You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ra...@apache.org on 2010/01/12 21:53:52 UTC
svn commit: r898505 - in /qpid/trunk/qpid/java:
client/src/main/java/org/apache/qpid/client/
common/src/main/java/org/apache/qpid/transport/
Author: rajith
Date: Tue Jan 12 20:53:51 2010
New Revision: 898505
URL: http://svn.apache.org/viewvc?rev=898505&view=rev
Log:
This is a fix for QPID-2174
I couldn't find any straight forward way to grab the proper ID from the SASL client.
Therefore I had to use the java GSSAPI classes to create a security context to grab the ID.
Modified:
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnection.java
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java
qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/ClientDelegate.java
qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/Connection.java
Modified: qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnection.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnection.java?rev=898505&r1=898504&r2=898505&view=diff
==============================================================================
--- qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnection.java (original)
+++ qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnection.java Tue Jan 12 20:53:51 2010
@@ -1210,6 +1210,11 @@
return _username;
}
+ public void setUsername(String id)
+ {
+ _username = id;
+ }
+
public String getPassword()
{
return _password;
@@ -1589,11 +1594,6 @@
return _syncPublish;
}
- public void setIdleTimeout(long l)
- {
- _delegate.setIdleTimeout(l);
- }
-
public int getNextChannelID()
{
return _sessions.getNextChannelId();
Modified: qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java?rev=898505&r1=898504&r2=898505&view=diff
==============================================================================
--- qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java (original)
+++ qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java Tue Jan 12 20:53:51 2010
@@ -173,6 +173,7 @@
_qpidConnection.connect(brokerDetail.getHost(), brokerDetail.getPort(), _conn.getVirtualHost(),
_conn.getUsername(), _conn.getPassword(), brokerDetail.useSSL(),saslMechs);
_conn._connected = true;
+ _conn.setUsername(_qpidConnection.getUserID());
_conn._failoverPolicy.attainedConnection();
}
catch(ProtocolVersionException pe)
Modified: qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/ClientDelegate.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/ClientDelegate.java?rev=898505&r1=898504&r2=898505&view=diff
==============================================================================
--- qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/ClientDelegate.java (original)
+++ qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/ClientDelegate.java Tue Jan 12 20:53:51 2010
@@ -34,6 +34,11 @@
import org.apache.qpid.security.UsernamePasswordCallbackHandler;
import org.apache.qpid.transport.util.Logger;
+import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSException;
+import org.ietf.jgss.GSSManager;
+import org.ietf.jgss.GSSName;
+import org.ietf.jgss.Oid;
/**
@@ -45,6 +50,15 @@
{
private static final Logger log = Logger.get(ClientDelegate.class);
+ private static final String KRB5_OID_STR = "1.2.840.113554.1.2.2";
+ protected static Oid KRB5_OID;
+
+ static {
+ try {
+ KRB5_OID = new Oid(KRB5_OID_STR);
+ } catch (GSSException ignore) {}
+ }
+
private String vhost;
private String username;
private String password;
@@ -144,6 +158,11 @@
@Override public void connectionOpenOk(Connection conn, ConnectionOpenOk ok)
{
+ SaslClient sc = conn.getSaslClient();
+ if (sc.getMechanismName().equals("GSSAPI") && getUserID() != null)
+ {
+ conn.setUserID(getUserID());
+ }
conn.setState(OPEN);
}
@@ -203,4 +222,36 @@
}
}
+
+ private String getUserID()
+ {
+ log.debug("Obtaining userID from kerberos");
+ String service = protocol + "@" + serverName;
+ GSSManager manager = GSSManager.getInstance();
+
+ try
+ {
+ GSSName acceptorName = manager.createName(service,
+ GSSName.NT_HOSTBASED_SERVICE, KRB5_OID);
+
+ GSSContext secCtx = manager.createContext(acceptorName,
+ KRB5_OID,
+ null,
+ GSSContext.INDEFINITE_LIFETIME);
+
+ secCtx.initSecContext(new byte[0], 0, 1);
+
+ if (secCtx.getSrcName() != null)
+ {
+ return secCtx.getSrcName().toString();
+ }
+
+ }
+ catch (GSSException e)
+ {
+ log.warn("Unable to retrieve userID from Kerberos due to error",e);
+ }
+
+ return null;
+ }
}
Modified: qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/Connection.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/Connection.java?rev=898505&r1=898504&r2=898505&view=diff
==============================================================================
--- qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/Connection.java (original)
+++ qpid/trunk/qpid/java/common/src/main/java/org/apache/qpid/transport/Connection.java Tue Jan 12 20:53:51 2010
@@ -85,7 +85,8 @@
private SaslClient saslClient;
private long idleTimeout = 0;
private String _authorizationID;
-
+ private String userID;
+
// want to make this final
private int _connectionId;
@@ -173,7 +174,7 @@
synchronized (lock)
{
state = OPENING;
-
+ userID = username;
delegate = new ClientDelegate(vhost, username, password,saslMechs);
IoTransport.connect(host, port, ConnectionBinding.get(this), ssl);
@@ -544,6 +545,16 @@
{
return _authorizationID;
}
+
+ public String getUserID()
+ {
+ return userID;
+ }
+
+ public void setUserID(String id)
+ {
+ userID = id;
+ }
public String toString()
{
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:commits-subscribe@qpid.apache.org