You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by pl...@apache.org on 2015/07/13 07:39:28 UTC
directory-kerby git commit: Add some logging support.
Repository: directory-kerby
Updated Branches:
refs/heads/master 43dc28264 -> b4f064c21
Add some logging support.
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/b4f064c2
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/b4f064c2
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/b4f064c2
Branch: refs/heads/master
Commit: b4f064c217e10142e01c60fe70482b4f11c61cd2
Parents: 43dc282
Author: plusplusjiajia <ji...@intel.com>
Authored: Mon Jul 13 13:44:47 2015 +0800
Committer: plusplusjiajia <ji...@intel.com>
Committed: Mon Jul 13 13:44:47 2015 +0800
----------------------------------------------------------------------
.../identitybackend/JsonIdentityBackend.java | 21 ++++++++++++++++----
.../identitybackend/LdapIdentityBackend.java | 10 ++++++++++
.../kerberos/kdc/identitybackend/ZKUtil.java | 4 ++--
.../ZookeeperIdentityBackend.java | 16 +++++++++++++++
.../kerberos/kdc/impl/NettyKdcHandler.java | 6 ++++--
.../kerberos/kdc/impl/NettyKdcNetwork.java | 5 ++++-
.../kerberos/kdc/impl/NettyKdcServerImpl.java | 5 +++++
.../kdc/impl/NettyKdcUdpServerHandler.java | 5 ++++-
.../kerby/kerberos/kerb/client/KrbClient.java | 4 ++++
.../kerb/client/request/TgsRequest.java | 7 +++++++
.../kerby/kerberos/kerb/server/KdcHandler.java | 8 +++++++-
.../kerberos/kerb/server/request/AsRequest.java | 6 ++++++
.../kerb/server/request/KdcRequest.java | 17 ++++++++++++++--
.../kerb/server/request/TickertIssuer.java | 6 ++++++
14 files changed, 107 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java b/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
index 166db1f..b6b4206 100644
--- a/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
+++ b/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
@@ -33,6 +33,8 @@ import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
import org.apache.kerby.kerberos.kerb.spec.base.PrincipalName;
import org.apache.kerby.util.IOUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.io.File;
import java.io.IOException;
@@ -50,6 +52,7 @@ public class JsonIdentityBackend extends AbstractIdentityBackend {
public static final String JSON_IDENTITY_BACKEND_FILE = "backend.json.file";
private File jsonKdbFile;
private Gson gson;
+ private static final Logger LOG = LoggerFactory.getLogger(JsonIdentityBackend.class);
// Identities loaded from file
@@ -74,6 +77,7 @@ public class JsonIdentityBackend extends AbstractIdentityBackend {
*/
@Override
protected void doInitialize() throws KrbException {
+ LOG.info("Initializing the Json identity backend.");
createGson();
load();
}
@@ -82,6 +86,7 @@ public class JsonIdentityBackend extends AbstractIdentityBackend {
* Load identities from file
*/
private void load() throws KrbException {
+ LOG.info("Loading the identities from json file.");
String jsonFile = getConfig().getString(JSON_IDENTITY_BACKEND_FILE);
if (jsonFile == null || jsonFile.isEmpty()) {
throw new KrbException("No json kdb file is found");
@@ -141,8 +146,10 @@ public class JsonIdentityBackend extends AbstractIdentityBackend {
protected KrbIdentity doAddIdentity(KrbIdentity identity) {
checkAndLoad();
- String principal = identity.getPrincipalName();
- if (ids.containsKey(principal)) {
+ String principalName = identity.getPrincipalName();
+ if (ids.containsKey(principalName)) {
+ LOG.error("Error occurred while adding identity, principal " + principalName +
+ " already exists.");
throw new RuntimeException("Principal already exists.");
}
@@ -158,9 +165,12 @@ public class JsonIdentityBackend extends AbstractIdentityBackend {
@Override
protected KrbIdentity doUpdateIdentity(KrbIdentity identity) {
checkAndLoad();
- if (ids.containsKey(identity.getPrincipalName())) {
- ids.put(identity.getPrincipalName(), identity);
+ String principalName = identity.getPrincipalName();
+ if (ids.containsKey(principalName)) {
+ ids.put(principalName, identity);
} else {
+ LOG.error("Error occurred while updating identity, principal " + principalName +
+ " does not exists.");
throw new RuntimeException("Principal does not exist.");
}
idsToFile(ids);
@@ -176,6 +186,8 @@ public class JsonIdentityBackend extends AbstractIdentityBackend {
if (ids.containsKey(principalName)) {
ids.remove(principalName);
} else {
+ LOG.error("Error occurred while deleting identity, principal " + principalName +
+ " does not exists.");
throw new RuntimeException("Principal does not exist.");
}
idsToFile(ids);
@@ -214,6 +226,7 @@ public class JsonIdentityBackend extends AbstractIdentityBackend {
try {
IOUtil.writeFile(newFileJson, jsonKdbFile);
} catch (IOException e) {
+ LOG.error("Error occurred while writing ids to file: " + jsonKdbFile );
throw new RuntimeException("Failed to write file", e);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java b/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
index f7bccab..a49dc61 100644
--- a/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
+++ b/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityBackend.java
@@ -41,6 +41,8 @@ import org.apache.kerby.kerberos.kerb.identity.backend.AbstractIdentityBackend;
import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
import org.apache.kerby.kerberos.kerb.spec.base.EncryptionType;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.text.ParseException;
@@ -58,6 +60,7 @@ public class LdapIdentityBackend extends AbstractIdentityBackend {
//This is used as a flag to represent the connection whether is
// LdapNetworkConnection object or not
private boolean isLdapNetworkConnection;
+ private static final Logger LOG = LoggerFactory.getLogger(LdapIdentityBackend.class);
public LdapIdentityBackend() {
this.isLdapNetworkConnection = true;
@@ -103,9 +106,11 @@ public class LdapIdentityBackend extends AbstractIdentityBackend {
*/
@Override
protected void doInitialize() throws KrbException {
+ LOG.info("Initializing the Ldap identity backend.");
try {
startConnection();
} catch (LdapException e) {
+ LOG.error("Failed to start connection with LDAP", e);
throw new KrbException("Failed to start connection with LDAP", e);
}
}
@@ -118,6 +123,7 @@ public class LdapIdentityBackend extends AbstractIdentityBackend {
try {
closeConnection();
} catch (IOException e) {
+ LOG.error("Failed to close connection with LDAP", e);
throw new KrbException("Failed to close connection with LDAP", e);
}
}
@@ -172,8 +178,10 @@ public class LdapIdentityBackend extends AbstractIdentityBackend {
toGeneralizedTime(identity.getExpireTime()));
connection.add(entry);
} catch (LdapInvalidDnException e) {
+ LOG.error("Error occurred while adding identity", e);
throw new KrbException("Failed to add identity", e);
} catch (LdapException e) {
+ LOG.error("Error occurred while adding identity", e);
throw new KrbException("Failed to add identity", e);
}
return getIdentity(principalName);
@@ -237,6 +245,7 @@ public class LdapIdentityBackend extends AbstractIdentityBackend {
+ identity.isLocked());
connection.modify(modifyRequest);
} catch (LdapException e) {
+ LOG.error("Error occurred while updating identity: " + principalName, e);
throw new KrbException("Failed to update identity", e);
}
@@ -252,6 +261,7 @@ public class LdapIdentityBackend extends AbstractIdentityBackend {
Dn dn = toDn(principalName);
connection.delete(dn);
} catch (LdapException e) {
+ LOG.error("Error occurred while deleting identity: " + principalName );
throw new KrbException("Failed to remove identity", e);
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java
----------------------------------------------------------------------
diff --git a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java
index d6cfe4c..5a46920 100644
--- a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java
+++ b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZKUtil.java
@@ -112,7 +112,7 @@ public class ZKUtil {
createWithParents(zk, getParent(node));
createWithParents(zk, node, data);
} catch (InterruptedException ie) {
- System.out.println(ie);
+ LOG.warn("Fail to create node: " + node, ie);
}
}
@@ -162,7 +162,7 @@ public class ZKUtil {
} catch (KeeperException.NoNodeException nne) {
return null;
} catch (InterruptedException ie) {
- System.out.println(ie);
+ LOG.warn("Fail to list children of node: " + node, ie);
}
return children;
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
index ef4020f..a28123a 100644
--- a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
+++ b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/ZookeeperIdentityBackend.java
@@ -30,6 +30,8 @@ import org.apache.zookeeper.ZooKeeper;
import org.apache.zookeeper.server.ServerConfig;
import org.apache.zookeeper.server.ZooKeeperServerMain;
import org.apache.zookeeper.server.quorum.QuorumPeerConfig;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.io.File;
import java.io.IOException;
@@ -51,6 +53,7 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend {
private File dataFile;
private File dataLogFile;
private ZooKeeper zooKeeper;
+ private static final Logger LOG = LoggerFactory.getLogger(ZookeeperIdentityBackend.class);
public ZookeeperIdentityBackend() {
@@ -70,6 +73,7 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend {
*/
@Override
protected void doInitialize() throws KrbException {
+ LOG.info("Initializing the Zookeeper identity backend.");
init();
}
@@ -82,6 +86,7 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend {
String dataDir = getConfig().getString(ZKConfKey.DATA_DIR);
if (dataDir == null || dataDir.isEmpty()) {
+ LOG.warn("Data dir " + dataDir + "is found while initialization the zookeeper server.");
throw new RuntimeException("No data dir is found");
}
@@ -92,6 +97,8 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend {
String dataLogDir = getConfig().getString(ZKConfKey.DATA_LOG_DIR);
if (dataLogDir == null || dataLogDir.isEmpty()) {
+ LOG.warn("Data log dir " + dataLogDir
+ + "is found while initialization the zookeeper server.");
throw new RuntimeException("No data log dir is found");
}
@@ -118,11 +125,13 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend {
e.printStackTrace();
}
} else {
+ LOG.info("Success connect to zookeeper server.");
break;
}
}
} catch (IOException e) {
+ LOG.error("Error occurred while connecting to zookeeper.");
throw new KrbException("Failed to prepare Zookeeper connection");
}
}
@@ -158,6 +167,7 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend {
};
zookeeperThread.start();
}
+ LOG.info("Embedded Zookeeper started.");
}
/**
@@ -201,6 +211,8 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend {
@Override
protected KrbIdentity doAddIdentity(KrbIdentity identity) throws KrbException {
if (doGetIdentity(identity.getPrincipalName()) != null) {
+ LOG.error("Error occurred while adding identity, principal "
+ + identity.getPrincipalName() + " already exists.");
throw new RuntimeException("Principal already exists.");
}
try {
@@ -217,6 +229,8 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend {
@Override
protected KrbIdentity doUpdateIdentity(KrbIdentity identity) throws KrbException {
if (doGetIdentity(identity.getPrincipalName()) == null) {
+ LOG.error("Error occured while updating identity, principal "
+ + identity.getPrincipalName() + " does not exists.");
throw new RuntimeException("Principal does not exist.");
}
try {
@@ -234,6 +248,8 @@ public class ZookeeperIdentityBackend extends AbstractIdentityBackend {
protected void doDeleteIdentity(String principalName) throws KrbException {
principalName = replaceSlash(principalName);
if (doGetIdentity(principalName) == null) {
+ LOG.error("Error occurred while deleting identity, principal "
+ + principalName + " does not exists.");
throw new KrbException("Principal does not exist.");
}
IdentityZNode identityZNode = new IdentityZNode(zooKeeper, principalName);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcHandler.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcHandler.java
index 67477b7..9c0463a 100644
--- a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcHandler.java
+++ b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcHandler.java
@@ -25,12 +25,15 @@ import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInboundHandlerAdapter;
import org.apache.kerby.kerberos.kerb.server.KdcContext;
import org.apache.kerby.kerberos.kerb.server.KdcHandler;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.net.InetSocketAddress;
import java.nio.ByteBuffer;
public class NettyKdcHandler extends ChannelInboundHandlerAdapter {
private final KdcHandler myKdcHandler;
+ private static final Logger LOG = LoggerFactory.getLogger(NettyKdcHandler.class);
public NettyKdcHandler(KdcContext kdcContext) {
this.myKdcHandler = new KdcHandler(kdcContext);
@@ -52,8 +55,7 @@ public class NettyKdcHandler extends ChannelInboundHandlerAdapter {
isTcp, clientAddress.getAddress());
ctx.writeAndFlush(Unpooled.wrappedBuffer(responseMessage));
} catch (Exception e) {
- //TODO: log the error
- System.out.println("Error occured while processing request:"
+ LOG.error("Error occurred while processing request:"
+ e.getMessage());
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcNetwork.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcNetwork.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcNetwork.java
index 3df4c6e..c36dcff 100644
--- a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcNetwork.java
+++ b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcNetwork.java
@@ -35,6 +35,8 @@ import io.netty.handler.logging.LogLevel;
import io.netty.handler.logging.LoggingHandler;
import io.netty.util.concurrent.DefaultEventExecutorGroup;
import org.apache.kerby.kerberos.kerb.server.KdcContext;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.net.InetSocketAddress;
@@ -49,6 +51,7 @@ public class NettyKdcNetwork {
private EventLoopGroup bossGroup;
private EventLoopGroup workerGroup;
private EventLoopGroup group;
+ private static final Logger LOG = LoggerFactory.getLogger(NettyKdcNetwork.class);
public void init(KdcContext kdcContext) {
this.kdcContext = kdcContext;
@@ -67,7 +70,7 @@ public class NettyKdcNetwork {
try {
doStart();
} catch (Exception e) {
- e.printStackTrace();
+ LOG.error("Error occurred while starting the netty kdc network.");
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcServerImpl.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcServerImpl.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcServerImpl.java
index 3368adc..9a795f0 100644
--- a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcServerImpl.java
+++ b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcServerImpl.java
@@ -23,6 +23,8 @@ import org.apache.kerby.kerberos.kerb.server.KdcContext;
import org.apache.kerby.kerberos.kerb.server.KdcSetting;
import org.apache.kerby.kerberos.kerb.server.impl.AbstractInternalKdcServer;
import org.apache.kerby.kerberos.kerb.server.preauth.PreauthHandler;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.net.InetSocketAddress;
import java.util.concurrent.ExecutorService;
@@ -35,6 +37,7 @@ public class NettyKdcServerImpl extends AbstractInternalKdcServer {
private ExecutorService executor;
private KdcContext kdcContext;
private NettyKdcNetwork network;
+ private static final Logger LOG = LoggerFactory.getLogger(NettyKdcServerImpl.class);
public NettyKdcServerImpl(KdcSetting kdcSetting) {
super(kdcSetting);
@@ -61,6 +64,7 @@ public class NettyKdcServerImpl extends AbstractInternalKdcServer {
}
network.listen(tcpAddress, udpAddress);
network.start();
+ LOG.info("Netty kdc server started.");
}
private void prepareHandler() {
@@ -78,5 +82,6 @@ public class NettyKdcServerImpl extends AbstractInternalKdcServer {
network.stop();
executor.shutdownNow();
+ LOG.info("Netty kdc server stopped.");
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcUdpServerHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcUdpServerHandler.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcUdpServerHandler.java
index 2c0ea9b..797808e 100644
--- a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcUdpServerHandler.java
+++ b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/impl/NettyKdcUdpServerHandler.java
@@ -26,6 +26,8 @@ import io.netty.channel.SimpleChannelInboundHandler;
import io.netty.channel.socket.DatagramPacket;
import org.apache.kerby.kerberos.kerb.server.KdcContext;
import org.apache.kerby.kerberos.kerb.server.KdcHandler;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.net.InetSocketAddress;
import java.nio.ByteBuffer;
@@ -34,6 +36,7 @@ import java.nio.ByteBuffer;
public class NettyKdcUdpServerHandler extends SimpleChannelInboundHandler<DatagramPacket> {
private final KdcHandler myKdcHandler;
+ private static final Logger LOG = LoggerFactory.getLogger(NettyKdcUdpServerHandler.class);
public NettyKdcUdpServerHandler(KdcContext kdcContext) {
this.myKdcHandler = new KdcHandler(kdcContext);
@@ -55,7 +58,7 @@ public class NettyKdcUdpServerHandler extends SimpleChannelInboundHandler<Datagr
channelHandlerContext.writeAndFlush(
new DatagramPacket(Unpooled.wrappedBuffer(responseMessage), clientAddress));
} catch (Exception e) {
- System.out.println("Error occured while processing request:"
+ LOG.error("Error occurred while processing request:"
+ e.getMessage());
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
index 0e51a52..4d67217 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
@@ -27,6 +27,8 @@ import org.apache.kerby.kerberos.kerb.client.impl.InternalKrbClient;
import org.apache.kerby.kerberos.kerb.spec.base.AuthToken;
import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.io.File;
import java.io.IOException;
@@ -42,6 +44,7 @@ public class KrbClient {
private final KrbSetting krbSetting;
private InternalKrbClient innerClient;
+ private static final Logger LOG = LoggerFactory.getLogger(KrbClient.class);
/**
* Default constructor.
@@ -287,6 +290,7 @@ public class KrbClient {
*/
public void storeTicket(TgtTicket tgtTicket,
File ccacheFile) throws KrbException {
+ LOG.info("Storing the tgt to the credential cache file.");
if (!ccacheFile.exists()) {
try {
if (!ccacheFile.createNewFile()) {
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/TgsRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/TgsRequest.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/TgsRequest.java
index 6203f54..bb4ee88 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/TgsRequest.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/request/TgsRequest.java
@@ -32,8 +32,11 @@ import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReqBody;
import org.apache.kerby.kerberos.kerb.spec.kdc.TgsRep;
import org.apache.kerby.kerberos.kerb.spec.kdc.TgsReq;
import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class TgsRequest extends KdcRequest {
+ private static final Logger LOG = LoggerFactory.getLogger(TgsRequest.class);
public TgsRequest(KrbContext context) {
super(context);
@@ -56,6 +59,9 @@ public class TgsRequest extends KdcRequest {
@Override
public void process() throws KrbException {
String serverPrincipal = getKrbOptions().getStringOption(KrbOption.SERVER_PRINCIPAL);
+ if(serverPrincipal == null) {
+ LOG.warn("Server principal is null.");
+ }
setServerPrincipal(new PrincipalName(serverPrincipal));
super.process();
@@ -80,6 +86,7 @@ public class TgsRequest extends KdcRequest {
tgsRep.setEncPart(encTgsRepPart);
if (getChosenNonce() != encTgsRepPart.getNonce()) {
+ LOG.error("Nonce " + getChosenNonce() + "didn't match " + encTgsRepPart.getNonce());
throw new KrbException("Nonce didn't match");
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
index eec8cc7..9de9b8a 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
@@ -33,6 +33,8 @@ import org.apache.kerby.kerberos.kerb.spec.base.PrincipalName;
import org.apache.kerby.kerberos.kerb.spec.kdc.AsReq;
import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReq;
import org.apache.kerby.kerberos.kerb.spec.kdc.TgsReq;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.net.InetAddress;
@@ -43,6 +45,7 @@ import java.nio.ByteBuffer;
*/
public class KdcHandler {
private final KdcContext kdcContext;
+ private static final Logger LOG = LoggerFactory.getLogger(KdcHandler.class);
public KdcHandler(KdcContext kdcContext) {
this.kdcContext = kdcContext;
@@ -57,6 +60,7 @@ public class KdcHandler {
try {
krbRequest = KrbCodec.decodeMessage(receivedMessage);
} catch (IOException e) {
+ LOG.error("Krb decoding message failed", e);
throw new KrbException(KrbErrorCode.KRB_AP_ERR_MSG_TYPE, "Krb decoding message failed");
}
@@ -66,6 +70,7 @@ public class KdcHandler {
KdcReq kdcReq = (KdcReq) krbRequest;
String realm = getRequestRealm(kdcReq);
if (realm == null || !kdcContext.getKdcRealm().equals(realm)) {
+ LOG.error("Invalid realm from kdc request: " + realm);
throw new KrbException("Invalid realm from kdc request: " + realm);
}
@@ -74,6 +79,7 @@ public class KdcHandler {
} else if (messageType == KrbMessageType.AS_REQ) {
kdcRequest = new AsRequest((AsReq) kdcReq, kdcContext);
} else {
+ LOG.error("Invalid message type: "+ messageType);
throw new KrbException(KrbErrorCode.KRB_AP_ERR_MSG_TYPE);
}
}
@@ -110,7 +116,7 @@ public class KdcHandler {
private KrbMessage handleRecoverableException(KdcRecoverableException e,
KdcRequest kdcRequest)
throws KrbException {
- System.out.println("KRB error occured while processing request:"
+ LOG.info("KRB error occurred while processing request:"
+ e.getMessage());
KrbError error = e.getKrbError();
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
index 33978b6..a4abf75 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
@@ -40,8 +40,11 @@ import org.apache.kerby.kerberos.kerb.spec.kdc.EncKdcRepPart;
import org.apache.kerby.kerberos.kerb.spec.kdc.KdcReq;
import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlag;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
public class AsRequest extends KdcRequest {
+ private static final Logger LOG = LoggerFactory.getLogger(AsRequest.class);
public AsRequest(AsReq asReq, KdcContext kdcContext) {
super(asReq, kdcContext);
@@ -52,11 +55,13 @@ public class AsRequest extends KdcRequest {
KdcReq request = getKdcReq();
PrincipalName clientPrincipal;
if (isToken()) {
+ LOG.info("The request is with token.");
clientPrincipal = new PrincipalName(getToken().getSubject());
} else {
clientPrincipal = request.getReqBody().getCname();
}
if (clientPrincipal == null) {
+ LOG.warn("Client principal name is null.");
throw new KrbException(KrbErrorCode.KDC_ERR_C_PRINCIPAL_UNKNOWN);
}
String clientRealm = request.getReqBody().getRealm();
@@ -74,6 +79,7 @@ public class AsRequest extends KdcRequest {
}
if (clientEntry == null) {
+ LOG.warn("Can't get the client entry.");
throw new KrbException(KrbErrorCode.KDC_ERR_C_PRINCIPAL_UNKNOWN);
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
index fddb691..424acd4 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
@@ -61,6 +61,8 @@ import org.apache.kerby.kerberos.kerb.spec.pa.PaDataEntry;
import org.apache.kerby.kerberos.kerb.spec.pa.PaDataType;
import org.apache.kerby.kerberos.kerb.spec.ticket.EncTicketPart;
import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import java.net.InetAddress;
import java.nio.ByteBuffer;
@@ -69,6 +71,7 @@ import java.util.List;
public abstract class KdcRequest {
+ private static final Logger LOG = LoggerFactory.getLogger(KdcRequest.class);
private final KdcReq kdcReq;
private final KdcContext kdcContext;
@@ -149,6 +152,7 @@ public abstract class KdcRequest {
PaData paData = getKdcReq().getPaData();
for (PaDataEntry paEntry : paData.getElements()) {
if (paEntry.getPaDataType() == PaDataType.FX_FAST) {
+ LOG.info("Found fast padata and start to process it.");
KrbFastArmoredReq fastArmoredReq = KrbCodec.decode(paEntry.getPaDataValue(),
KrbFastArmoredReq.class);
KrbFastArmor fastArmor = fastArmoredReq.getArmor();
@@ -160,9 +164,10 @@ public abstract class KdcRequest {
KrbFastReq.class);
innerBodyout = fastReq.getKdcReqBody().encode();
- // TODO: get checksumed date in stream
+ // TODO: get checksumed data in stream
CheckSum checkSum = fastArmoredReq.getReqChecksum();
if (checkSum == null) {
+ LOG.warn("Checksum is empty.");
throw new KrbException(KrbErrorCode.KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED);
}
CheckSumHandler.verifyWithKey(checkSum, getKdcReq().getReqBody().encode(),
@@ -302,6 +307,8 @@ public abstract class KdcRequest {
int kerberosVersion = request.getPvno();
if (kerberosVersion != KrbConstant.KRB_V5) {
+ LOG.warn("Kerberos version: " + kerberosVersion + " should equal to "
+ + KrbConstant.KRB_V5);
throw new KrbException(KrbErrorCode.KDC_ERR_BAD_PVNO);
}
}
@@ -312,15 +319,18 @@ public abstract class KdcRequest {
// if we can not get the client entry, maybe it is token preauth, ignore it.
if (entry != null) {
if (entry.isDisabled()) {
+ LOG.warn("Client entry " + entry.getPrincipalName() + " is disabled.");
throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_REVOKED);
}
-
if (entry.isLocked()) {
+ LOG.warn("Client entry " + entry.getPrincipalName() + " is expired.");
throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_REVOKED);
}
if (entry.getExpireTime().lessThan(new Date().getTime())) {
throw new KrbException(KrbErrorCode.KDC_ERR_CLIENT_REVOKED);
}
+ } else {
+ LOG.info("Client entry is empty.");
}
}
@@ -337,6 +347,7 @@ public abstract class KdcRequest {
if (preauthContext.isPreauthRequired()) {
if (preAuthData == null || preAuthData.isEmpty()) {
+ LOG.info("The preauth data is empty.");
KrbError krbError = makePreAuthenticationError(kdcContext, request,
KrbErrorCode.KDC_ERR_PREAUTH_REQUIRED);
throw new KdcRecoverableException(krbError);
@@ -367,6 +378,7 @@ public abstract class KdcRequest {
kdcContext.getConfig().getEncryptionTypes());
if (bestType == null) {
+ LOG.error("Can't get the best encryption type.");
throw new KrbException(KrbErrorCode.KDC_ERR_ETYPE_NOSUPP);
}
@@ -386,6 +398,7 @@ public abstract class KdcRequest {
PrincipalName principal = request.getReqBody().getSname();
String serverRealm = request.getReqBody().getRealm();
if (serverRealm == null || serverRealm.isEmpty()) {
+ LOG.info("Can't get the server realm from request, and try to get from kdcContext.");
serverRealm = kdcContext.getKdcRealm();
}
principal.setRealm(serverRealm);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b4f064c2/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TickertIssuer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TickertIssuer.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TickertIssuer.java
index f9c98dc..8da140c 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TickertIssuer.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TickertIssuer.java
@@ -41,12 +41,15 @@ import org.apache.kerby.kerberos.kerb.spec.ticket.EncTicketPart;
import org.apache.kerby.kerberos.kerb.spec.ticket.Ticket;
import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlag;
import org.apache.kerby.kerberos.kerb.spec.ticket.TicketFlags;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
* Handling ticket constructing, filling, and issuing.
*/
public abstract class TickertIssuer {
private final KdcRequest kdcRequest;
+ private static final Logger LOG = LoggerFactory.getLogger(TickertIssuer.class);
public TickertIssuer(KdcRequest kdcRequest) {
this.kdcRequest = kdcRequest;
@@ -95,6 +98,7 @@ public abstract class TickertIssuer {
if (request.getReqBody().getKdcOptions().isFlagSet(KdcOption.FORWARDABLE)) {
if (!config.isForwardableAllowed()) {
+ LOG.warn("Forward is not allowed.");
throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
}
@@ -103,6 +107,7 @@ public abstract class TickertIssuer {
if (request.getReqBody().getKdcOptions().isFlagSet(KdcOption.PROXIABLE)) {
if (!config.isProxiableAllowed()) {
+ LOG.warn("Proxy is not allowed.");
throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
}
@@ -111,6 +116,7 @@ public abstract class TickertIssuer {
if (request.getReqBody().getKdcOptions().isFlagSet(KdcOption.ALLOW_POSTDATE)) {
if (!config.isPostdatedAllowed()) {
+ LOG.warn("Post date is not allowed.");
throw new KrbException(KrbErrorCode.KDC_ERR_POLICY);
}