You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by pl...@apache.org on 2016/05/24 06:23:17 UTC
directory-kerby git commit: DIRKRB-572 Implement Delete_Principal on
Remote Kadmin. Contributed by Yan.
Repository: directory-kerby
Updated Branches:
refs/heads/kadmin-remote db2ecc2ed -> c962f4ab4
DIRKRB-572 Implement Delete_Principal on Remote Kadmin. Contributed by Yan.
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/c962f4ab
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/c962f4ab
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/c962f4ab
Branch: refs/heads/kadmin-remote
Commit: c962f4ab4e97744720130215e04a9a7a27630b12
Parents: db2ecc2
Author: plusplusjiajia <ji...@intel.com>
Authored: Tue May 24 14:28:17 2016 +0800
Committer: plusplusjiajia <ji...@intel.com>
Committed: Tue May 24 14:28:17 2016 +0800
----------------------------------------------------------------------
.../admin/server/kadmin/AdminServerHandler.java | 39 ++++++++++++++++++-
.../kerberos/kerb/admin/RemoteAdminTool.java | 41 ++++++++++++++++++--
.../kerb/admin/kadmin/remote/AdminClient.java | 5 +++
.../kerb/admin/kadmin/remote/AdminHandler.java | 9 +++++
.../admin/kadmin/remote/RemoteKadminImpl.java | 6 ++-
.../remote/request/DeletePrincipalRequest.java | 31 ++++++++++++++-
6 files changed, 123 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c962f4ab/kerby-kerb/kerb-admin-server/src/main/java/org/apache/kerby/kerberos/kerb/admin/server/kadmin/AdminServerHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin-server/src/main/java/org/apache/kerby/kerberos/kerb/admin/server/kadmin/AdminServerHandler.java b/kerby-kerb/kerb-admin-server/src/main/java/org/apache/kerby/kerberos/kerb/admin/server/kadmin/AdminServerHandler.java
index 951efb6..0252dd0 100644
--- a/kerby-kerb/kerb-admin-server/src/main/java/org/apache/kerby/kerberos/kerb/admin/server/kadmin/AdminServerHandler.java
+++ b/kerby-kerb/kerb-admin-server/src/main/java/org/apache/kerby/kerberos/kerb/admin/server/kadmin/AdminServerHandler.java
@@ -74,6 +74,10 @@ public class AdminServerHandler {
System.out.println("message type: add principal req");
responseMessage = handleAddPrincipalReq(localKadmin, fieldInfos);
break;
+ case DELETE_PRINCIPAL_REQ:
+ System.out.println("message type: delete principal req");
+ responseMessage = handleDeletePrincipalReq(localKadmin, fieldInfos);
+ break;
default:
throw new KrbException("AdminMessageType error, can not handle it.");
}
@@ -115,9 +119,7 @@ public class AdminServerHandler {
} catch (KrbException e) {
String error = "principal already exist.\n"
+ "Choose update password instead of add principal";
- System.err.println(error);
LOG.error(error);
-
XdrFieldInfo[] xdrFieldInfos = new XdrFieldInfo[3];
xdrFieldInfos[0] = new XdrFieldInfo(0, XdrDataType.ENUM, AdminMessageType.ADD_PRINCIPAL_REP);
xdrFieldInfos[1] = new XdrFieldInfo(1, XdrDataType.INTEGER, 1);
@@ -148,4 +150,37 @@ public class AdminServerHandler {
return responseMessage;
}
+ private ByteBuffer handleDeletePrincipalReq(LocalKadmin localKadmin, XdrFieldInfo[] fieldInfos) throws IOException {
+ /** message structure: msg_type, para_num(always equals 1), principal_name*/
+ String principal = (String) fieldInfos[2].getValue();
+ String[] temp = principal.split("@");
+ try {
+ localKadmin.deletePrincipal(temp[0]);
+ } catch (KrbException e) {
+ String error = "no such principal exist!";
+ LOG.error(error);
+ XdrFieldInfo[] xdrFieldInfos = new XdrFieldInfo[3];
+ xdrFieldInfos[0] = new XdrFieldInfo(0, XdrDataType.ENUM, AdminMessageType.DELETE_PRINCIPAL_REP);
+ xdrFieldInfos[1] = new XdrFieldInfo(1, XdrDataType.INTEGER, 1);
+ xdrFieldInfos[2] = new XdrFieldInfo(2, XdrDataType.STRING, error);
+ AdminMessageCode value = new AdminMessageCode(xdrFieldInfos);
+ AdminMessage errorMessage = new DeletePrincipalRep();
+ errorMessage.setMessageBuffer(ByteBuffer.wrap(value.encode()));
+ ByteBuffer response = KadminCode.encodeMessage(errorMessage);
+ return response;
+ }
+
+ String message = "delete principal of " + principal;
+ LOG.info(message);
+ AdminMessage deletePrincipalRep = new DeletePrincipalRep();
+ XdrFieldInfo[] xdrFieldInfos = new XdrFieldInfo[3];
+ xdrFieldInfos[0] = new XdrFieldInfo(0, XdrDataType.ENUM, AdminMessageType.DELETE_PRINCIPAL_REP);
+ xdrFieldInfos[1] = new XdrFieldInfo(1, XdrDataType.INTEGER, 1);
+ xdrFieldInfos[2] = new XdrFieldInfo(2, XdrDataType.STRING, message);
+ AdminMessageCode value = new AdminMessageCode(xdrFieldInfos);
+ deletePrincipalRep.setMessageBuffer(ByteBuffer.wrap(value.encode()));
+ ByteBuffer responseMessage = KadminCode.encodeMessage(deletePrincipalRep);
+ return responseMessage;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c962f4ab/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/RemoteAdminTool.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/RemoteAdminTool.java b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/RemoteAdminTool.java
index defbd92..0d60e38 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/RemoteAdminTool.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/RemoteAdminTool.java
@@ -24,6 +24,7 @@ import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.AdminClient;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.AdminConfig;
import org.apache.kerby.util.OSUtil;
+import java.io.Console;
import java.io.File;
import java.util.Scanner;
@@ -41,11 +42,10 @@ public class RemoteAdminTool {
+ " conf\n";
private static final String COMMAND = "Usage: add_principal [options] <principal-name>\n"
- + "\toptions are:\n"
- + "\t\t[-randkey|-nokey]\n"
- + "\t\t[-pw password]"
+ + "delete_principal <principal_name>\n"
+ "\tExample:\n"
- + "\t\tadd_principal -pw mypassword alice\n";
+ + "\t\tadd_principal -pw mypassword alice\n"
+ + "\t\tdelete_principal alice\n";
public static void main(String[] args) throws Exception {
AdminClient adminClient;
@@ -111,8 +111,41 @@ public class RemoteAdminTool {
+ "Please input command for further reference.");
}
+ } else if (temp[0].startsWith("delete_principal")) {
+ String principal = temp[1] + "@"
+ + adminClient.getAdminConfig().getAdminRealm();
+ String reply;
+ Console console = System.console();
+ String prompt = "Are you sure to delete the principal? (yes/no, YES/NO, y/n, Y/N) ";
+ if (console == null) {
+ System.out.println("Couldn't get Console instance, "
+ + "maybe you're running this from within an IDE. "
+ + "Use scanner to read password.");
+ Scanner scanner = new Scanner(System.in, "UTF-8");
+ reply = getReply(scanner, prompt);
+ } else {
+ reply = getReply(console, prompt);
+ }
+ if (reply.equals("yes") || reply.equals("YES") || reply.equals("y") || reply.equals("Y")) {
+ adminClient.requestDeletePrincipal(principal);
+ } else if (reply.equals("no") || reply.equals("NO") || reply.equals("n") || reply.equals("N")) {
+ System.out.println("Principal \"" + principal + "\" not deleted.");
+ } else {
+ System.err.println("Unknown request, fail to delete the principal.");
+ }
} else {
System.out.println("remain to be developed...");
}
}
+
+ private static String getReply(Scanner scanner, String prompt) {
+ System.out.println(prompt);
+ return scanner.nextLine().trim();
+ }
+
+ private static String getReply(Console console, String prompt) {
+ console.printf(prompt);
+ String line = console.readLine();
+ return line;
+ }
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c962f4ab/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminClient.java b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminClient.java
index 5860eaf..790196d 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminClient.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminClient.java
@@ -174,4 +174,9 @@ public class AdminClient {
Kadmin remote = new RemoteKadminImpl(innerClient);
remote.addPrincipal(principal, password);
}
+
+ public void requestDeletePrincipal(String principal) throws KrbException {
+ Kadmin remote = new RemoteKadminImpl(innerClient);
+ remote.deletePrincipal(principal);
+ }
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c962f4ab/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminHandler.java b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminHandler.java
index fe220b4..6c83242 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminHandler.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/AdminHandler.java
@@ -92,6 +92,15 @@ public abstract class AdminHandler {
+ AdminMessageType.ADD_PRINCIPAL_REP);
}
break;
+ case DELETE_PRINCIPAL_REP:
+ if (adminRequest.getAdminReq().getAdminMessageType()
+ == AdminMessageType.DELETE_PRINCIPAL_REQ) {
+ System.out.println((String) fieldInfos[2].getValue());
+ } else {
+ throw new KrbException("Response message type error: need "
+ + AdminMessageType.DELETE_PRINCIPAL_REP);
+ }
+ break;
default:
throw new KrbException("Response message type error: " + type);
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c962f4ab/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/RemoteKadminImpl.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/RemoteKadminImpl.java b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/RemoteKadminImpl.java
index c069a39..1ee6513 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/RemoteKadminImpl.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/RemoteKadminImpl.java
@@ -26,6 +26,7 @@ import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.impl.DefaultAdminHandl
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.impl.InternalAdminClient;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.request.AddPrincipalRequest;
import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.request.AdminRequest;
+import org.apache.kerby.kerberos.kerb.admin.kadmin.remote.request.DeletePrincipalRequest;
import org.apache.kerby.kerberos.kerb.transport.KrbNetwork;
import org.apache.kerby.kerberos.kerb.transport.KrbTransport;
import org.apache.kerby.kerberos.kerb.transport.TransportPair;
@@ -149,7 +150,10 @@ public class RemoteKadminImpl implements Kadmin {
@Override
public void deletePrincipal(String principal) throws KrbException {
-
+ AdminRequest deletePrincipalRequest = new DeletePrincipalRequest(principal);
+ deletePrincipalRequest.setTransport(transport);
+ AdminHandler adminHandler = new DefaultAdminHandler();
+ adminHandler.handleRequest(deletePrincipalRequest);
}
@Override
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c962f4ab/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/request/DeletePrincipalRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/request/DeletePrincipalRequest.java b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/request/DeletePrincipalRequest.java
index 37354b2..df90380 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/request/DeletePrincipalRequest.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kadmin/remote/request/DeletePrincipalRequest.java
@@ -20,12 +20,20 @@
package org.apache.kerby.kerberos.kerb.admin.kadmin.remote.request;
import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.admin.tool.AdminMessageCode;
+import org.apache.kerby.kerberos.kerb.admin.tool.AdminMessageType;
import org.apache.kerby.kerberos.kerb.admin.tool.DeletePrincipalReq;
+import org.apache.kerby.xdr.XdrDataType;
+import org.apache.kerby.xdr.XdrFieldInfo;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
/**
* DeletePrincipal request
*/
public class DeletePrincipalRequest extends AdminRequest {
+ /** Admin delete principal do not need password or koptions. */
public DeletePrincipalRequest(String principal) {
super(principal);
@@ -34,8 +42,29 @@ public class DeletePrincipalRequest extends AdminRequest {
@Override
public void process() throws KrbException {
super.process();
- /**replace this with encode in handler*/
DeletePrincipalReq deletePrincipalReq = new DeletePrincipalReq();
+ /** encode admin message:
+ * encode type
+ * encode paranum
+ * encode principal name
+ * (encode koptions)
+ * (encode passsword)
+ */
+ XdrFieldInfo[] xdrFieldInfos = new XdrFieldInfo[3];
+ xdrFieldInfos[0] = new XdrFieldInfo(0, XdrDataType.ENUM, AdminMessageType.DELETE_PRINCIPAL_REQ);
+ xdrFieldInfos[1] = new XdrFieldInfo(1, XdrDataType.INTEGER, 1);
+ xdrFieldInfos[2] = new XdrFieldInfo(2, XdrDataType.STRING, getPrincipal());
+
+ AdminMessageCode value = new AdminMessageCode(xdrFieldInfos);
+ byte[] encodeBytes;
+ try {
+ encodeBytes = value.encode();
+ } catch (IOException e) {
+ throw new KrbException("Xdr encode error when generate delete principal request.", e);
+ }
+ ByteBuffer messageBuffer = ByteBuffer.wrap(encodeBytes);
+ deletePrincipalReq.setMessageBuffer(messageBuffer);
+
setAdminReq(deletePrincipalReq);
}