You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/03/16 09:09:25 UTC
[1/2] directory-kerberos git commit: Refined kinit tool
Repository: directory-kerberos
Updated Branches:
refs/heads/master d8c8344c1 -> 37895fa08
Refined kinit tool
Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/b01cd2db
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/b01cd2db
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/b01cd2db
Branch: refs/heads/master
Commit: b01cd2db82849ea7fc165ee5c09edc129f46767a
Parents: 8a30c1e
Author: Drankye <dr...@gmail.com>
Authored: Mon Mar 16 16:08:45 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Mon Mar 16 16:08:45 2015 +0800
----------------------------------------------------------------------
.../apache/kerby/kerberos/tool/ToolUtil.java | 71 ++++++
.../apache/kerby/kerberos/tool/kinit/Kinit.java | 243 ++++++++-----------
.../kerby/kerberos/tool/kinit/KinitOption.java | 36 ++-
kerby-dist/tool-dist/bin/kinit.sh | 2 +-
.../kerby/kerberos/kerb/client/KOption.java | 4 +
.../kerby/kerberos/kerb/client/KOptionType.java | 33 +++
.../kerby/kerberos/kerb/client/KrbClient.java | 27 +++
.../kerby/kerberos/kerb/client/KrbOption.java | 56 +++--
8 files changed, 297 insertions(+), 175 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/ToolUtil.java
----------------------------------------------------------------------
diff --git a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/ToolUtil.java b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/ToolUtil.java
new file mode 100644
index 0000000..6e81d9e
--- /dev/null
+++ b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/ToolUtil.java
@@ -0,0 +1,71 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.tool;
+
+import org.apache.kerby.kerberos.kerb.client.KOption;
+import org.apache.kerby.kerberos.kerb.client.KOptionType;
+
+import java.io.File;
+
+/**
+ * Tool utilities.
+ */
+public class ToolUtil {
+
+ /**
+ * Parse string value according to kopt type.
+ * @param kopt
+ * @param strValue
+ * @return true when successful, false otherwise
+ */
+ public static boolean parseSetValue(KOption kopt, String strValue) {
+ KOptionType kt = kopt.getType();
+ if (kt == KOptionType.NOV) {
+ return true; // no need of a value
+ }
+ if (strValue == null || strValue.isEmpty()) {
+ return false;
+ }
+
+ if (kt == KOptionType.FILE) {
+ // May check file sanity
+ kopt.setValue(new File(strValue));
+ } else if (kt == KOptionType.DIR) {
+ File dir = new File(strValue);
+ if (! dir.exists()) {
+ throw new IllegalArgumentException("Invalid dir:" + strValue);
+ }
+ kopt.setValue(dir);
+ } else if (kt == KOptionType.INT) {
+ try {
+ Integer num = Integer.valueOf(strValue);
+ kopt.setValue(num);
+ } catch (NumberFormatException nfe) {
+ throw new IllegalArgumentException("Invalid integer:" + strValue);
+ }
+ } else if (kt == KOptionType.FILE) {
+ kopt.setValue(strValue);
+ } else {
+ throw new IllegalArgumentException("Not recognised option:" + strValue);
+ }
+
+ return true;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java
----------------------------------------------------------------------
diff --git a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java
index eb76b3a..f7cf76d 100644
--- a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java
+++ b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java
@@ -19,14 +19,14 @@
*/
package org.apache.kerby.kerberos.tool.kinit;
-import org.apache.kerby.config.Conf;
import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.client.KOptionType;
import org.apache.kerby.kerberos.kerb.client.KrbClient;
-import org.apache.kerby.kerberos.kerb.client.KrbConfig;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.apache.kerby.kerberos.tool.ToolUtil;
import java.io.Console;
-import java.io.File;
-import java.io.IOException;
import java.util.Arrays;
import java.util.Scanner;
@@ -35,113 +35,55 @@ import java.util.Scanner;
*/
public class Kinit {
- private static final String TOOL_NAME = Kinit.class.getSimpleName();
- private static final String COMMON_USAGE = "Usage: " + TOOL_NAME +
- " [-l lifetime]" +
- " [-f | -F] principal\n" + "\n" +
- " options:\t-l lifetime\n" +
- "\t-f forwardable\n" +
- "\t-F not forwardable";
-
- private void printUsage(String cmd) {
- if ("-l".equals(cmd)) {
- System.err.println("Usage: " + TOOL_NAME + " -l lifetime principal");
- } else if ("-f".equals(cmd)) {
- System.err.println("Usage: " + TOOL_NAME + " -f principal");
- } else if ("-F".equals(cmd)) {
- System.err.println("Usage: " + TOOL_NAME + " -F principal");
- } else {
- System.err.println(COMMON_USAGE);
- }
- }
-
- /**
- * args[0] is the configuration directory written in script.
- * args[length - 1] is principal
- */
- private int execute(String[] args) {
- if (args.length < 2 || args.length > 4) {
- printUsage("");
- return -1;
- }
-
- //no options
- if (args.length == 2) {
- return requestTicket(args, 1);
- }
-
- int exitCode = -1;
- int i = 1;
- String cmd = args[i];
-
- //
- // verify that we have enough option parameters
- //
- if ("-l".equals(cmd)) {
- if (args.length != 4) {
- printUsage(cmd);
- return exitCode;
- }
- } else if ("-f".equals(cmd)) {
- if (args.length != 3) {
- printUsage(cmd);
- return exitCode;
- }
- } else if ("-F".equals(cmd)) {
- if (args.length != 3) {
- printUsage(cmd);
- return exitCode;
- }
- }
-
- //
- //execute the command
- //
- if ("-l".equals(cmd)) {
- exitCode = ticketWithLifetime(args, i);
- } else if ("-f".equals(cmd)) {
- exitCode = ticketForwardable(args, i);
- } else if ("-F".equals(cmd)) {
- exitCode = ticketNonForwardable(args, i);
- }
-
- return exitCode;
- }
-
- /**
- * Init the KrbClient
- */
- private KrbClient createClient(String confDirString) {
- KrbConfig krbConfig = new KrbConfig();
- Conf conf = krbConfig.getConf();
-
- try {
- File confDir = new File(confDirString);
- File[] files = confDir.listFiles();
- if (files == null) {
- throw new IOException("There are no file in configuration directory: " + confDirString);
- }
-
- for (File file : files) {
- conf.addIniConfig(file);
- }
- } catch (IOException e) {
- System.err.println("Something wrong with krb configuration.");
- e.printStackTrace();
- }
-
- KrbClient krbClient = new KrbClient(krbConfig);
- krbClient.init();
- return krbClient;
+ private static final String USAGE =
+ "Usage: kinit [-V] [-l lifetime] [-s start_time]\n" +
+ "\t\t[-r renewable_life] [-f | -F] [-p | -P] -n [-a | -A] [-C] [-E]\n" +
+ "\t\t[-v] [-R] [-k [-i|-t keytab_file]] [-c cachename]\n" +
+ "\t\t[-S service_name] [-T ticket_armor_cache]\n" +
+ "\t\t[-X <attribute>[=<value>]] <principal>\n\n" +
+ "\tDESCRIPTION:\n" +
+ "\t\tkinit obtains and caches an initial ticket-granting ticket for principal.\n\n" +
+ "\tOPTIONS:\n" +
+ "\t\t-V verbose\n" +
+ "\t\t-l lifetime\n" +
+ "\t\t--s start time\n" +
+ "\t\t-r renewable lifetime\n" +
+ "\t\t-f forwardable\n" +
+ "\t\t-F not forwardable\n" +
+ "\t\t-p proxiable\n" +
+ "\t\t-P not proxiable\n" +
+ "\t\t-n anonymous\n" +
+ "\t\t-a include addresses\n" +
+ "\t\t-A do not include addresses\n" +
+ "\t\t-v validate\n" +
+ "\t\t-R renew\n" +
+ "\t\t-C canonicalize\n" +
+ "\t\t-E client is enterprise principal name\n" +
+ "\t\t-k use keytab\n" +
+ "\t\t-i use default client keytab (with -k)\n" +
+ "\t\t-t filename of keytab to use\n" +
+ "\t\t-c Kerberos 5 cache name\n" +
+ "\t\t-S service\n" +
+ "\t\t-T armor credential cache\n" +
+ "\t\t-X <attribute>[=<value>]\n" +
+ "\n";
+
+
+ private static void printUsage(String error) {
+ System.err.println(error + "\n");
+ System.err.println(USAGE);
+ System.exit(-1);
}
/**
* Get password for the input principal from console
*/
- private String getPassword(String principal) {
+ private static String getPassword(String principal) {
Console console = System.console();
if (console == null) {
- System.out.println("Couldn't get Console instance, maybe you're running this from within an IDE. Use scanner to read password.");
+ System.out.println("Couldn't get Console instance, " +
+ "maybe you're running this from within an IDE. " +
+ "Use scanner to read password.");
System.out.println("Password for " + principal + ":");
Scanner scanner = new Scanner(System.in);
return scanner.nextLine().trim();
@@ -150,67 +92,72 @@ public class Kinit {
char[] passwordChars = console.readPassword();
String password = new String(passwordChars).trim();
Arrays.fill(passwordChars, ' ');
+
return password;
}
- private int requestTicket(String[] args, int i) {
- String principal = args[i];
- KrbClient client = createClient(args[0]);
+ public static int requestTicket(String principal, KrbOptions options) {
+ KrbClient krbClient = new KrbClient();
+ krbClient.init();
+
String password = getPassword(principal);
try {
- client.requestTgtTicket(principal, password, null);
+ TgtTicket tgt = krbClient.requestTgtTicket(principal, password, null);
+ // TODO: write tgt into credentials cache.
return 0;
} catch (KrbException e) {
- System.err.println("Something error.");
+ System.err.println("Error occurred:" + e.getMessage());
return -1;
}
}
- private int ticketWithLifetime(String[] args, int i) {
- String lifetime = args[i];
- String principal = args[i];
- KrbClient client = createClient(args[0]);
- String password = getPassword(principal);
- try {
- //TODO
- return 0;
- } catch (Exception e) {
- System.err.println("Something error.");
- return -1;
- }
- }
+ public static void main(String[] args) throws Exception {
+ KrbOptions ktOptions = new KrbOptions();
+ KinitOption kto;
+ String principal = null;
+
+ int i = 0;
+ String opt, param, error;
+ while (i < args.length) {
+ error = null;
+
+ opt = args[i++];
+ if (opt.startsWith("-")) {
+ kto = KinitOption.fromName(opt);
+ if (kto == KinitOption.NONE) {
+ error = "Invalid option:" + opt;
+ break;
+ }
+ } else {
+ principal = opt;
+ break;
+ }
- private int ticketForwardable(String[] args, int i) {
- String principal = args[i];
- KrbClient client = createClient(args[0]);
- String password = getPassword(principal);
- try {
- //TODO
- return 0;
- } catch (Exception e) {
- System.err.println("Something error.");
- return -1;
+ if (kto.getType() != KOptionType.NOV) { // require a parameter
+ param = null;
+ if (i < args.length) {
+ param = args[i++];
+ }
+ if (param != null) {
+ ToolUtil.parseSetValue(kto, param);
+ } else {
+ error = "Option " + opt + " require a parameter";
+ }
+ }
+
+ if (error != null) {
+ printUsage(error);
+ }
+ ktOptions.add(kto);
}
- }
- private int ticketNonForwardable(String[] args, int i) {
- String principal = args[i];
- KrbClient client = createClient(args[0]);
- String password = getPassword(principal);
- try {
- //TODO
- return 0;
- } catch (Exception e) {
- System.err.println("Something error.");
- return -1;
+ if (principal == null) {
+ printUsage("No principal is specified");
}
- }
- public static void main(String[] args) throws Exception {
- Kinit kinit = new Kinit();
- int exitCode = kinit.execute(args);
- System.exit(exitCode);
+ int errNo = Kinit.requestTicket(principal, ktOptions);
+ System.exit(errNo);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
----------------------------------------------------------------------
diff --git a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
index c36dda7..eb5e23f 100644
--- a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
+++ b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
@@ -20,12 +20,13 @@
package org.apache.kerby.kerberos.tool.kinit;
import org.apache.kerby.kerberos.kerb.client.KOption;
+import org.apache.kerby.kerberos.kerb.client.KOptionType;
public enum KinitOption implements KOption {
NONE("NONE"),
- LIFE_TIME("-l", "lifetime"),
- START_TIME("-s", "start time"),
- RENEWABLE_TIME("-r", "renewable lifetime"),
+ LIFE_TIME("-l", "lifetime", KOptionType.INT),
+ START_TIME("-s", "start time", KOptionType.INT),
+ RENEWABLE_LIFE("-r", "renewable lifetime", KOptionType.INT),
FORWARDABLE("-f", "forwardable"),
NOT_FORWARDABLE("-F", "not forwardable"),
PROXIABLE("-p", "proxiable"),
@@ -39,24 +40,43 @@ public enum KinitOption implements KOption {
AS_ENTERPRISE_PN("-E", "client is enterprise principal name"),
USE_KEYTAB("-k", "use keytab"),
USE_DFT_KEYTAB("-i", "use default client keytab (with -k)"),
- USER_KEYTAB_FILE("-t", "filename of keytab to use"),
- KRB5_CACHE("-c", "Kerberos 5 cache name"),
- SERVICE("-S", "service"),
- ARMOR_CACHE("-T", "armor credential cache"),
- XATTR("-X", "<attribute>[=<value>]"),
+ USER_KEYTAB_FILE("-t", "filename of keytab to use", KOptionType.STR),
+ KRB5_CACHE("-c", "Kerberos 5 cache name", KOptionType.STR),
+ SERVICE("-S", "service", KOptionType.STR),
+ ARMOR_CACHE("-T", "armor credential cache", KOptionType.FILE),
+ XATTR("-X", "<attribute>[=<value>]", KOptionType.STR),
;
private String name;
+ private KOptionType type = KOptionType.NONE;
private String description;
private Object value;
KinitOption(String description) {
+ this(description, KOptionType.NOV); // As a flag by default
+ }
+
+ KinitOption(String description, KOptionType type) {
this.description = description;
+ this.type = type;
}
KinitOption(String name, String description) {
+ this(name, description, KOptionType.NOV); // As a flag by default
+ }
+
+ KinitOption(String name, String description, KOptionType type) {
this.name = name;
this.description = description;
+ this.type = type;
+ }
+
+ public void setType(KOptionType type) {
+ this.type = type;
+ }
+
+ public KOptionType getType() {
+ return this.type;
}
@Override
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-dist/tool-dist/bin/kinit.sh
----------------------------------------------------------------------
diff --git a/kerby-dist/tool-dist/bin/kinit.sh b/kerby-dist/tool-dist/bin/kinit.sh
index eec995d..f0de97e 100644
--- a/kerby-dist/tool-dist/bin/kinit.sh
+++ b/kerby-dist/tool-dist/bin/kinit.sh
@@ -1,3 +1,3 @@
#!/bin/bash
confdir=/etc/kerby/krb/conf
-java -cp ../lib/kerb-client-1.0-SNAPSHOT-jar-with-dependencies.jar:../lib/kinit-1.0-SNAPSHOT.jar org.apache.kerby.kerberos.tool.kinit.Kinit ${confdir} $@
\ No newline at end of file
+java -cp ../lib/kerb-client-1.0-SNAPSHOT-jar-with-dependencies.jar:../lib/kinit-1.0-SNAPSHOT.jar org.apache.kerby.kerberos.tool.kinit.Kinit $@
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java
index cb30d34..f5253f1 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java
@@ -21,6 +21,10 @@ package org.apache.kerby.kerberos.kerb.client;
public interface KOption {
+ public void setType(KOptionType type);
+
+ public KOptionType getType();
+
public void setName(String name);
public String getName();
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOptionType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOptionType.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOptionType.java
new file mode 100644
index 0000000..fd83aeb
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOptionType.java
@@ -0,0 +1,33 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+/**
+ * Option type.
+ */
+public enum KOptionType {
+ NONE,
+ NOV, // no value, a control flag
+ STR, // string value
+ INT, // integer value
+ BOOL, // boolean value
+ FILE, // file path value
+ DIR // dir path value
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
index d5d95a5..2cb6caf 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
@@ -19,6 +19,7 @@
*/
package org.apache.kerby.kerberos.kerb.client;
+import org.apache.kerby.config.Conf;
import org.apache.kerby.event.Event;
import org.apache.kerby.event.EventHub;
import org.apache.kerby.event.EventWaiter;
@@ -40,6 +41,7 @@ import org.apache.kerby.transport.Transport;
import org.apache.kerby.transport.event.TransportEvent;
import org.apache.kerby.transport.event.TransportEventType;
+import java.io.File;
import java.io.IOException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
@@ -62,6 +64,7 @@ public class KrbClient {
private Boolean allowUdp;
private int kdcUdpPort;
private KrbConfig krbConfig;
+ private File confDir;
/**
* Default constructor.
@@ -95,6 +98,24 @@ public class KrbClient {
}
/**
+ * Prepare krb config, loading krb5.conf.
+ * It can be override to add more configuration resources.
+ *
+ * @throws IOException
+ */
+ protected void initConfig() throws IOException {
+ if (confDir == null) {
+ confDir = new File("/etc/"); // for Linux. TODO: fix for Win etc.
+ }
+ if (confDir != null && confDir.exists()) {
+ File kdcConfFile = new File(confDir, "krb5.conf");
+ if (kdcConfFile.exists()) {
+ krbConfig.getConf().addIniConfig(kdcConfFile);
+ }
+ }
+ }
+
+ /**
* Set KDC realm for ticket request
* @param realm
*/
@@ -171,6 +192,12 @@ public class KrbClient {
}
public void init() {
+ try {
+ initConfig();
+ } catch (IOException e) {
+ throw new RuntimeException("Failed to load config", e);
+ }
+
this.krbHandler = new KrbHandler();
krbHandler.init(context);
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
index bc44937..a5a3a18 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
@@ -21,53 +21,73 @@ package org.apache.kerby.kerberos.kerb.client;
public enum KrbOption implements KOption {
NONE("NONE"),
- LIFE_TIME("lifetime"),
- START_TIME("start-time"),
- RENEWABLE_TIME("renewable-lifetime"),
+ LIFE_TIME("life time", KOptionType.INT),
+ START_TIME("start time", KOptionType.INT),
+ RENEWABLE_TIME("renewable lifetime", KOptionType.INT),
FORWARDABLE("forwardable"),
- NOT_FORWARDABLE("not-forwardable"),
+ NOT_FORWARDABLE("not forwardable"),
PROXIABLE("proxiable"),
- NOT_PROXIABLE("not-proxiable"),
+ NOT_PROXIABLE("not proxiable"),
ANONYMOUS("anonymous"),
- INCLUDE_ADDRESSES("include-addresses"),
- NOT_INCLUDE_ADDRESSES("do-not-include-addresses"),
+ INCLUDE_ADDRESSES("include addresses"),
+ NOT_INCLUDE_ADDRESSES("do not include addresses"),
VALIDATE("validate"),
RENEW("renew"),
CANONICALIZE("canonicalize"),
AS_ENTERPRISE_PN("as-enterprise-pn", "client is enterprise principal name"),
- USE_KEYTAB("use-keytab", "use-keytab"),
+ USE_KEYTAB("use-keytab", "use keytab"),
USE_DFT_KEYTAB("user-default-keytab", "use default client keytab"),
- USER_KEYTAB_FILE("user-keytab-file", "filename of keytab to use"),
- KRB5_CACHE("krb5-cache", "K5 cache name"),
- SERVICE("service"),
- ARMOR_CACHE("armor-cache", "armor credential cache"),
+ USER_KEYTAB_FILE("user-keytab-file", "filename of keytab to use", KOptionType.FILE),
+ KRB5_CACHE("krb5-cache", "K5 cache name", KOptionType.FILE),
+ SERVICE("service", KOptionType.STR),
+ ARMOR_CACHE("armor-cache", "armor credential cache", KOptionType.STR),
+ CONF_DIR("conf dir", KOptionType.DIR),
USER_PASSWD("user-passwd", "User plain password"),
- PKINIT_X509_IDENTITY("x509-identities", "X509 user private key and cert"),
- PKINIT_X509_PRIVATE_KEY("x509-privatekey", "X509 user private key"),
- PKINIT_X509_CERTIFICATE("x509-cert", "X509 user certificate"),
- PKINIT_X509_ANCHORS("x509-anchors", "X509 anchors"),
+ PKINIT_X509_IDENTITY("x509-identities", "X509 user private key and cert", KOptionType.STR),
+ PKINIT_X509_PRIVATE_KEY("x509-privatekey", "X509 user private key", KOptionType.STR),
+ PKINIT_X509_CERTIFICATE("x509-cert", "X509 user certificate", KOptionType.STR),
+ PKINIT_X509_ANCHORS("x509-anchors", "X509 anchors", KOptionType.STR),
PKINIT_X509_ANONYMOUS("x509-anonymous", "X509 anonymous"),
PKINIT_USING_RSA("using-rsa-or-dh", "Using RSA or DH"),
TOKEN_USING_IDTOKEN("using-id-token", "Using identity token"),
- TOKEN_USER_ID_TOKEN("user-id-token", "User identity token"),
- TOKEN_USER_AC_TOKEN("user-ac-token", "User access token"),
+ TOKEN_USER_ID_TOKEN("user-id-token", "User identity token", KOptionType.STR),
+ TOKEN_USER_AC_TOKEN("user-ac-token", "User access token", KOptionType.STR),
;
private String name;
+ private KOptionType type;
private String description;
private Object value;
KrbOption(String description) {
+ this(description, KOptionType.NOV); // As a flag by default
+ }
+
+ KrbOption(String description, KOptionType type) {
this.description = description;
+ this.type = type;
}
KrbOption(String name, String description) {
+ this(name, description, KOptionType.NOV); // As a flag by default
+ }
+
+ KrbOption(String name, String description, KOptionType type) {
this.name = name;
this.description = description;
+ this.type = type;
+ }
+
+ public void setType(KOptionType type) {
+ this.type = type;
+ }
+
+ public KOptionType getType() {
+ return this.type;
}
@Override
[2/2] directory-kerberos git commit: Merge branch 'master' of
https://git-wip-us.apache.org/repos/asf/directory-kerberos
Posted by dr...@apache.org.
Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/directory-kerberos
Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/37895fa0
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/37895fa0
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/37895fa0
Branch: refs/heads/master
Commit: 37895fa08d7274a22c40cb332974696cd4d62b1f
Parents: b01cd2d d8c8344
Author: Drankye <dr...@gmail.com>
Authored: Mon Mar 16 16:09:03 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Mon Mar 16 16:09:03 2015 +0800
----------------------------------------------------------------------
kerby-kerb/kerb-server/pom.xml | 51 ++++++++++++++++++++-----------------
1 file changed, 28 insertions(+), 23 deletions(-)
----------------------------------------------------------------------