You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ze...@apache.org on 2018/02/11 09:50:41 UTC
directory-kerby git commit: DIRKRB-685 Add MySQL plugin for new
authentication mechanism.
Repository: directory-kerby
Updated Branches:
refs/heads/trunk f7ef29efa -> a21e49f17
DIRKRB-685 Add MySQL plugin for new authentication mechanism.
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/a21e49f1
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/a21e49f1
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/a21e49f1
Branch: refs/heads/trunk
Commit: a21e49f17eb385afb6fb4cef2050b23bed459653
Parents: f7ef29e
Author: zenglinx <fr...@intel.com>
Authored: Sun Feb 11 17:48:37 2018 +0800
Committer: zenglinx <fr...@intel.com>
Committed: Sun Feb 11 17:49:50 2018 +0800
----------------------------------------------------------------------
has-project/has-plugins/pom.xml | 43 +++++++
.../client/mysql/MySQLHasClientPlugin.java | 68 +++++++++++
.../server/mysql/MySQLHasServerPlugin.java | 112 +++++++++++++++++++
.../org.apache.kerby.has.client.HasClientPlugin | 16 +++
.../org.apache.kerby.has.server.HasServerPlugin | 16 +++
.../plugins/TestHasClientPluginRegistry.java | 44 ++++++++
.../plugins/TestHasServerPluginRegistry.java | 43 +++++++
has-project/pom.xml | 2 +-
8 files changed, 343 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a21e49f1/has-project/has-plugins/pom.xml
----------------------------------------------------------------------
diff --git a/has-project/has-plugins/pom.xml b/has-project/has-plugins/pom.xml
new file mode 100644
index 0000000..bc524ae
--- /dev/null
+++ b/has-project/has-plugins/pom.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <parent>
+ <artifactId>has-project</artifactId>
+ <groupId>org.apache.kerby</groupId>
+ <version>2.0.0-SNAPSHOT</version>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+
+ <artifactId>has-plugins</artifactId>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>has-common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>has-client</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>has-server</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>commons-dbutils</groupId>
+ <artifactId>commons-dbutils</artifactId>
+ <version>1.6</version>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a21e49f1/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
----------------------------------------------------------------------
diff --git a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
new file mode 100644
index 0000000..675f295
--- /dev/null
+++ b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/client/mysql/MySQLHasClientPlugin.java
@@ -0,0 +1,68 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.kerby.has.plugins.client.mysql;
+
+import org.apache.kerby.has.client.AbstractHasClientPlugin;
+import org.apache.kerby.kerberos.kerb.type.base.AuthToken;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.Date;
+
+public class MySQLHasClientPlugin extends AbstractHasClientPlugin {
+ private static final Logger LOG = LoggerFactory.getLogger(MySQLHasClientPlugin.class);
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public String getLoginType() {
+ return "MySQL";
+ }
+
+ @Override
+ protected void doLogin(AuthToken authToken) {
+
+ //Get the ak info from env
+ String userName = System.getenv("userName");
+ String password = System.getenv("password");
+
+ String mysqlUrl = System.getenv("mysqlUrl");
+ String mysqlUser = System.getenv("mysqlUser");
+ String mysqlPasswd = System.getenv("mysqlPasswd");
+
+ LOG.debug("Get the mysql login info successfully.");
+
+ authToken.setIssuer("has");
+ authToken.setSubject(userName);
+
+ final Date now = new Date(new Date().getTime() / 1000 * 1000);
+ authToken.setIssueTime(now);
+ // Set expiration in 60 minutes
+ Date exp = new Date(now.getTime() + 1000 * 60 * 60);
+ authToken.setExpirationTime(exp);
+
+ authToken.addAttribute("user", userName);
+ authToken.addAttribute("secret", password);
+ authToken.addAttribute("mysqlUrl", mysqlUrl);
+ authToken.addAttribute("mysqlUser", mysqlUser);
+ authToken.addAttribute("mysqlPasswd", mysqlPasswd);
+
+ authToken.addAttribute("passPhrase", userName + password);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a21e49f1/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
----------------------------------------------------------------------
diff --git a/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
new file mode 100644
index 0000000..7c58b21
--- /dev/null
+++ b/has-project/has-plugins/src/main/java/org/apache/kerby/has/plugins/server/mysql/MySQLHasServerPlugin.java
@@ -0,0 +1,112 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.kerby.has.plugins.server.mysql;
+
+import org.apache.commons.dbutils.DbUtils;
+import org.apache.kerby.has.server.AbstractHasServerPlugin;
+import org.apache.kerby.has.server.HasAuthenException;
+import org.apache.kerby.kerberos.kerb.type.base.AuthToken;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.sql.ResultSet;
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.sql.DriverManager;
+import java.sql.PreparedStatement;
+
+public class MySQLHasServerPlugin extends AbstractHasServerPlugin {
+ private static final Logger LOG = LoggerFactory.getLogger(MySQLHasServerPlugin.class);
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public String getLoginType() {
+ return "MySQL";
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public void doAuthenticate(AuthToken userToken, AuthToken authToken)
+ throws HasAuthenException {
+ String user = (String) userToken.getAttributes().get("user");
+ String secret = (String) userToken.getAttributes().get("secret");
+
+ String mysqlUrl = (String) userToken.getAttributes().get("mysqlUrl");
+ mysqlUrl = mysqlUrl.replace("jdbc:mysql:", "jdbc:mysql:thin:");
+ String mysqlUser = (String) userToken.getAttributes().get("mysqlUser");
+ String mysqlPasswd = (String) userToken.getAttributes().get("mysqlPasswd");
+ Connection connection = startConnection(mysqlUrl, mysqlUser, mysqlPasswd);
+
+ ResultSet res = null;
+ PreparedStatement preStm = null;
+ try {
+ String stm = "SELECT COUNT(*) FROM `has_user` WHERE user_name = ? AND pass_word = ?";
+ preStm = connection.prepareStatement(stm);
+ preStm.setString(1, user);
+ preStm.setString(2, secret);
+ res = preStm.executeQuery();
+ if (res.next() && res.getInt(1) > 0) {
+ LOG.debug("UserName: " + user);
+ } else {
+ LOG.error("Authentication failed.");
+ throw new HasAuthenException("Authentication failed.");
+ }
+ } catch (SQLException e) {
+ LOG.error("Failed.");
+ LOG.error("Error code: " + e.getErrorCode());
+ LOG.error("Error message: " + e.getMessage());
+ throw new HasAuthenException("Authentication failed." + e.getMessage());
+ } finally {
+ DbUtils.closeQuietly(preStm);
+ DbUtils.closeQuietly(res);
+ DbUtils.closeQuietly(connection);
+ }
+
+ authToken.setIssuer(userToken.getIssuer());
+ authToken.setSubject(user);
+ authToken.setExpirationTime(userToken.getExpiredTime());
+
+ authToken.addAttribute("userName", user);
+ authToken.addAttribute("passPhrase", user + secret);
+ }
+
+ /**
+ * Start the MySQL connection.
+ */
+ private Connection startConnection(String url, String user,
+ String password) throws HasAuthenException {
+ Connection connection;
+ try {
+ Class.forName("org.drizzle.jdbc.DrizzleDriver");
+ connection = DriverManager.getConnection(url, user, password);
+ if (!connection.isClosed()) {
+ LOG.info("Succeeded in connecting to MySQL.");
+ }
+ } catch (ClassNotFoundException e) {
+ throw new HasAuthenException("JDBC Driver Class not found. ", e);
+ } catch (SQLException e) {
+ throw new HasAuthenException("Failed to connecting to MySQL. ", e);
+ }
+
+ return connection;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a21e49f1/has-project/has-plugins/src/main/resources/META-INF/services/org.apache.kerby.has.client.HasClientPlugin
----------------------------------------------------------------------
diff --git a/has-project/has-plugins/src/main/resources/META-INF/services/org.apache.kerby.has.client.HasClientPlugin b/has-project/has-plugins/src/main/resources/META-INF/services/org.apache.kerby.has.client.HasClientPlugin
new file mode 100644
index 0000000..cc3cac3
--- /dev/null
+++ b/has-project/has-plugins/src/main/resources/META-INF/services/org.apache.kerby.has.client.HasClientPlugin
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+org.apache.kerby.has.plugins.client.mysql.MySQLHasClientPlugin
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a21e49f1/has-project/has-plugins/src/main/resources/META-INF/services/org.apache.kerby.has.server.HasServerPlugin
----------------------------------------------------------------------
diff --git a/has-project/has-plugins/src/main/resources/META-INF/services/org.apache.kerby.has.server.HasServerPlugin b/has-project/has-plugins/src/main/resources/META-INF/services/org.apache.kerby.has.server.HasServerPlugin
new file mode 100644
index 0000000..dfb9637
--- /dev/null
+++ b/has-project/has-plugins/src/main/resources/META-INF/services/org.apache.kerby.has.server.HasServerPlugin
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+org.apache.kerby.has.plugins.server.mysql.MySQLHasServerPlugin
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a21e49f1/has-project/has-plugins/src/test/java/org/apache/kerby/has/plugins/TestHasClientPluginRegistry.java
----------------------------------------------------------------------
diff --git a/has-project/has-plugins/src/test/java/org/apache/kerby/has/plugins/TestHasClientPluginRegistry.java b/has-project/has-plugins/src/test/java/org/apache/kerby/has/plugins/TestHasClientPluginRegistry.java
new file mode 100644
index 0000000..55f0f70
--- /dev/null
+++ b/has-project/has-plugins/src/test/java/org/apache/kerby/has/plugins/TestHasClientPluginRegistry.java
@@ -0,0 +1,44 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.kerby.has.plugins;
+
+import org.apache.kerby.has.client.HasClientPluginRegistry;
+import org.apache.kerby.has.common.HasException;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.Set;
+
+public class TestHasClientPluginRegistry {
+
+ @Test
+ public void testInit() {
+ Set<String> pluginsNames = HasClientPluginRegistry.registeredPlugins();
+ Assert.assertTrue(pluginsNames.size() > 0);
+ }
+
+ @Test
+ public void testCreatePlugin() throws HasException {
+ Assert.assertTrue(HasClientPluginRegistry.createPlugin("MySQL") != null);
+ Set<String> pluginNames = HasClientPluginRegistry.registeredPlugins();
+ for (String name : pluginNames) {
+ HasClientPluginRegistry.createPlugin(name);
+ }
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a21e49f1/has-project/has-plugins/src/test/java/org/apache/kerby/has/plugins/TestHasServerPluginRegistry.java
----------------------------------------------------------------------
diff --git a/has-project/has-plugins/src/test/java/org/apache/kerby/has/plugins/TestHasServerPluginRegistry.java b/has-project/has-plugins/src/test/java/org/apache/kerby/has/plugins/TestHasServerPluginRegistry.java
new file mode 100644
index 0000000..d727b12
--- /dev/null
+++ b/has-project/has-plugins/src/test/java/org/apache/kerby/has/plugins/TestHasServerPluginRegistry.java
@@ -0,0 +1,43 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.kerby.has.plugins;
+
+import org.apache.kerby.has.common.HasException;
+import org.apache.kerby.has.server.HasServerPluginRegistry;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.Set;
+
+public class TestHasServerPluginRegistry {
+
+ @Test
+ public void testInit() {
+ Set<String> pluginsNames = HasServerPluginRegistry.registeredPlugins();
+ Assert.assertTrue(pluginsNames.size() > 0);
+ }
+
+ @Test
+ public void testCreatePlugin() throws HasException {
+ Assert.assertTrue(HasServerPluginRegistry.createPlugin("MySQL") != null);
+ Set<String> pluginNames = HasServerPluginRegistry.registeredPlugins();
+ for (String name : pluginNames) {
+ HasServerPluginRegistry.createPlugin(name);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a21e49f1/has-project/pom.xml
----------------------------------------------------------------------
diff --git a/has-project/pom.xml b/has-project/pom.xml
index 54f2743..411767f 100644
--- a/has-project/pom.xml
+++ b/has-project/pom.xml
@@ -18,7 +18,7 @@
<module>has-common</module>
<module>has-server</module>
<module>has-client</module>
+ <module>has-plugins</module>
</modules>
-
</project>
\ No newline at end of file