You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ha...@apache.org on 2015/04/09 09:11:32 UTC
directory-kerby git commit: DIRKRB-206 Getting the identity from
zookeeper backend. Contributed by Jiajia
Repository: directory-kerby
Updated Branches:
refs/heads/master 793554443 -> fbbc457f5
DIRKRB-206 Getting the identity from zookeeper backend. Contributed by Jiajia
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/fbbc457f
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/fbbc457f
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/fbbc457f
Branch: refs/heads/master
Commit: fbbc457f52ae8223c580ff4888ced5cdc86e4377
Parents: 7935544
Author: Lin <li...@foxmail.com>
Authored: Thu Apr 9 15:11:12 2015 +0800
Committer: Lin <li...@foxmail.com>
Committed: Thu Apr 9 15:11:12 2015 +0800
----------------------------------------------------------------------
.../kdc/identitybackend/IdentityZNode.java | 221 +++++++++++++++++++
.../kerberos/kdc/identitybackend/ZKUtil.java | 36 +++
.../ZookeeperIdentityBackend.java | 19 +-
.../identity/backend/ZookeeperBackendTest.java | 12 +-
4 files changed, 281 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fbbc457f/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNode.java
----------------------------------------------------------------------
diff --git a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNode.java b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNode.java
index a1d0325..dce5746 100644
--- a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNode.java
+++ b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNode.java
@@ -23,13 +23,16 @@ import org.apache.kerby.kerberos.kerb.crypto.util.BytesUtil;
import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
import org.apache.kerby.kerberos.kerb.spec.base.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.base.PrincipalName;
import org.apache.kerby.util.UTF8;
import org.apache.zookeeper.KeeperException;
import org.apache.zookeeper.ZooKeeper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import java.util.ArrayList;
import java.util.Iterator;
+import java.util.List;
import java.util.Map;
public class IdentityZNode {
@@ -42,24 +45,111 @@ public class IdentityZNode {
this.identityName = identityName;
}
+ public boolean exist() throws KeeperException {
+ String znode = IdentityZNodeHelper.getIndentityZNode(this.identityName);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ return false;
+ } else {
+ return true;
+ }
+ }
+
+ public PrincipalName getPrincipalName() throws KeeperException {
+ String znode = IdentityZNodeHelper.getPrincipalNameZnode(this.identityName);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data;
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ return null;
+ }
+ if (data != null) {
+ return new PrincipalName(UTF8.toString(data));
+ } else {
+ LOG.warn("can't get the date from znode: " + znode);
+ return null;
+ }
+ }
+
public void setPrincipalName(String principal) throws KeeperException {
ZKUtil.createSetData(this.zk,
IdentityZNodeHelper.getPrincipalNameZnode(this.identityName),
UTF8.toBytes(principal));
}
+ public int getKeyVersion() throws KeeperException {
+ String znode = IdentityZNodeHelper.getKeyVersionZNode(this.identityName);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data = new byte[0];
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ if (data != null) {
+ return BytesUtil.bytes2int(data, true);
+ } else {
+ LOG.warn("can't get the date from znode: " + znode);
+ return -1;
+ }
+ }
+
public void setKeyVersion(int keyVersion) throws KeeperException {
ZKUtil.createSetData(this.zk,
IdentityZNodeHelper.getKeyVersionZNode(this.identityName),
BytesUtil.int2bytes(keyVersion, true));
}
+ public int getKdcFlags() throws KeeperException {
+ String znode = IdentityZNodeHelper.getKdcFlagsZNode(this.identityName);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data = new byte[0];
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ if (data != null) {
+ return BytesUtil.bytes2int(data, true);
+ } else {
+ LOG.warn("can't get the date from znode: " + znode);
+ return -1;
+ }
+ }
+
public void setKdcFlags(int kdcFlags) throws KeeperException {
ZKUtil.createSetData(this.zk,
IdentityZNodeHelper.getKdcFlagsZNode(this.identityName),
BytesUtil.int2bytes(kdcFlags, true));
}
+ public boolean getDisabled() throws KeeperException {
+ String znode = IdentityZNodeHelper.getDisabledZNode(this.identityName);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data = new byte[0];
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ if (data != null) {
+ int disabled = BytesUtil.bytes2int(data, true);
+ return disabled == 1;
+ } else {
+ LOG.warn("can't get the date from znode: " + znode);
+ return false;
+ }
+ }
+
public void setDisabled(boolean disabled) throws KeeperException {
int value;
if (disabled) {
@@ -72,6 +162,26 @@ public class IdentityZNode {
BytesUtil.int2bytes(value, true));
}
+ public boolean getLocked() throws KeeperException {
+ String znode = IdentityZNodeHelper.getLockedZNode(this.identityName);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data = new byte[0];
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ if (data != null) {
+ int locked = BytesUtil.bytes2int(data, true);
+ return locked == 1;
+ } else {
+ LOG.warn("can't get the date from znode: " + znode);
+ return false;
+ }
+ }
+
public void setLocked(boolean locked) throws KeeperException {
int value;
if (locked) {
@@ -84,18 +194,129 @@ public class IdentityZNode {
BytesUtil.int2bytes(value, true));
}
+ public KerberosTime getExpireTime() throws KeeperException {
+ String znode = IdentityZNodeHelper.getExpireTimeZNode(this.identityName);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data = new byte[0];
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ if (data != null) {
+ long time = BytesUtil.bytes2long(data, true);
+ return new KerberosTime(time);
+ } else {
+ LOG.warn("can't get the date from znode:" + znode);
+ return null;
+ }
+ }
+
public void setExpireTime(KerberosTime time) throws KeeperException {
ZKUtil.createSetData(this.zk,
IdentityZNodeHelper.getExpireTimeZNode(this.identityName),
BytesUtil.long2bytes(time.getTime(), true));
}
+ public KerberosTime getCreatedTime() throws KeeperException {
+ String znode = IdentityZNodeHelper.getCreatedTimeZNode(this.identityName);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data = new byte[0];
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ if (data != null) {
+ long time = BytesUtil.bytes2long(data, true);
+ return new KerberosTime(time);
+ } else {
+ LOG.warn("can't get the date from znode: " + znode);
+ return null;
+ }
+ }
+
public void setCreatedTime(KerberosTime time) throws KeeperException {
ZKUtil.createSetData(this.zk,
IdentityZNodeHelper.getCreatedTimeZNode(this.identityName),
BytesUtil.long2bytes(time.getTime(), true));
}
+ public EncryptionType getEncryptionKeyType(String type) throws KeeperException {
+ String znode = IdentityZNodeHelper.getEncryptionKeyTypeZNode(this.identityName, type);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data = new byte[0];
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ if (data != null) {
+ return EncryptionType.fromName(UTF8.toString(data));
+ } else {
+ LOG.warn("can't get the date from znode: " + znode);
+ return null;
+ }
+ }
+
+ public byte[] getEncryptionKeyData(String type) throws KeeperException {
+ String znode = IdentityZNodeHelper.getEncryptionKeyDataZNode(this.identityName, type);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data = new byte[0];
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ if (data == null) {
+ LOG.warn("can't get the date from znode: " + znode);
+ }
+ return data;
+ }
+
+ public int getEncryptionKeyNo(String type) throws KeeperException {
+ String znode = IdentityZNodeHelper.getEncryptionKeyNoZNode(this.identityName, type);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ byte[] data = new byte[0];
+ try {
+ data = ZKUtil.getData(this.zk, znode);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ if (data != null) {
+ return BytesUtil.bytes2int(data, true);
+ } else {
+ LOG.warn("can't get the date from znode: " + znode);
+ return -1;
+ }
+ }
+
+ public List<EncryptionKey> getKeys() throws KeeperException {
+ String znode = IdentityZNodeHelper.getKeysZNode(this.identityName);
+ if (ZKUtil.checkExists(this.zk, znode) == -1) {
+ throw new IllegalArgumentException("The znode " + znode + " is not found");
+ }
+ List<String> typeNames = ZKUtil.listChildrenNoWatch(this.zk, znode);
+ List<EncryptionKey> keys = new ArrayList<EncryptionKey>(typeNames.size());
+ for (String typeName : typeNames) {
+ EncryptionType type = getEncryptionKeyType(typeName);
+ byte[] data = getEncryptionKeyData(typeName);
+ int no = getEncryptionKeyNo(typeName);
+ keys.add(new EncryptionKey(type, data, no));
+ }
+ return keys;
+ }
+
public void setKeys(Map<EncryptionType, EncryptionKey> keys) throws KeeperException {
if (ZKUtil.checkExists(this.zk, IdentityZNodeHelper.getKeysZNode(this.identityName)) == -1) {
ZKUtil.createWithParents(this.zk, IdentityZNodeHelper.getKeysZNode(this.identityName));
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fbbc457f/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java
----------------------------------------------------------------------
diff --git a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java
index 9af489a..9f9d2a8 100644
--- a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java
+++ b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java
@@ -29,6 +29,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.ArrayList;
+import java.util.List;
/**
* utility class for ZooKeeper
@@ -130,4 +131,39 @@ public class ZKUtil {
int idx = node.lastIndexOf(ZNODE_PATH_SEPARATOR);
return idx <= 0 ? null : node.substring(0, idx);
}
+
+ /**
+ * Get znode data. Does not set a watcher.
+ */
+ public static byte[] getData(ZooKeeper zk, String node)
+ throws KeeperException, InterruptedException {
+ try {
+ byte[] data = zk.getData(node, false, null);
+ return data;
+ } catch (KeeperException.NoNodeException e) {
+ LOG.debug("Unable to get data of znode " + node + " because node does not exist");
+ return null;
+ } catch (KeeperException e) {
+ LOG.warn("Unable to get data of znode " + node, e);
+ return null;
+ }
+ }
+
+ /**
+ * Lists the children of the specified node without setting any watches.
+ * null if parent does not exist
+ */
+ public static List<String> listChildrenNoWatch(ZooKeeper zk, String node)
+ throws KeeperException {
+ List<String> children = null;
+ try {
+ // List the children without watching
+ children = zk.getChildren(node, null);
+ } catch (KeeperException.NoNodeException nne) {
+ return null;
+ } catch (InterruptedException ie) {
+
+ }
+ return children;
+ }
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fbbc457f/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
index 577df41..7132fd4 100644
--- a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
+++ b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
@@ -137,7 +137,24 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend
@Override
protected KrbIdentity doGetIdentity(String principalName) {
- return null;
+ IdentityZNode identityZNode = new IdentityZNode(zooKeeper, principalName);
+ KrbIdentity krb = new KrbIdentity(principalName);
+ try {
+ if (!identityZNode.exist()) {
+ return null;
+ }
+ krb.setPrincipal(identityZNode.getPrincipalName());
+ krb.setCreatedTime(identityZNode.getCreatedTime());
+ krb.setDisabled(identityZNode.getDisabled());
+ krb.setExpireTime(identityZNode.getExpireTime());
+ krb.setKdcFlags(identityZNode.getKdcFlags());
+ krb.addKeys(identityZNode.getKeys());
+ krb.setKeyVersion(identityZNode.getKeyVersion());
+ krb.setLocked(identityZNode.getLocked());
+ } catch (KeeperException e) {
+ LOG.error("Fail to get identity from zookeeper", e);
+ }
+ return krb;
}
@Override
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/fbbc457f/kerby-backend/zookeeper-backend/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/ZookeeperBackendTest.java
----------------------------------------------------------------------
diff --git a/kerby-backend/zookeeper-backend/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/ZookeeperBackendTest.java b/kerby-backend/zookeeper-backend/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/ZookeeperBackendTest.java
index 6dc734a..49bc310 100644
--- a/kerby-backend/zookeeper-backend/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/ZookeeperBackendTest.java
+++ b/kerby-backend/zookeeper-backend/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/ZookeeperBackendTest.java
@@ -29,7 +29,7 @@ import org.junit.Test;
import java.io.File;
/**
- * Ldap backend test
+ * Zookeeper backend test
*/
public class ZookeeperBackendTest extends BackendTest {
private static IdentityBackend backend;
@@ -53,14 +53,14 @@ public class ZookeeperBackendTest extends BackendTest {
backend.start();
}
- //@Test
- public void testGet() {
- super.testGet(backend);
- }
-
@AfterClass
public static void tearDown() {
backend.stop();
backend.release();
}
+
+ @Test
+ public void testGet() {
+ super.testGet(backend);
+ }
}