You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by pl...@apache.org on 2015/07/31 05:40:15 UTC
[2/2] directory-kerby git commit: Add some java doc.
Add some java doc.
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/b9fc6d67
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/b9fc6d67
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/b9fc6d67
Branch: refs/heads/master
Commit: b9fc6d67368535a861625c76f8564f8f76c6dacd
Parents: 5abee89
Author: plusplusjiajia <ji...@intel.com>
Authored: Fri Jul 31 11:45:57 2015 +0800
Committer: plusplusjiajia <ji...@intel.com>
Committed: Fri Jul 31 11:45:57 2015 +0800
----------------------------------------------------------------------
.../identitybackend/JsonIdentityBackend.java | 1 -
.../identitybackend/LdapIdentityGetHelper.java | 27 +++
.../identitybackend/IdentityZNodeHelper.java | 51 +++++
.../kerby/kerberos/kdc/KerbyKdcServer.java | 3 +
.../kerby/kerberos/kerb/admin/AdminHelper.java | 75 +++++++
.../kerby/kerberos/kerb/admin/Kadmin.java | 186 +++++++++++++++--
.../kerby/kerberos/kerb/admin/KadminOption.java | 27 +++
.../kerby/kerberos/kerb/client/KrbConfig.java | 76 +++++++
.../kerby/kerberos/kerb/client/KrbContext.java | 24 ++-
.../kerby/kerberos/kerb/client/KrbHandler.java | 28 ++-
.../kerby/kerberos/kerb/client/KrbOption.java | 38 +++-
.../client/impl/AbstractInternalKrbClient.java | 20 +-
.../client/impl/DefaultInternalKrbClient.java | 15 +-
.../kerb/client/impl/DefaultKrbHandler.java | 6 +
.../client/preauth/AbstractPreauthPlugin.java | 46 ++++-
.../client/preauth/builtin/EncTsPreauth.java | 25 ++-
.../kerb/client/preauth/builtin/TgtPreauth.java | 25 ++-
.../client/preauth/pkinit/PkinitPreauth.java | 55 +++--
.../kerb/client/preauth/token/TokenPreauth.java | 51 ++++-
.../kerby/kerberos/kerb/spec/base/KrbToken.java | 115 ++++++++++-
.../kerby/kerberos/kerb/server/KdcHandler.java | 20 ++
.../kerby/kerberos/kerb/server/KdcServer.java | 9 +
.../kerberos/kerb/server/KdcServerOption.java | 35 +++-
.../kerberos/kerb/server/request/AsRequest.java | 12 ++
.../kerb/server/request/KdcRequest.java | 203 +++++++++++++++++--
.../kerb/server/request/TgsRequest.java | 44 +++-
.../kerberos/kerb/server/SimpleKdcServer.java | 68 ++++++-
.../kerberos/provider/token/JwtAuthToken.java | 66 +++++-
.../provider/token/JwtTokenDecoder.java | 6 +
.../provider/token/JwtTokenEncoder.java | 16 +-
.../provider/token/JwtTokenProvider.java | 9 +
.../kerby/kerberos/provider/token/JwtUtil.java | 5 +
.../kerby/kerberos/tool/kinit/KinitOption.java | 36 +++-
.../kerby/kerberos/tool/klist/KlistOption.java | 27 +++
.../src/main/java/org/apache/kerby/KOption.java | 55 ++++-
35 files changed, 1386 insertions(+), 119 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
----------------------------------------------------------------------
diff --git a/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java b/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
index 84b1830..101c376 100644
--- a/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
+++ b/kerby-backend/json-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/JsonIdentityBackend.java
@@ -54,7 +54,6 @@ public class JsonIdentityBackend extends AbstractIdentityBackend {
private Gson gson;
private static final Logger LOG = LoggerFactory.getLogger(JsonIdentityBackend.class);
-
// Identities loaded from file
private Map<String, KrbIdentity> ids;
private long kdbFileTimeStamp;
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityGetHelper.java
----------------------------------------------------------------------
diff --git a/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityGetHelper.java b/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityGetHelper.java
index a5b22dc..db0bb0d 100644
--- a/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityGetHelper.java
+++ b/kerby-backend/ldap-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/LdapIdentityGetHelper.java
@@ -40,18 +40,27 @@ public class LdapIdentityGetHelper {
this.entry = entry;
}
+ /**
+ * Get principal name.
+ */
public PrincipalName getPrincipalName() throws LdapInvalidAttributeValueException {
String principalNameStr = entry.get(KerberosAttribute.KRB5_PRINCIPAL_NAME_AT).getString();
PrincipalName principalName = new PrincipalName(principalNameStr);
return principalName;
}
+ /**
+ * Get key version.
+ */
public int getKeyVersion() throws LdapInvalidAttributeValueException {
String keyVersionStr = entry.get(KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT).getString();
int keyVersion = Integer.parseInt(keyVersionStr);
return keyVersion;
}
+ /**
+ * Get keys.
+ */
public List<EncryptionKey> getKeys() throws IOException {
Iterator<Value<?>> iterator1 = entry.get(KerberosAttribute.KRB5_KEY_AT).iterator();
List<EncryptionKey> keys = new ArrayList<>();
@@ -65,33 +74,51 @@ public class LdapIdentityGetHelper {
return keys;
}
+ /**
+ * Get created time.
+ */
public KerberosTime getCreatedTime() throws LdapInvalidAttributeValueException,
ParseException {
String createTime = entry.get("createTimestamp").getString();
return createKerberosTime(createTime);
}
+ /**
+ * Get expire time.
+ */
public KerberosTime getExpireTime() throws LdapInvalidAttributeValueException,
ParseException {
String expirationTime = entry.get(KerberosAttribute.KRB5_ACCOUNT_EXPIRATION_TIME_AT).getString();
return createKerberosTime(expirationTime);
}
+ /**
+ * Get whether disabled.
+ */
public boolean getDisabled() throws LdapInvalidAttributeValueException {
String disabled = entry.get(KerberosAttribute.KRB5_ACCOUNT_DISABLED_AT).getString();
return Boolean.parseBoolean(disabled);
}
+ /**
+ * Get kdc flags.
+ */
public int getKdcFlags() throws LdapInvalidAttributeValueException {
String krb5KDCFlags = entry.get("krb5KDCFlags").getString();
return Integer.parseInt(krb5KDCFlags);
}
+ /**
+ * Get whether locked.
+ */
public boolean getLocked() throws LdapInvalidAttributeValueException {
String lockedOut = entry.get(KerberosAttribute.KRB5_ACCOUNT_LOCKEDOUT_AT).getString();
return Boolean.parseBoolean(lockedOut);
}
+ /**
+ * Create kerberos time.
+ */
private KerberosTime createKerberosTime(String generalizedTime)
throws ParseException {
long time = new GeneralizedTime(generalizedTime).getTime();
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNodeHelper.java
----------------------------------------------------------------------
diff --git a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNodeHelper.java b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNodeHelper.java
index 368d75a..ac59ae9 100644
--- a/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNodeHelper.java
+++ b/kerby-backend/zookeeper-backend/src/main/java/org/apache/kerby/kerberos/kdc/identitybackend/IdentityZNodeHelper.java
@@ -40,66 +40,117 @@ public class IdentityZNodeHelper {
private static final String ENCRYPTION_KEY_NO_ZNODE_NAME = "keyNo";
private static String baseZNode = "/kerby";
+ /**
+ * Get base znode.
+ */
public static String getBaseZNode() {
return baseZNode;
}
+ /**
+ * Get identities znode.
+ */
public static String getIdentitiesZNode() {
return ZKUtil.joinZNode(getBaseZNode(), IDENTITIES_ZNODE_NAME);
}
+ /**
+ * Get identity znode.
+ */
public static String getIndentityZNode(String principalName) {
return ZKUtil.joinZNode(getIdentitiesZNode(), principalName);
}
+ /**
+ * Get principal name znode.
+ */
public static String getPrincipalNameZnode(String principalName) {
return ZKUtil.joinZNode(getIndentityZNode(principalName), PRINCIPAL_NAME_ZNODE_NAME);
}
+ /**
+ * Get key version znode.
+ */
public static String getKeyVersionZNode(String principalName) {
return ZKUtil.joinZNode(getIndentityZNode(principalName), KEY_VERSION_ZNODE_NAME);
}
+ /**
+ * Get kdc flags znode.
+ */
public static String getKdcFlagsZNode(String principalName) {
return ZKUtil.joinZNode(getIndentityZNode(principalName), KDC_FLAGS_ZNODE_NAME);
}
+ /**
+ * Get disabled znode.
+ */
public static String getDisabledZNode(String principalName) {
return ZKUtil.joinZNode(getIndentityZNode(principalName), DISABLED_ZNODE_NAME);
}
+ /**
+ * Get locked znode.
+ */
public static String getLockedZNode(String principalName) {
return ZKUtil.joinZNode(getIndentityZNode(principalName), LOCKED_ZNODE_NAME);
}
+ /**
+ * Get expire time znode.
+ */
public static String getExpireTimeZNode(String principalName) {
return ZKUtil.joinZNode(getIndentityZNode(principalName), EXPIRE_TIME_ZNODE_NAME);
}
+ /**
+ * Get created time znode.
+ */
public static String getCreatedTimeZNode(String principalName) {
return ZKUtil.joinZNode(getIndentityZNode(principalName), CREATED_TIME_ZNODE_NAME);
}
+ /**
+ * Get keys znode.
+ */
public static String getKeysZNode(String principalName) {
return ZKUtil.joinZNode(getIndentityZNode(principalName), KEYS_ZNODE_NAME);
}
+ /**
+ * Get key type znode.
+ */
public static String getKeyTypeZNode(String principalName, String type) {
return ZKUtil.joinZNode(getKeysZNode(principalName), type);
}
+ /**
+ * Get encryption key type znode.
+ */
public static String getEncryptionKeyTypeZNode(String principalName, String type) {
return ZKUtil.joinZNode(getKeyTypeZNode(principalName, type), KEY_TYPE_ZNODE_NAME);
}
+ /**
+ * Get encryption key znode.
+ */
public static String getEncryptionKeyZNode(String principalName, String type) {
return ZKUtil.joinZNode(getKeyTypeZNode(principalName, type), KEY_ZNODE_NAME);
}
+ /**
+ * Get encryption key kvno znode.
+ */
public static String getEncryptionKeyNoZNode(String principalName, String type) {
return ZKUtil.joinZNode(getKeyTypeZNode(principalName, type), ENCRYPTION_KEY_NO_ZNODE_NAME);
}
+ /**
+ * Get identity names.
+ *
+ * @param zk The zookeeper
+ * @return The list of principal names.
+ */
public static List<String> getIdentityNames(ZooKeeper zk) throws KeeperException {
List<String> identityNames = ZKUtil.listChildrenNoWatch(zk, getIdentitiesZNode());
return identityNames;
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
index 5edbdf9..4ca600e 100644
--- a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
+++ b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
@@ -36,6 +36,9 @@ public class KerbyKdcServer extends KdcServer {
setInnerKdcImpl(new NettyKdcServerImpl(getKdcSetting()));
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void init() throws KrbException {
super.init();
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java
index f0c5bd7..c1d0860 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/AdminHelper.java
@@ -41,6 +41,14 @@ public final class AdminHelper {
private AdminHelper() { }
+ /**
+ * Export all the keys of the specified principal into the specified keytab
+ * file.
+ *
+ * @param keytabFile The keytab file
+ * @param identity The identity
+ * @throws KrbException
+ */
static void exportKeytab(File keytabFile, KrbIdentity identity)
throws KrbException {
@@ -51,6 +59,13 @@ public final class AdminHelper {
storeKeytab(keytab, keytabFile);
}
+ /**
+ * Load keytab from keytab file.
+ *
+ * @param keytabFile The keytab file
+ * @return The keytab load from keytab file
+ * @throws KrbException
+ */
static Keytab loadKeytab(File keytabFile) throws KrbException {
Keytab keytab;
try {
@@ -62,6 +77,14 @@ public final class AdminHelper {
return keytab;
}
+ /**
+ * If keytab file does not exist, create a new keytab,
+ * otherwise load keytab from keytab file.
+ *
+ * @param keytabFile The keytab file
+ * @return The keytab load from keytab file
+ * @throws KrbException
+ */
static Keytab createOrLoadKeytab(File keytabFile) throws KrbException {
Keytab keytab;
@@ -82,6 +105,13 @@ public final class AdminHelper {
return keytab;
}
+ /**
+ * Export all the keys of the specified identity into the keytab.
+ *
+ * @param keytab The keytab
+ * @param identity The identity
+ * @throws KrbException
+ */
static void exportToKeytab(Keytab keytab, KrbIdentity identity)
throws KrbException {
@@ -95,6 +125,13 @@ public final class AdminHelper {
}
}
+ /**
+ * Store the keytab to keytab file.
+ *
+ * @param keytab The keytab
+ * @param keytabFile The keytab file
+ * @throws KrbException
+ */
static void storeKeytab(Keytab keytab, File keytabFile) throws KrbException {
try {
keytab.store(keytabFile);
@@ -103,6 +140,14 @@ public final class AdminHelper {
}
}
+ /**
+ * Remove all the keys of the specified principal in the specified keytab
+ * file.
+ *
+ * @param keytabFile The keytab file
+ * @param principalName The principal name
+ * @throws KrbException
+ */
static void removeKeytabEntriesOf(File keytabFile,
String principalName) throws KrbException {
Keytab keytab = loadKeytab(keytabFile);
@@ -112,6 +157,15 @@ public final class AdminHelper {
storeKeytab(keytab, keytabFile);
}
+ /**
+ * Remove all the keys of the specified principal with specified kvno
+ * in the specified keytab file.
+ *
+ * @param keytabFile The keytab file
+ * @param principalName The principal name
+ * @param kvno The kvno
+ * @throws KrbException
+ */
static void removeKeytabEntriesOf(File keytabFile,
String principalName, int kvno) throws KrbException {
Keytab keytab = loadKeytab(keytabFile);
@@ -121,6 +175,14 @@ public final class AdminHelper {
storeKeytab(keytab, keytabFile);
}
+ /**
+ * Remove all the old keys of the specified principal
+ * in the specified keytab file.
+ *
+ * @param keytabFile The keytab file
+ * @param principalName The principal name
+ * @throws KrbException
+ */
static void removeOldKeytabEntriesOf(File keytabFile,
String principalName) throws KrbException {
Keytab keytab = loadKeytab(keytabFile);
@@ -144,6 +206,12 @@ public final class AdminHelper {
storeKeytab(keytab, keytabFile);
}
+ /**
+ * Create principal.
+ *
+ * @param principal The principal name to be created
+ * @param kOptions The KOptions with principal info
+ */
static KrbIdentity createIdentity(String principal, KOptions kOptions)
throws KrbException {
KrbIdentity kid = new KrbIdentity(principal);
@@ -165,6 +233,13 @@ public final class AdminHelper {
return kid;
}
+ /**
+ * Modify the principal with KOptions.
+ *
+ * @param identity The identity to be modified
+ * @param kOptions The KOptions with changed principal info
+ * @throws KrbException
+ */
static void updateIdentity(KrbIdentity identity, KOptions kOptions) {
if (kOptions.contains(KadminOption.EXPIRE)) {
Date date = kOptions.getDateOption(KadminOption.EXPIRE);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
index 88cbe1c..ff422ba 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.admin;
@@ -45,12 +45,23 @@ public class Kadmin {
private final KdcSetting kdcSetting;
private final IdentityService backend;
+ /**
+ * Construct with prepared KdcConfig and BackendConfig.
+ *
+ * @param kdcConfig The kdc config
+ * @param backendConfig The backend config
+ */
public Kadmin(KdcConfig kdcConfig,
BackendConfig backendConfig) throws KrbException {
this.backend = KdcUtil.getBackend(backendConfig);
this.kdcSetting = new KdcSetting(kdcConfig, backendConfig);
}
+ /**
+ * Construct with prepared conf dir.
+ *
+ * @param confDir The path of conf dir
+ */
public Kadmin(File confDir) throws KrbException {
KdcConfig tmpKdcConfig = KdcUtil.getKdcConfig(confDir);
if (tmpKdcConfig == null) {
@@ -67,27 +78,49 @@ public class Kadmin {
backend = KdcUtil.getBackend(tmpBackendConfig);
}
+ /**
+ * Construct with prepared KdcSetting and Backend.
+ *
+ * @param kdcSetting The kdc setting
+ * @param backend The identity backend
+ */
public Kadmin(KdcSetting kdcSetting, IdentityService backend) {
this.kdcSetting = kdcSetting;
this.backend = backend;
}
+ /**
+ * Get the tgs principal name.
+ *
+ * @return The tgs principal name.
+ */
private String getTgsPrincipal() {
return KrbUtil.makeTgsPrincipal(kdcSetting.getKdcRealm()).getName();
}
+ /**
+ * Get the kadmin principal name.
+ *
+ * @return The kadmin principal name.
+ */
public String getKadminPrincipal() {
return KrbUtil.makeKadminPrincipal(kdcSetting.getKdcRealm()).getName();
}
+ /**
+ * Check the built-in principals, will throw KrbException if not exist.
+ */
public void checkBuiltinPrincipals() throws KrbException {
String tgsPrincipal = getTgsPrincipal();
String kadminPrincipal = getKadminPrincipal();
if (backend.getIdentity(tgsPrincipal) == null || backend.getIdentity(kadminPrincipal) == null) {
- throw new KrbException("The builtin principals do not exist in backend, please run the kdcinit tool.");
+ throw new KrbException("The built-in principals do not exist in backend, please run the kdcinit tool.");
}
}
+ /**
+ * Create build-in principals.
+ */
public void createBuiltinPrincipals() throws KrbException {
String tgsPrincipal = getTgsPrincipal();
if (backend.getIdentity(tgsPrincipal) == null) {
@@ -104,34 +137,59 @@ public class Kadmin {
}
}
+ /**
+ * Delete build-in principals.
+ */
public void deleteBuiltinPrincipals() throws KrbException {
deletePrincipal(getTgsPrincipal());
deletePrincipal(getKadminPrincipal());
}
+ /**
+ * Get kdc config.
+ *
+ * @return The kdc config.
+ */
public KdcConfig getKdcConfig() {
return kdcSetting.getKdcConfig();
}
+ /**
+ * Get backend config.
+ *
+ * @return The backend config.
+ */
public BackendConfig getBackendConfig() {
return kdcSetting.getBackendConfig();
}
/**
* Get identity backend.
+ *
* @return IdentityBackend
*/
public IdentityService getIdentityBackend() {
return backend;
}
+ /**
+ * Add principal to backend.
+ *
+ * @param principal The principal to be added into backend
+ */
public void addPrincipal(String principal) throws KrbException {
principal = fixPrincipal(principal);
addPrincipal(principal, new KOptions());
}
+ /**
+ * Add principal to backend.
+ *
+ * @param principal The principal to be added into backend
+ * @param kOptions The KOptions with principal info
+ */
public void addPrincipal(String principal, KOptions kOptions)
- throws KrbException {
+ throws KrbException {
principal = fixPrincipal(principal);
KrbIdentity identity = AdminHelper.createIdentity(principal, kOptions);
List<EncryptionKey> keys = EncryptionUtil.generateKeys(
@@ -140,18 +198,31 @@ public class Kadmin {
backend.addIdentity(identity);
}
+ /**
+ * Add principal to backend.
+ *
+ * @param principal The principal to be added into backend
+ * @param password The password to create encryption key
+ */
public void addPrincipal(String principal, String password)
throws KrbException {
principal = fixPrincipal(principal);
addPrincipal(principal, password, new KOptions());
}
+ /**
+ * Add principal to backend.
+ *
+ * @param principal The principal to be added into backend
+ * @param password The password to create encryption key
+ * @param kOptions The KOptions with principal info
+ */
public void addPrincipal(String principal, String password, KOptions kOptions)
- throws KrbException {
+ throws KrbException {
principal = fixPrincipal(principal);
KrbIdentity identity = AdminHelper.createIdentity(principal, kOptions);
List<EncryptionKey> keys = EncryptionUtil.generateKeys(principal, password,
- getKdcConfig().getEncryptionTypes());
+ getKdcConfig().getEncryptionTypes());
identity.addKeys(keys);
backend.addIdentity(identity);
}
@@ -159,12 +230,13 @@ public class Kadmin {
/**
* Export all the keys of the specified principal into the specified keytab
* file.
- * @param keytabFile
- * @param principal
+ *
+ * @param keytabFile The keytab file
+ * @param principal The principal name
* @throws KrbException
*/
public void exportKeytab(File keytabFile, String principal)
- throws KrbException {
+ throws KrbException {
principal = fixPrincipal(principal);
//Get Identity
KrbIdentity identity = backend.getIdentity(principal);
@@ -178,7 +250,8 @@ public class Kadmin {
/**
* Export all identity keys to the specified keytab file.
- * @param keytabFile
+ *
+ * @param keytabFile The keytab file
* @throws KrbException
*/
public void exportKeytab(File keytabFile) throws KrbException {
@@ -195,31 +268,69 @@ public class Kadmin {
AdminHelper.storeKeytab(keytab, keytabFile);
}
+ /**
+ * Remove all the keys of the specified principal in the specified keytab
+ * file.
+ *
+ * @param keytabFile The keytab file
+ * @param principal The principal name
+ * @throws KrbException
+ */
public void removeKeytabEntriesOf(File keytabFile, String principal)
- throws KrbException {
+ throws KrbException {
principal = fixPrincipal(principal);
AdminHelper.removeKeytabEntriesOf(keytabFile, principal);
}
+ /**
+ * Remove all the keys of the specified principal with specified kvno
+ * in the specified keytab file.
+ *
+ * @param keytabFile The keytab file
+ * @param principal The principal name
+ * @param kvno The kvno
+ * @throws KrbException
+ */
public void removeKeytabEntriesOf(File keytabFile, String principal, int kvno)
- throws KrbException {
+ throws KrbException {
principal = fixPrincipal(principal);
AdminHelper.removeKeytabEntriesOf(keytabFile, principal, kvno);
}
+ /**
+ * Remove all the old keys of the specified principal
+ * in the specified keytab file.
+ *
+ * @param keytabFile The keytab file
+ * @param principal The principal name
+ * @throws KrbException
+ */
public void removeOldKeytabEntriesOf(File keytabFile, String principal)
- throws KrbException {
+ throws KrbException {
principal = fixPrincipal(principal);
AdminHelper.removeOldKeytabEntriesOf(keytabFile, principal);
}
+ /**
+ * Delete the principal in backend.
+ *
+ * @param principal The principal to be deleted from backend
+ * @throws KrbException
+ */
public void deletePrincipal(String principal) throws KrbException {
principal = fixPrincipal(principal);
backend.deleteIdentity(principal);
}
+ /**
+ * Modify the principal with KOptions.
+ *
+ * @param principal The principal to be modified
+ * @param kOptions The KOptions with changed principal info
+ * @throws KrbException
+ */
public void modifyPrincipal(String principal, KOptions kOptions)
- throws KrbException {
+ throws KrbException {
principal = fixPrincipal(principal);
KrbIdentity identity = backend.getIdentity(principal);
if (identity == null) {
@@ -230,8 +341,15 @@ public class Kadmin {
backend.updateIdentity(identity);
}
+ /**
+ * Rename the principal.
+ *
+ * @param oldPrincipalName The original principal name
+ * @param newPrincipalName The new principal name
+ * @throws KrbException
+ */
public void renamePrincipal(String oldPrincipalName, String newPrincipalName)
- throws KrbException {
+ throws KrbException {
oldPrincipalName = fixPrincipal(oldPrincipalName);
newPrincipalName = fixPrincipal(newPrincipalName);
KrbIdentity oldIdentity = backend.getIdentity(newPrincipalName);
@@ -251,11 +369,22 @@ public class Kadmin {
backend.addIdentity(identity);
}
+ /**
+ * Get the identity from backend.
+ *
+ * @param principalName The principal name
+ * @throws KrbException
+ */
public KrbIdentity getPrincipal(String principalName) throws KrbException {
KrbIdentity identity = backend.getIdentity(principalName);
return identity;
}
+ /**
+ * Get all the principal names from backend.
+ *
+ * @throws KrbException
+ */
public List<String> getPrincipals() throws KrbException {
Iterable<String> principalNames = backend.getIdentities();
List<String> principalList = new LinkedList<>();
@@ -266,8 +395,15 @@ public class Kadmin {
return principalList;
}
+ /**
+ * Update the password of specified principal.
+ *
+ * @param principal The principal to be updated password
+ * @param password The new password
+ * @throws KrbException
+ */
public void updatePassword(String principal, String password)
- throws KrbException {
+ throws KrbException {
principal = fixPrincipal(principal);
KrbIdentity identity = backend.getIdentity(principal);
if (identity == null) {
@@ -275,12 +411,18 @@ public class Kadmin {
+ "was not found. Please check the input and try again");
}
List<EncryptionKey> keys = EncryptionUtil.generateKeys(principal, password,
- getKdcConfig().getEncryptionTypes());
+ getKdcConfig().getEncryptionTypes());
identity.addKeys(keys);
backend.updateIdentity(identity);
}
+ /**
+ * Update the random keys of specified principal.
+ *
+ * @param principal The principal to be updated keys
+ * @throws KrbException
+ */
public void updateKeys(String principal) throws KrbException {
principal = fixPrincipal(principal);
KrbIdentity identity = backend.getIdentity(principal);
@@ -289,11 +431,17 @@ public class Kadmin {
+ "was not found. Please check the input and try again");
}
List<EncryptionKey> keys = EncryptionUtil.generateKeys(
- getKdcConfig().getEncryptionTypes());
+ getKdcConfig().getEncryptionTypes());
identity.addKeys(keys);
backend.updateIdentity(identity);
}
+ /**
+ * Fix principal name.
+ *
+ * @param principal The principal name
+ * @throws KrbException
+ */
private String fixPrincipal(String principal) {
if (!principal.contains("@")) {
principal += "@" + getKdcConfig().getKdcRealm();
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/KadminOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/KadminOption.java b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/KadminOption.java
index 8fd8002..ae47809 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/KadminOption.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/KadminOption.java
@@ -72,21 +72,33 @@ public enum KadminOption implements KOption {
return NONE;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getOptionName() {
return name();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public KOptionType getType() {
return this.type;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setType(KOptionType type) {
this.type = type;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getName() {
if (name != null) {
@@ -95,26 +107,41 @@ public enum KadminOption implements KOption {
return name();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setName(String name) {
this.name = name;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getDescription() {
return this.description;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setDescription(String description) {
this.description = description;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public Object getValue() {
return value;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setValue(Object value) {
this.value = value;
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
index 919126b..a5886fd 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
@@ -36,6 +36,7 @@ public class KrbConfig extends Conf {
/**
* Get KDC host name
+ *
* @return
*/
public String getKdcHost() {
@@ -44,6 +45,7 @@ public class KrbConfig extends Conf {
/**
* Get KDC port, as both TCP and UDP ports
+ *
* @return
*/
public int getKdcPort() {
@@ -57,6 +59,7 @@ public class KrbConfig extends Conf {
/**
* Get KDC TCP port
+ *
* @return
*/
public int getKdcTcpPort() {
@@ -70,6 +73,7 @@ public class KrbConfig extends Conf {
/**
* Is to allow UDP for KDC
+ *
* @return true to allow UDP, false otherwise
*/
public boolean allowKdcUdp() {
@@ -79,14 +83,17 @@ public class KrbConfig extends Conf {
/**
* Is to allow TCP for KDC
+ *
* @return true to allow TCP, false otherwise
*/
public boolean allowKdcTcp() {
return getBoolean(KrbConfigKey.KDC_ALLOW_TCP) || KrbConfHelper.getIntUnderSection(this,
KrbConfigKey.KDC_TCP_PORT) != null;
}
+
/**
* Get KDC UDP port
+ *
* @return
*/
public int getKdcUdpPort() {
@@ -98,94 +105,163 @@ public class KrbConfig extends Conf {
return getKdcPort();
}
+ /**
+ * Get KDC realm.
+ */
public String getKdcRealm() {
return KrbConfHelper.getStringUnderSection(this, KrbConfigKey.KDC_REALM);
}
+ /**
+ * Get whether preatuh is required.
+ */
public boolean isPreauthRequired() {
return getBoolean(KrbConfigKey.PREAUTH_REQUIRED);
}
+ /**
+ * Get tgs principal.
+ */
public String getTgsPrincipal() {
return getString(KrbConfigKey.TGS_PRINCIPAL);
}
+ /**
+ * Get allowable clock skew.
+ */
public long getAllowableClockSkew() {
return KrbConfHelper.getLongUnderSection(this, KrbConfigKey.CLOCKSKEW);
}
+ /**
+ * Get whether empty addresses allowed.
+ */
public boolean isEmptyAddressesAllowed() {
return getBoolean(KrbConfigKey.EMPTY_ADDRESSES_ALLOWED);
}
+ /**
+ * Get whether forward is allowed.
+ */
public boolean isForwardableAllowed() {
return KrbConfHelper.getBooleanUnderSection(this, KrbConfigKey.FORWARDABLE);
}
+ /**
+ * Get whether post dated is allowed.
+ */
public boolean isPostdatedAllowed() {
return getBoolean(KrbConfigKey.POSTDATED_ALLOWED);
}
+ /**
+ * Get whether proxy is allowed.
+ */
public boolean isProxiableAllowed() {
return KrbConfHelper.getBooleanUnderSection(this, KrbConfigKey.PROXIABLE);
}
+ /**
+ * Get whether renew is allowed.
+ */
public boolean isRenewableAllowed() {
return getBoolean(KrbConfigKey.RENEWABLE_ALLOWED);
}
+ /**
+ * Get maximum renewable life time.
+ */
public long getMaximumRenewableLifetime() {
return getLong(KrbConfigKey.MAXIMUM_RENEWABLE_LIFETIME);
}
+ /**
+ * Get maximum ticket life time.
+ */
public long getMaximumTicketLifetime() {
return getLong(KrbConfigKey.MAXIMUM_TICKET_LIFETIME);
}
+ /**
+ * Get minimum ticket life time.
+ */
public long getMinimumTicketLifetime() {
return getLong(KrbConfigKey.MINIMUM_TICKET_LIFETIME);
}
+ /**
+ * Get encryption types.
+ */
public List<EncryptionType> getEncryptionTypes() {
return KrbConfHelper.getEncTypesUnderSection(this, KrbConfigKey.PERMITTED_ENCTYPES);
}
+ /**
+ * Get whether pa encrypt timestamp required.
+ */
public boolean isPaEncTimestampRequired() {
return getBoolean(KrbConfigKey.PA_ENC_TIMESTAMP_REQUIRED);
}
+ /**
+ * Get whether body checksum verified.
+ */
public boolean isBodyChecksumVerified() {
return getBoolean(KrbConfigKey.VERIFY_BODY_CHECKSUM);
}
+ /**
+ * Get default realm.
+ */
public String getDefaultRealm() {
return KrbConfHelper.getStringUnderSection(this, KrbConfigKey.DEFAULT_REALM);
}
+ /**
+ * Get whether dns look up kdc.
+ */
public boolean getDnsLookUpKdc() {
return KrbConfHelper.getBooleanUnderSection(this, KrbConfigKey.DNS_LOOKUP_KDC);
}
+ /**
+ * Get whether dns look up realm.
+ */
public boolean getDnsLookUpRealm() {
return KrbConfHelper.getBooleanUnderSection(this, KrbConfigKey.DNS_LOOKUP_REALM);
}
+ /**
+ * Get whether allow weak crypto.
+ */
public boolean getAllowWeakCrypto() {
return KrbConfHelper.getBooleanUnderSection(this, KrbConfigKey.ALLOW_WEAK_CRYPTO);
}
+ /**
+ * Get ticket life time.
+ */
public long getTicketLifetime() {
return KrbConfHelper.getLongUnderSection(this, KrbConfigKey.TICKET_LIFETIME);
}
+ /**
+ * Get renew life time.
+ */
public long getRenewLifetime() {
return KrbConfHelper.getLongUnderSection(this, KrbConfigKey.RENEW_LIFETIME);
}
+ /**
+ * Get default tgs encryption types.
+ */
public List<EncryptionType> getDefaultTgsEnctypes() {
return KrbConfHelper.getEncTypesUnderSection(this, KrbConfigKey.DEFAULT_TGS_ENCTYPES);
}
+ /**
+ * Get default ticket encryption types.
+ */
public List<EncryptionType> getDefaultTktEnctypes() {
return KrbConfHelper.getEncTypesUnderSection(this, KrbConfigKey.DEFAULT_TKT_ENCTYPES);
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbContext.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbContext.java
index e5b31be..a69a607 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbContext.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbContext.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client;
@@ -27,28 +27,46 @@ public class KrbContext {
private KrbSetting krbSetting;
private PreauthHandler preauthHandler;
+ /**
+ * Init with krbsetting.
+ */
public void init(KrbSetting krbSetting) {
this.krbSetting = krbSetting;
preauthHandler = new PreauthHandler();
preauthHandler.init(this);
}
+ /**
+ * Get krbsetting.
+ */
public KrbSetting getKrbSetting() {
return krbSetting;
}
+ /**
+ * Get krbconfig.
+ */
public KrbConfig getConfig() {
return krbSetting.getKrbConfig();
}
+ /**
+ * Generate nonce.
+ */
public int generateNonce() {
return Nonce.value();
}
+ /**
+ * Get ticket valid time.
+ */
public long getTicketValidTime() {
return 8 * 60 * 60 * 1000;
}
+ /**
+ * Get preauth handler.
+ */
public PreauthHandler getPreauthHandler() {
return preauthHandler;
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
index b27d9bd..8dd9f13 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbHandler.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client;
@@ -49,11 +49,21 @@ public abstract class KrbHandler {
private static final Logger LOG = LoggerFactory.getLogger(KrbHandler.class);
private PreauthHandler preauthHandler;
+ /**
+ * Init with krbcontext.
+ *
+ * @param context The krbcontext
+ */
public void init(KrbContext context) {
preauthHandler = new PreauthHandler();
preauthHandler.init(context);
}
+ /**
+ * Handle the kdc request.
+ *
+ * @param kdcRequest The kdc request
+ */
public void handleRequest(KdcRequest kdcRequest) throws KrbException {
kdcRequest.process();
KdcReq kdcReq = kdcRequest.getKdcReq();
@@ -78,6 +88,12 @@ public abstract class KrbHandler {
}
}
+ /**
+ * Process the response messabe from kdc.
+ *
+ * @param kdcRequest The kdc request
+ * @param responseMessage The message from kdc
+ */
public void onResponseMessage(
KdcRequest kdcRequest, ByteBuffer responseMessage) throws KrbException {
@@ -119,6 +135,12 @@ public abstract class KrbHandler {
}
}
+ /**
+ * Send message to kdc.
+ *
+ * @param kdcRequest The kdc request
+ * @param requestMessage The request message to kdc
+ */
protected abstract void sendMessage(KdcRequest kdcRequest,
ByteBuffer requestMessage) throws IOException;
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
index e331ecb..b2e0072 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client;
@@ -97,29 +97,49 @@ public enum KrbOption implements KOption {
this.type = type;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getOptionName() {
return name();
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public void setType(KOptionType type) {
this.type = type;
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public KOptionType getType() {
return this.type;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setName(String name) {
this.name = name;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setDescription(String description) {
this.description = description;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getName() {
if (name != null) {
@@ -128,21 +148,33 @@ public enum KrbOption implements KOption {
return name();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getDescription() {
return this.description;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setValue(Object value) {
this.value = value;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public Object getValue() {
return value;
}
+ /**
+ * {@inheritDoc}
+ */
public static KrbOption fromName(String name) {
if (name != null) {
for (KrbOption ko : values()) {
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java
index 5d8bdc3..0dedc75 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client.impl;
@@ -52,17 +52,26 @@ public abstract class AbstractInternalKrbClient implements InternalKrbClient {
return context;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public KrbSetting getSetting() {
return krbSetting;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void init() throws KrbException {
context = new KrbContext();
context.init(krbSetting);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public TgtTicket requestTgtTicket(KOptions requestOptions) throws KrbException {
AsRequest asRequest = null;
@@ -95,6 +104,9 @@ public abstract class AbstractInternalKrbClient implements InternalKrbClient {
return doRequestTgtTicket(asRequest);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public ServiceTicket requestServiceTicket(KOptions requestOptions) throws KrbException {
TgsRequest tgsRequest = null;
@@ -110,7 +122,7 @@ public abstract class AbstractInternalKrbClient implements InternalKrbClient {
"No valid krb client request option found");
}
tgsRequest.setServerPrincipal(new PrincipalName(requestOptions.
- getStringOption(KrbOption.SERVER_PRINCIPAL)));
+ getStringOption(KrbOption.SERVER_PRINCIPAL)));
tgsRequest.setKrbOptions(requestOptions);
return doRequestServiceTicket(tgsRequest);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java
index 2570510..87d9e71 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultInternalKrbClient.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client.impl;
@@ -44,6 +44,9 @@ public class DefaultInternalKrbClient extends AbstractInternalKrbClient {
super(krbSetting);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void init() throws KrbException {
super.init();
@@ -61,6 +64,9 @@ public class DefaultInternalKrbClient extends AbstractInternalKrbClient {
}
}
+ /**
+ * {@inheritDoc}
+ */
@Override
protected TgtTicket doRequestTgtTicket(AsRequest tgtTktReq) throws KrbException {
tgtTktReq.setSessionData(transport);
@@ -70,6 +76,9 @@ public class DefaultInternalKrbClient extends AbstractInternalKrbClient {
return tgtTktReq.getTicket();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
protected ServiceTicket doRequestServiceTicket(TgsRequest ticketReq) throws KrbException {
ticketReq.setSessionData(transport);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultKrbHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultKrbHandler.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultKrbHandler.java
index f52763b..246f399 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultKrbHandler.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/DefaultKrbHandler.java
@@ -29,6 +29,9 @@ import java.nio.ByteBuffer;
public class DefaultKrbHandler extends KrbHandler {
+ /**
+ * {@inheritDoc}
+ */
@Override
public void handleRequest(KdcRequest kdcRequest) throws KrbException {
KrbTransport transport = (KrbTransport) kdcRequest.getSessionData();
@@ -44,6 +47,9 @@ public class DefaultKrbHandler extends KrbHandler {
super.onResponseMessage(kdcRequest, receivedMessage);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
protected void sendMessage(KdcRequest kdcRequest,
ByteBuffer requestMessage) throws IOException {
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
index bdc8ccf..0c2ae35 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/AbstractPreauthPlugin.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client.preauth;
@@ -44,28 +44,46 @@ public class AbstractPreauthPlugin implements KrbPreauth {
this.pluginMeta = meta;
}
+ /**
+ * Get plugin name.
+ */
@Override
public String getName() {
return pluginMeta.getName();
}
+ /**
+ * Get plugin version.
+ */
public int getVersion() {
return pluginMeta.getVersion();
}
+ /**
+ * Get padata type.
+ */
public PaDataType[] getPaTypes() {
return pluginMeta.getPaTypes();
}
+ /**
+ * {@inheritDoc}
+ */
public void init(KrbContext context) {
this.context = context;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
return null;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void prepareQuestions(KdcRequest kdcRequest,
PluginRequestContext requestContext) throws KrbException {
@@ -73,24 +91,37 @@ public class AbstractPreauthPlugin implements KrbPreauth {
kdcRequest.needAsKey();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public List<EncryptionType> getEncTypes(KdcRequest kdcRequest,
PluginRequestContext requestContext) {
return Collections.emptyList();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setPreauthOptions(KdcRequest kdcRequest,
PluginRequestContext requestContext, KOptions options) {
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public void tryFirst(KdcRequest kdcRequest,
PluginRequestContext requestContext,
PaData outPadata) throws KrbException {
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean process(KdcRequest kdcRequest,
PluginRequestContext requestContext, PaDataEntry inPadata,
@@ -99,6 +130,9 @@ public class AbstractPreauthPlugin implements KrbPreauth {
return false;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean tryAgain(KdcRequest kdcRequest,
PluginRequestContext requestContext, PaDataType preauthType,
@@ -106,6 +140,9 @@ public class AbstractPreauthPlugin implements KrbPreauth {
return false;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public PaFlags getFlags(PaDataType paType) {
PaFlags paFlags = new PaFlags(0);
@@ -114,6 +151,9 @@ public class AbstractPreauthPlugin implements KrbPreauth {
return paFlags;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void destroy() {
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
index c5f8f79..8f13352 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/EncTsPreauth.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client.preauth.builtin;
@@ -40,6 +40,9 @@ public class EncTsPreauth extends AbstractPreauthPlugin {
super(new EncTsPreauthMeta());
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void prepareQuestions(KdcRequest kdcRequest,
PluginRequestContext requestContext) throws KrbException {
@@ -47,6 +50,10 @@ public class EncTsPreauth extends AbstractPreauthPlugin {
kdcRequest.needAsKey();
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public void tryFirst(KdcRequest kdcRequest,
PluginRequestContext requestContext,
PaData outPadata) throws KrbException {
@@ -57,6 +64,9 @@ public class EncTsPreauth extends AbstractPreauthPlugin {
outPadata.addElement(makeEntry(kdcRequest));
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean process(KdcRequest kdcRequest,
PluginRequestContext requestContext,
@@ -71,6 +81,9 @@ public class EncTsPreauth extends AbstractPreauthPlugin {
return true;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public PaFlags getFlags(PaDataType paType) {
PaFlags paFlags = new PaFlags(0);
@@ -79,6 +92,12 @@ public class EncTsPreauth extends AbstractPreauthPlugin {
return paFlags;
}
+ /**
+ * Make padata entry.
+ *
+ * @param kdcRequest The kdc request
+ * @return PaDataEntry to be made.
+ */
private PaDataEntry makeEntry(KdcRequest kdcRequest) throws KrbException {
PaEncTsEnc paTs = new PaEncTsEnc();
paTs.setPaTimestamp(kdcRequest.getPreauthTime());
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/TgtPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
index 7365066..6b1118a 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/builtin/TgtPreauth.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client.preauth.builtin;
@@ -35,6 +35,10 @@ public class TgtPreauth extends AbstractPreauthPlugin {
super(new TgtPreauthMeta());
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public void tryFirst(KdcRequest kdcRequest,
PluginRequestContext requestContext,
PaData outPadata) throws KrbException {
@@ -42,17 +46,26 @@ public class TgtPreauth extends AbstractPreauthPlugin {
outPadata.addElement(makeEntry(kdcRequest));
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean process(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataEntry inPadata,
- PaData outPadata) throws KrbException {
+ PluginRequestContext requestContext,
+ PaDataEntry inPadata,
+ PaData outPadata) throws KrbException {
outPadata.addElement(makeEntry(kdcRequest));
return true;
}
+ /**
+ * Make padata entry.
+ *
+ * @param kdcRequest The kdc request
+ * @return PaDataEntry to be made.
+ */
private PaDataEntry makeEntry(KdcRequest kdcRequest) throws KrbException {
TgsRequestWithTgt tgsRequest = (TgsRequestWithTgt) kdcRequest;
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
index 76436b8..f8b8376 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/pkinit/PkinitPreauth.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client.preauth.pkinit;
@@ -53,12 +53,18 @@ public class PkinitPreauth extends AbstractPreauthPlugin {
super(new PkinitPreauthMeta());
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void init(KrbContext context) {
super.init(context);
this.pkinitContext = new PkinitContext();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
PkinitRequestContext reqCtx = new PkinitRequestContext();
@@ -68,6 +74,9 @@ public class PkinitPreauth extends AbstractPreauthPlugin {
return reqCtx;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setPreauthOptions(KdcRequest kdcRequest,
PluginRequestContext requestContext,
@@ -89,6 +98,9 @@ public class PkinitPreauth extends AbstractPreauthPlugin {
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void prepareQuestions(KdcRequest kdcRequest,
PluginRequestContext requestContext) {
@@ -103,17 +115,24 @@ public class PkinitPreauth extends AbstractPreauthPlugin {
// Might have questions asking for password to access the private key
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public void tryFirst(KdcRequest kdcRequest,
PluginRequestContext requestContext,
PaData outPadata) throws KrbException {
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean process(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataEntry inPadata,
- PaData outPadata) throws KrbException {
+ PluginRequestContext requestContext,
+ PaDataEntry inPadata,
+ PaData outPadata) throws KrbException {
PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
if (inPadata == null) {
@@ -169,7 +188,7 @@ public class PkinitPreauth extends AbstractPreauthPlugin {
authPack.setsupportedCmsTypes(pkinitContext.pluginOpts.createSupportedCMSTypes());
if (usingRsa) {
- System.out.println(); // DH case
+ System.out.println(); // DH case
} else {
authPack.setClientPublicValue(null);
}
@@ -187,7 +206,7 @@ public class PkinitPreauth extends AbstractPreauthPlugin {
}
private byte[] signAuthPack(PkinitContext pkinitContext,
- PkinitRequestContext reqCtx, AuthPack authPack) {
+ PkinitRequestContext reqCtx, AuthPack authPack) {
return null;
}
@@ -203,12 +222,15 @@ public class PkinitPreauth extends AbstractPreauthPlugin {
kdcRequest.setAsKey(asKey);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean tryAgain(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataType preauthType,
- PaData errPadata,
- PaData outPadata) {
+ PluginRequestContext requestContext,
+ PaDataType preauthType,
+ PaData errPadata,
+ PaData outPadata) {
PkinitRequestContext reqCtx = (PkinitRequestContext) requestContext;
if (reqCtx.paType != preauthType && errPadata == null) {
@@ -217,9 +239,9 @@ public class PkinitPreauth extends AbstractPreauthPlugin {
boolean doAgain = false;
for (PaDataEntry pde : errPadata.getElements()) {
- // switch (pde.getPaDataType()) {
- // TODO
- // }
+ // switch (pde.getPaDataType()) {
+ // TODO
+ // }
System.out.println();
}
@@ -230,6 +252,9 @@ public class PkinitPreauth extends AbstractPreauthPlugin {
return false;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public PaFlags getFlags(PaDataType paType) {
PaFlags paFlags = new PaFlags(0);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
index e43979e..4ed5ec6 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/preauth/token/TokenPreauth.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.client.preauth.token;
@@ -53,11 +53,18 @@ public class TokenPreauth extends AbstractPreauthPlugin {
super(new TokenPreauthMeta());
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public void init(KrbContext context) {
super.init(context);
this.tokenContext = new TokenContext();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public PluginRequestContext initRequestContext(KdcRequest kdcRequest) {
TokenRequestContext reqCtx = new TokenRequestContext();
@@ -65,18 +72,27 @@ public class TokenPreauth extends AbstractPreauthPlugin {
return reqCtx;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void prepareQuestions(KdcRequest kdcRequest,
PluginRequestContext requestContext) {
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public List<EncryptionType> getEncTypes(KdcRequest kdcRequest,
PluginRequestContext requestContext) {
return Collections.emptyList();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setPreauthOptions(KdcRequest kdcRequest,
PluginRequestContext requestContext,
@@ -97,6 +113,10 @@ public class TokenPreauth extends AbstractPreauthPlugin {
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public void tryFirst(KdcRequest kdcRequest,
PluginRequestContext requestContext,
PaData outPadata) throws KrbException {
@@ -106,6 +126,9 @@ public class TokenPreauth extends AbstractPreauthPlugin {
outPadata.addElement(makeEntry(kdcRequest));
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean process(KdcRequest kdcRequest,
PluginRequestContext requestContext,
@@ -119,15 +142,21 @@ public class TokenPreauth extends AbstractPreauthPlugin {
return true;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean tryAgain(KdcRequest kdcRequest,
- PluginRequestContext requestContext,
- PaDataType preauthType,
- PaData errPadata,
- PaData outPadata) {
+ PluginRequestContext requestContext,
+ PaDataType preauthType,
+ PaData errPadata,
+ PaData outPadata) {
return false;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public PaFlags getFlags(PaDataType paType) {
PaFlags paFlags = new PaFlags(0);
@@ -136,6 +165,12 @@ public class TokenPreauth extends AbstractPreauthPlugin {
return paFlags;
}
+ /**
+ * Make padata entry.
+ *
+ * @param kdcRequest The kdc request
+ * @return PaDataEntry to be made.
+ */
private PaDataEntry makeEntry(KdcRequest kdcRequest) throws KrbException {
KOptions options = kdcRequest.getPreauthOptions();
@@ -157,7 +192,7 @@ public class TokenPreauth extends AbstractPreauthPlugin {
tokenPa.setTokenInfo(info);
EncryptedData paDataValue = EncryptionUtil.seal(tokenPa,
- kdcRequest.getAsKey(), KeyUsage.PA_TOKEN);
+ kdcRequest.getAsKey(), KeyUsage.PA_TOKEN);
PaDataEntry paDataEntry = new PaDataEntry();
paDataEntry.setPaDataType(PaDataType.TOKEN_REQUEST);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbToken.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbToken.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbToken.java
index 730cc35..ba5d1ac 100644
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbToken.java
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/base/KrbToken.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.spec.base;
@@ -36,10 +36,10 @@ import java.util.List;
import java.util.Map;
/**
- KRB-TOKEN_VALUE ::= SEQUENCE {
- token-format [0] INTEGER,
- token-value [1] OCTET STRING,
- }
+ * KRB-TOKEN_VALUE ::= SEQUENCE {
+ * token-format [0] INTEGER,
+ * token-value [1] OCTET STRING,
+ * }
*/
public class KrbToken extends KrbSequenceType implements AuthToken {
private static TokenEncoder tokenEncoder;
@@ -50,15 +50,25 @@ public class KrbToken extends KrbSequenceType implements AuthToken {
private AuthToken innerToken = null;
- static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+ static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[]{
new Asn1FieldInfo(TOKEN_FORMAT, 0, Asn1Integer.class),
new Asn1FieldInfo(TOKEN_VALUE, 1, Asn1OctetString.class)
};
+
+ /**
+ * Default constructor.
+ */
public KrbToken() {
super(fieldInfos);
}
+ /**
+ * Construct with prepared authToken and token format.
+ *
+ * @param authToken The authToken
+ * @param format The token format
+ */
public KrbToken(AuthToken authToken, TokenFormat format) {
this();
@@ -72,10 +82,18 @@ public class KrbToken extends KrbSequenceType implements AuthToken {
}
}
+ /**
+ * Get AuthToken.
+ *
+ * @return The inner token.
+ */
public AuthToken getAuthToken() {
return innerToken;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void decode(ByteBuffer content) throws IOException {
super.decode(content);
@@ -83,6 +101,9 @@ public class KrbToken extends KrbSequenceType implements AuthToken {
setTokenType();
}
+ /**
+ * Set token type.
+ */
private void setTokenType() {
List<String> audiences = this.innerToken.getAudiences();
if (audiences.size() == 1 && audiences.get(0).startsWith(KrbConstant.TGS_PRINCIPAL)) {
@@ -92,6 +113,9 @@ public class KrbToken extends KrbSequenceType implements AuthToken {
}
}
+ /**
+ * Get token encoder.
+ */
private static TokenEncoder getTokenEncoder() {
if (tokenEncoder == null) {
tokenEncoder = KrbRuntime.getTokenProvider().createTokenEncoder();
@@ -99,6 +123,9 @@ public class KrbToken extends KrbSequenceType implements AuthToken {
return tokenEncoder;
}
+ /**
+ * Get token decoder.
+ */
private static TokenDecoder getTokenDecoder() {
if (tokenDecoder == null) {
tokenDecoder = KrbRuntime.getTokenProvider().createTokenDecoder();
@@ -106,118 +133,190 @@ public class KrbToken extends KrbSequenceType implements AuthToken {
return tokenDecoder;
}
+ /**
+ * Get token format.
+ */
public TokenFormat getTokenFormat() {
Integer value = getFieldAsInteger(TOKEN_FORMAT);
return TokenFormat.fromValue(value);
}
+ /**
+ * Set token format.
+ */
public void setTokenFormat(TokenFormat tokenFormat) {
setFieldAsInt(TOKEN_FORMAT, tokenFormat.getValue());
}
+ /**
+ * Get token value.
+ */
public byte[] getTokenValue() {
return getFieldAsOctets(TOKEN_VALUE);
}
+ /**
+ * Set token value.
+ */
public void setTokenValue(byte[] tokenValue) {
setFieldAsOctets(TOKEN_VALUE, tokenValue);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getSubject() {
return innerToken.getSubject();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setSubject(String sub) {
innerToken.setSubject(sub);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getIssuer() {
return innerToken.getIssuer();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setIssuer(String issuer) {
innerToken.setIssuer(issuer);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public List<String> getAudiences() {
return innerToken.getAudiences();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setAudiences(List<String> audiences) {
innerToken.setAudiences(audiences);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean isIdToken() {
return innerToken.isIdToken();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void isIdToken(boolean isIdToken) {
innerToken.isIdToken(isIdToken);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean isAcToken() {
return innerToken.isAcToken();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void isAcToken(boolean isAcToken) {
innerToken.isAcToken(isAcToken);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean isBearerToken() {
return innerToken.isBearerToken();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public boolean isHolderOfKeyToken() {
return innerToken.isHolderOfKeyToken();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public Date getExpiredTime() {
return innerToken.getExpiredTime();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setExpirationTime(Date exp) {
innerToken.setExpirationTime(exp);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public Date getNotBeforeTime() {
return innerToken.getNotBeforeTime();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setNotBeforeTime(Date nbt) {
innerToken.setNotBeforeTime(nbt);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public Date getIssueTime() {
return innerToken.getIssueTime();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setIssueTime(Date iat) {
innerToken.setIssueTime(iat);
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public Map<String, Object> getAttributes() {
return innerToken.getAttributes();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void addAttribute(String name, Object value) {
innerToken.addAttribute(name, value);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
index 2509619..fb56038 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcHandler.java
@@ -47,10 +47,23 @@ public class KdcHandler {
private static final Logger LOG = LoggerFactory.getLogger(KdcHandler.class);
private final KdcContext kdcContext;
+ /**
+ * Constructor with kdc context.
+ *
+ * @param kdcContext
+ */
public KdcHandler(KdcContext kdcContext) {
this.kdcContext = kdcContext;
}
+ /**
+ * Process the client request message.
+ *
+ * @param receivedMessage The client request message
+ * @param isTcp
+ * @param remoteAddress Address from remote side
+ * @return The response message
+ */
public ByteBuffer handleMessage(ByteBuffer receivedMessage, boolean isTcp,
InetAddress remoteAddress) throws KrbException {
KrbMessage krbRequest;
@@ -116,6 +129,13 @@ public class KdcHandler {
return responseMessage;
}
+ /**
+ * Process the recoverable exception.
+ *
+ * @param e The exception return by kdc
+ * @param kdcRequest
+ * @return The KrbError
+ */
private KrbMessage handleRecoverableException(KdcRecoverableException e,
KdcRequest kdcRequest)
throws KrbException {
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
index 61031fb..36e52af 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
@@ -203,6 +203,9 @@ public class KdcServer {
return innerKdc.getIdentityBackend();
}
+ /**
+ * Initialize.
+ */
public void init() throws KrbException {
if (startupOptions.contains(KdcServerOption.INNER_KDC_IMPL)) {
innerKdc = (InternalKdcServer) startupOptions.getOptionValue(
@@ -214,6 +217,9 @@ public class KdcServer {
innerKdc.init();
}
+ /**
+ * Start the KDC server.
+ */
public void start() throws KrbException {
if (innerKdc == null) {
throw new RuntimeException("Not init yet");
@@ -221,6 +227,9 @@ public class KdcServer {
innerKdc.start();
}
+ /**
+ * Stop the KDC server.
+ */
public void stop() throws KrbException {
if (innerKdc != null) {
innerKdc.stop();
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java
index c73b800..b76f91f 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
- *
+ *
*/
package org.apache.kerby.kerberos.kerb.server;
@@ -62,29 +62,49 @@ public enum KdcServerOption implements KOption {
this.type = type;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getOptionName() {
return name();
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public void setType(KOptionType type) {
this.type = type;
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public KOptionType getType() {
return this.type;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setName(String name) {
this.name = name;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setDescription(String description) {
this.description = description;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getName() {
if (name != null) {
@@ -93,16 +113,25 @@ public enum KdcServerOption implements KOption {
return name();
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public String getDescription() {
return this.description;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public void setValue(Object value) {
this.value = value;
}
+ /**
+ * {@inheritDoc}
+ */
@Override
public Object getValue() {
return value;