity(KrbIdentity identity) {
- super.deleteIdentity(identity);
-
- // TODO: save
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/json-backend/pom.xml
----------------------------------------------------------------------
diff --git a/kdc-backend/json-backend/pom.xml b/kdc-backend/json-backend/pom.xml
new file mode 100644
index 0000000..d233d9c
--- /dev/null
+++ b/kdc-backend/json-backend/pom.xml
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kdc-backend</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>Json-identity-backend</artifactId>
+
+ <name>Json identity backend</name>
+ <description>Json identity backend</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-identity</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.googlecode.json-simple</groupId>
+ <artifactId>json-simple</artifactId>
+ <version>1.1.1</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kdc-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java b/kdc-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
new file mode 100644
index 0000000..6a2aab1
--- /dev/null
+++ b/kdc-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
@@ -0,0 +1,103 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc.identitybackend;
+
+import org.apache.kerby.config.Config;
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.identity.backend.InMemoryIdentityBackend;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+
+/**
+ * An Json file based backend implementation.
+ *
+ */
+public class JsonIdentityBackend extends InMemoryIdentityBackend {
+ public static final String JSON_IDENTITY_BACKEND_FILE =
+ "kdc.identitybackend.json.file";
+ private Config config;
+ private File jsonKdbFile;
+
+ /**
+ * Constructing an instance using specified config that contains anything
+ * to be used to initialize the json format database.
+ * @param config
+ */
+ public JsonIdentityBackend(Config config) {
+ this.config = config;
+ }
+
+ /**
+ * Load identities from file
+ */
+ public void load() throws IOException {
+ String jsonFile = config.getString(JSON_IDENTITY_BACKEND_FILE);
+ if (jsonFile == null || jsonFile.isEmpty()) {
+ throw new RuntimeException("No json kdb file is found");
+ }
+
+ jsonKdbFile = new File(jsonFile);
+ if (! jsonKdbFile.exists()) {
+ throw new FileNotFoundException("File not found:" + jsonFile);
+ }
+
+ // TODO: load the kdb file.
+ }
+
+ private void checkAndLoad() {
+ // TODO: check kdb file timestamp to see if it's changed or not. If
+ // necessary load the kdb again.
+ }
+
+ /**
+ * Persist the updated identities back
+ */
+ public void save() {
+ // TODO: save into the kdb file
+ }
+
+ @Override
+ public KrbIdentity getIdentity(String name) {
+ return super.getIdentity(name);
+ }
+
+ @Override
+ public void addIdentity(KrbIdentity identity) {
+ super.addIdentity(identity);
+
+ // TODO: save
+ }
+
+ @Override
+ public void updateIdentity(KrbIdentity identity) {
+ super.updateIdentity(identity);
+
+ // TODO: save
+ }
+
+ @Override
+ public void deleteIdentity(KrbIdentity identity) {
+ super.deleteIdentity(identity);
+
+ // TODO: save
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/ldap-backend/pom.xml
----------------------------------------------------------------------
diff --git a/kdc-backend/ldap-backend/pom.xml b/kdc-backend/ldap-backend/pom.xml
new file mode 100644
index 0000000..45d1bdf
--- /dev/null
+++ b/kdc-backend/ldap-backend/pom.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kdc-backend</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>ldap-identity-backend</artifactId>
+
+ <name>Ldap identity backend</name>
+ <description>Ldap identity backend</description>
+
+ <properties>
+ <ldap.api.version>1.0.0-M28</ldap.api.version>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-identity</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.directory.api</groupId>
+ <artifactId>api-ldap-client-api</artifactId>
+ <version>${ldap.api.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kdc-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java b/kdc-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
new file mode 100644
index 0000000..e867b3a
--- /dev/null
+++ b/kdc-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
@@ -0,0 +1,102 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc.identitybackend;
+
+import org.apache.directory.api.ldap.model.name.Dn;
+import org.apache.directory.ldap.client.api.LdapConnection;
+import org.apache.kerby.config.Config;
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.identity.backend.AbstractIdentityBackend;
+
+import java.util.List;
+
+/**
+ * An LDAP based backend implementation.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class LdapIdentityBackend extends AbstractIdentityBackend {
+
+ /** the connection to the LDAP server */
+ // in case of ApacheDS this will be an istance of LdapCoreSessionConnection
+ private LdapConnection connection;
+
+ private Dn baseDn;
+
+ /**
+ * Constructing an instance using specified config that contains anything to be used
+ * to initialize an LdapConnection and necessary baseDn.
+ * @param config
+ */
+ public LdapIdentityBackend(Config config) {
+ super(config);
+ }
+
+ public LdapIdentityBackend(LdapConnection connection, Dn baseDn) {
+ super();
+ this.connection = connection;
+ this.baseDn = baseDn;
+ }
+
+ /**
+ * Load identities from file
+ */
+ public void load() {
+ // todo
+ }
+
+ /**
+ * Persist the updated identities back
+ */
+ public void save() {
+ // todo
+ }
+
+ @Override
+ public List<KrbIdentity> getIdentities() {
+ return null;
+ }
+
+ @Override
+ public boolean checkIdentity(String name) {
+
+ return false;
+ }
+
+ @Override
+ public KrbIdentity getIdentity(String name) {
+ return null;
+ }
+
+ @Override
+ public void addIdentity(KrbIdentity identity) {
+
+ }
+
+ @Override
+ public void updateIdentity(KrbIdentity identity) {
+
+ }
+
+ @Override
+ public void deleteIdentity(KrbIdentity identity) {
+
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/ldap-identity-backend/pom.xml
----------------------------------------------------------------------
diff --git a/kdc-backend/ldap-identity-backend/pom.xml b/kdc-backend/ldap-identity-backend/pom.xml
deleted file mode 100644
index 45d1bdf..0000000
--- a/kdc-backend/ldap-identity-backend/pom.xml
+++ /dev/null
@@ -1,50 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.apache.kerby</groupId>
- <artifactId>kdc-backend</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>ldap-identity-backend</artifactId>
-
- <name>Ldap identity backend</name>
- <description>Ldap identity backend</description>
-
- <properties>
- <ldap.api.version>1.0.0-M28</ldap.api.version>
- </properties>
-
- <dependencies>
- <dependency>
- <groupId>org.apache.kerby</groupId>
- <artifactId>kerby-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.kerby</groupId>
- <artifactId>kerb-identity</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.apache.directory.api</groupId>
- <artifactId>api-ldap-client-api</artifactId>
- <version>${ldap.api.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/ldap-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kdc-backend/ldap-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java b/kdc-backend/ldap-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
deleted file mode 100644
index e867b3a..0000000
--- a/kdc-backend/ldap-identity-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
+++ /dev/null
@@ -1,102 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kdc.identitybackend;
-
-import org.apache.directory.api.ldap.model.name.Dn;
-import org.apache.directory.ldap.client.api.LdapConnection;
-import org.apache.kerby.config.Config;
-import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
-import org.apache.kerby.kerberos.kerb.identity.backend.AbstractIdentityBackend;
-
-import java.util.List;
-
-/**
- * An LDAP based backend implementation.
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- */
-public class LdapIdentityBackend extends AbstractIdentityBackend {
-
- /** the connection to the LDAP server */
- // in case of ApacheDS this will be an istance of LdapCoreSessionConnection
- private LdapConnection connection;
-
- private Dn baseDn;
-
- /**
- * Constructing an instance using specified config that contains anything to be used
- * to initialize an LdapConnection and necessary baseDn.
- * @param config
- */
- public LdapIdentityBackend(Config config) {
- super(config);
- }
-
- public LdapIdentityBackend(LdapConnection connection, Dn baseDn) {
- super();
- this.connection = connection;
- this.baseDn = baseDn;
- }
-
- /**
- * Load identities from file
- */
- public void load() {
- // todo
- }
-
- /**
- * Persist the updated identities back
- */
- public void save() {
- // todo
- }
-
- @Override
- public List<KrbIdentity> getIdentities() {
- return null;
- }
-
- @Override
- public boolean checkIdentity(String name) {
-
- return false;
- }
-
- @Override
- public KrbIdentity getIdentity(String name) {
- return null;
- }
-
- @Override
- public void addIdentity(KrbIdentity identity) {
-
- }
-
- @Override
- public void updateIdentity(KrbIdentity identity) {
-
- }
-
- @Override
- public void deleteIdentity(KrbIdentity identity) {
-
- }
-}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/pom.xml
----------------------------------------------------------------------
diff --git a/kdc-backend/pom.xml b/kdc-backend/pom.xml
index 66408b2..26560ce 100644
--- a/kdc-backend/pom.xml
+++ b/kdc-backend/pom.xml
@@ -27,7 +27,8 @@
<packaging>pom</packaging>
<modules>
- <module>ldap-identity-backend</module>
- <module>json-identity-backend</module>
+ <module>ldap-backend</module>
+ <module>json-backend</module>
+ <module>zookeeper-backend</module>
</modules>
</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/zookeeper-backend/pom.xml
----------------------------------------------------------------------
diff --git a/kdc-backend/zookeeper-backend/pom.xml b/kdc-backend/zookeeper-backend/pom.xml
new file mode 100644
index 0000000..3e5373d
--- /dev/null
+++ b/kdc-backend/zookeeper-backend/pom.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kdc-backend</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>zookeeper-backend</artifactId>
+
+ <name>Zookeeper identity backend</name>
+ <description>Zookeeper identity backend</description>
+
+ <properties>
+ <zookeeper.version>3.4.6</zookeeper.version>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-identity</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.zookeeper</groupId>
+ <artifactId>zookeeper</artifactId>
+ <version>${zookeeper.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKConfKey.java
----------------------------------------------------------------------
diff --git a/kdc-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKConfKey.java b/kdc-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKConfKey.java
new file mode 100644
index 0000000..33e0a2a
--- /dev/null
+++ b/kdc-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKConfKey.java
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc.identitybackend;
+
+import org.apache.kerby.config.ConfigKey;
+
+/**
+ * Define all the ZK backend related configuration items with default values.
+ */
+public enum ZKConfKey implements ConfigKey {
+ ZK_HOST("127.0.0.1"),
+ ZK_PORT(9015);
+
+ private Object defaultValue;
+
+ private ZKConfKey() {
+ this.defaultValue = null;
+ }
+
+ private ZKConfKey(Object defaultValue) {
+ this.defaultValue = defaultValue;
+ }
+
+ @Override
+ public String getPropertyKey() {
+ return name().toLowerCase();
+ }
+
+ @Override
+ public Object getDefaultValue() {
+ return this.defaultValue;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kdc-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kdc-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java b/kdc-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
new file mode 100644
index 0000000..be0a36e
--- /dev/null
+++ b/kdc-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
@@ -0,0 +1,152 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc.identitybackend;
+
+import org.apache.kerby.config.Config;
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.identity.backend.InMemoryIdentityBackend;
+import org.apache.zookeeper.WatchedEvent;
+import org.apache.zookeeper.Watcher;
+import org.apache.zookeeper.ZooKeeper;
+import org.apache.zookeeper.server.ServerConfig;
+import org.apache.zookeeper.server.ZooKeeperServerMain;
+import org.apache.zookeeper.server.quorum.QuorumPeerConfig;
+
+import java.io.IOException;
+import java.util.Properties;
+
+/**
+ * A Zookeeper based backend implementation. Currently it uses an embedded
+ * Zookeeper. In follow up it will be enhanced to support standalone Zookeeper
+ * cluster for replication and reliability.
+ *
+ */
+public class ZookeeperIdentityBackend extends InMemoryIdentityBackend
+ implements Watcher {
+ private Config config;
+ private String zkHost;
+ private int zkPort;
+
+ /**
+ * Constructing an instance using specified config that contains anything
+ * to be used to init the Zookeeper backend.
+ * @param config
+ */
+ public ZookeeperIdentityBackend(Config config) {
+ this.config = config;
+ init();
+ }
+
+ private void init() {
+ zkHost = config.getString(ZKConfKey.ZK_HOST);
+ zkPort = config.getInt(ZKConfKey.ZK_PORT);
+ startEmbeddedZookeeper();
+ connectZK();
+ }
+
+ /**
+ * Prepare connection to Zookeeper server.
+ */
+ private void connectZK() {
+ try {
+ ZooKeeper zooKeeper = new ZooKeeper(zkHost, zkPort, null);
+ } catch (IOException e) {
+ throw new RuntimeException("Failed to prepare Zookeeper connection");
+ }
+ }
+
+ /**
+ * Load identities from file
+ */
+ public void load() throws IOException {
+ // TODO: prepare zookeeper connection to the server.
+ ZooKeeper zooKeeper = null;
+
+ // TODO: load the kdb file from zookeeper
+ }
+
+ private void startEmbeddedZookeeper() {
+ Properties startupProperties = new Properties();
+
+ QuorumPeerConfig quorumConfiguration = new QuorumPeerConfig();
+ try {
+ quorumConfiguration.parseProperties(startupProperties);
+ } catch(Exception e) {
+ throw new RuntimeException(e);
+ }
+
+ final ZooKeeperServerMain zooKeeperServer = new ZooKeeperServerMain();
+ final ServerConfig configuration = new ServerConfig();
+ configuration.readFrom(quorumConfiguration);
+
+ new Thread() {
+ public void run() {
+ try {
+ zooKeeperServer.runFromConfig(configuration);
+ } catch (IOException e) {
+ //log.error("ZooKeeper Failed", e);
+ }
+ }
+ }.start();
+
+ }
+
+ /**
+ * Persist the updated identities back
+ */
+ public void save() {
+ // TODO: save into the kdb file
+ }
+
+ @Override
+ public KrbIdentity getIdentity(String name) {
+ return super.getIdentity(name);
+ }
+
+ @Override
+ public void addIdentity(KrbIdentity identity) {
+ super.addIdentity(identity);
+
+ // TODO: save
+ }
+
+ @Override
+ public void updateIdentity(KrbIdentity identity) {
+ super.updateIdentity(identity);
+
+ // TODO: save
+ }
+
+ @Override
+ public void deleteIdentity(KrbIdentity identity) {
+ super.deleteIdentity(identity);
+
+ // TODO: save
+ }
+
+ /**
+ * This will watch all the kdb update event so that it's timely synced.
+ * @param event
+ */
+ @Override
+ public void process(WatchedEvent event) {
+ System.out.print("I got an event: " + event);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
index 2350529..845c0ec 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
@@ -66,7 +66,8 @@ public enum KrbConfigKey implements SectionConfigKey {
private Object defaultValue;
/**
- * The name of a section where a config key is contained in MIT Kerberos config file.
+ * The name of a section where a config key is contained in
+ * section-able config file.
*/
private String sectionName;
@@ -83,9 +84,6 @@ public enum KrbConfigKey implements SectionConfigKey {
this.sectionName = sectionName;
}
- /**
- * Use the propertyKey, we can get the configuration value from Object Conf.
- */
@Override
public String getPropertyKey() {
return name().toLowerCase();
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/SectionConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/SectionConfigKey.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/SectionConfigKey.java
index 1dc83bf..0f4152c 100644
--- a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/SectionConfigKey.java
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/SectionConfigKey.java
@@ -22,8 +22,8 @@ package org.apache.kerby.kerberos.kerb.common;
import org.apache.kerby.config.ConfigKey;
/**
- * Config Keys with section name.
- * Use by MIT Kerberos config keys.
+ * Config Keys with section name, to support formats like
+ * MIT Kerberos configuration.
*/
public interface SectionConfigKey extends ConfigKey {
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
index d5e8738..a1581d6 100644
--- a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/backend/InMemoryIdentityBackend.java
@@ -26,6 +26,14 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
+/**
+ * A memory map based identity backend that loads and keeps all the identities
+ * in a hashmap for fast lookup and operation.
+ *
+ * It's subject to be improved to only keep limited recently active identities
+ * in the map, and leave other identities in persistent storage by delegation
+ * to another backend.
+ */
public class InMemoryIdentityBackend extends AbstractIdentityBackend {
private final Map<String, KrbIdentity> identities;
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/a713921a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
index 497160a..490510e 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
@@ -56,8 +56,10 @@ public enum KdcConfigKey implements SectionConfigKey {
ADMIN_SERVER(null, "logging");
private Object defaultValue;
+
/**
- * The name of a section where a config key is contained in MIT Kerberos config file.
+ * The name of a section where a config key is contained
+ * in section-able config file.
*/
private String sectionName;
@@ -74,9 +76,6 @@ public enum KdcConfigKey implements SectionConfigKey {
this.sectionName = sectionName;
}
- /**
- * Use the propertyKey, we can get the configuration value from Object Conf.
- */
@Override
public String getPropertyKey() {
return name().toLowerCase();