private String setJaasConfiguration(Properties config) throws Exception { String keytabFile = config.getProperty(ZOOKEEPER_KERBEROS_KEYTAB).trim(); if (keytabFile == null || keytabFile.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_KEYTAB + " must be specified"); } String principal = config.getProperty(ZOOKEEPER_KERBEROS_PRINCIPAL) .trim(); if (principal == null || principal.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_PRINCIPAL + " must be specified"); } // This is equivalent to writing a jaas.conf file and setting the system // property, "java.security.auth.login.config", to point to it JaasConfiguration jConf = new JaasConfiguration(JAAS_LOGIN_ENTRY_NAME, principal, keytabFile); Configuration.setConfiguration(jConf); return principal.split("[/@]")[0]; }
/** * Add an entry to the jaas configuration with the passed in name, * principal, and keytab. The other necessary options will be set for you. * * @param entryName The name of the entry (e.g. "Client") * @param principal The principal of the user * @param keytab The location of the keytab */ public JaasConfiguration(String entryName, String principal, String keytab) { this.entryName = entryName; Map<String, String> options = new HashMap<String, String>(); options.put("keyTab", keytab); options.put("principal", principal); options.put("useKeyTab", "true"); options.put("storeKey", "true"); options.put("useTicketCache", "false"); options.put("refreshKrb5Config", "true"); String jaasEnvVar = System.getenv("HADOOP_JAAS_DEBUG"); if (jaasEnvVar != null && "true".equalsIgnoreCase(jaasEnvVar)) { options.put("debug", "true"); } entry = new AppConfigurationEntry[]{ new AppConfigurationEntry(getKrb5LoginModuleName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options)}; }
@Test public void test() throws Exception { String krb5LoginModuleName; if (System.getProperty("java.vendor").contains("IBM")) { krb5LoginModuleName = "com.ibm.security.auth.module.Krb5LoginModule"; } else { krb5LoginModuleName = "com.sun.security.auth.module.Krb5LoginModule"; } ZKSignerSecretProvider.JaasConfiguration jConf = new ZKSignerSecretProvider.JaasConfiguration("foo", "foo/localhost", "/some/location/foo.keytab"); AppConfigurationEntry[] entries = jConf.getAppConfigurationEntry("bar"); Assert.assertNull(entries); entries = jConf.getAppConfigurationEntry("foo"); Assert.assertEquals(1, entries.length); AppConfigurationEntry entry = entries[0]; Assert.assertEquals(AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, entry.getControlFlag()); Assert.assertEquals(krb5LoginModuleName, entry.getLoginModuleName()); Map<String, ?> options = entry.getOptions(); Assert.assertEquals("/some/location/foo.keytab", options.get("keyTab")); Assert.assertEquals("foo/localhost", options.get("principal")); Assert.assertEquals("true", options.get("useKeyTab")); Assert.assertEquals("true", options.get("storeKey")); Assert.assertEquals("false", options.get("useTicketCache")); Assert.assertEquals("true", options.get("refreshKrb5Config")); Assert.assertEquals(6, options.size()); } }
@Test public void test() throws Exception { String krb5LoginModuleName; if (System.getProperty("java.vendor").contains("IBM")) { krb5LoginModuleName = "com.ibm.security.auth.module.Krb5LoginModule"; } else { krb5LoginModuleName = "com.sun.security.auth.module.Krb5LoginModule"; } ZKSignerSecretProvider.JaasConfiguration jConf = new ZKSignerSecretProvider.JaasConfiguration("foo", "foo/localhost", "/some/location/foo.keytab"); AppConfigurationEntry[] entries = jConf.getAppConfigurationEntry("bar"); Assert.assertNull(entries); entries = jConf.getAppConfigurationEntry("foo"); Assert.assertEquals(1, entries.length); AppConfigurationEntry entry = entries[0]; Assert.assertEquals(AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, entry.getControlFlag()); Assert.assertEquals(krb5LoginModuleName, entry.getLoginModuleName()); Map<String, ?> options = entry.getOptions(); Assert.assertEquals("/some/location/foo.keytab", options.get("keyTab")); Assert.assertEquals("foo/localhost", options.get("principal")); Assert.assertEquals("true", options.get("useKeyTab")); Assert.assertEquals("true", options.get("storeKey")); Assert.assertEquals("false", options.get("useTicketCache")); Assert.assertEquals("true", options.get("refreshKrb5Config")); Assert.assertEquals(6, options.size()); } }
/** * Add an entry to the jaas configuration with the passed in name, * principal, and keytab. The other necessary options will be set for you. * * @param entryName The name of the entry (e.g. "Client") * @param principal The principal of the user * @param keytab The location of the keytab */ public JaasConfiguration(String entryName, String principal, String keytab) { this.entryName = entryName; Map<String, String> options = new HashMap<String, String>(); options.put("keyTab", keytab); options.put("principal", principal); options.put("useKeyTab", "true"); options.put("storeKey", "true"); options.put("useTicketCache", "false"); options.put("refreshKrb5Config", "true"); String jaasEnvVar = System.getenv("HADOOP_JAAS_DEBUG"); if (jaasEnvVar != null && "true".equalsIgnoreCase(jaasEnvVar)) { options.put("debug", "true"); } entry = new AppConfigurationEntry[]{ new AppConfigurationEntry(getKrb5LoginModuleName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options)}; }
/** * Add an entry to the jaas configuration with the passed in name, * principal, and keytab. The other necessary options will be set for you. * * @param entryName The name of the entry (e.g. "Client") * @param principal The principal of the user * @param keytab The location of the keytab */ public JaasConfiguration(String entryName, String principal, String keytab) { this.entryName = entryName; Map<String, String> options = new HashMap<String, String>(); options.put("keyTab", keytab); options.put("principal", principal); options.put("useKeyTab", "true"); options.put("storeKey", "true"); options.put("useTicketCache", "false"); options.put("refreshKrb5Config", "true"); String jaasEnvVar = System.getenv("HADOOP_JAAS_DEBUG"); if (jaasEnvVar != null && "true".equalsIgnoreCase(jaasEnvVar)) { options.put("debug", "true"); } entry = new AppConfigurationEntry[]{ new AppConfigurationEntry(getKrb5LoginModuleName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options)}; }
/** * Add an entry to the jaas configuration with the passed in name, * principal, and keytab. The other necessary options will be set for you. * * @param entryName The name of the entry (e.g. "Client") * @param principal The principal of the user * @param keytab The location of the keytab */ public JaasConfiguration(String entryName, String principal, String keytab) { this.entryName = entryName; Map<String, String> options = new HashMap<String, String>(); options.put("keyTab", keytab); options.put("principal", principal); options.put("useKeyTab", "true"); options.put("storeKey", "true"); options.put("useTicketCache", "false"); options.put("refreshKrb5Config", "true"); String jaasEnvVar = System.getenv("HADOOP_JAAS_DEBUG"); if (jaasEnvVar != null && "true".equalsIgnoreCase(jaasEnvVar)) { options.put("debug", "true"); } entry = new AppConfigurationEntry[]{ new AppConfigurationEntry(getKrb5LoginModuleName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options)}; }
/** * Add an entry to the jaas configuration with the passed in name, * principal, and keytab. The other necessary options will be set for you. * * @param entryName The name of the entry (e.g. "Client") * @param principal The principal of the user * @param keytab The location of the keytab */ public JaasConfiguration(String entryName, String principal, String keytab) { this.entryName = entryName; Map<String, String> options = new HashMap<String, String>(); options.put("keyTab", keytab); options.put("principal", principal); options.put("useKeyTab", "true"); options.put("storeKey", "true"); options.put("useTicketCache", "false"); options.put("refreshKrb5Config", "true"); String jaasEnvVar = System.getenv("HADOOP_JAAS_DEBUG"); if (jaasEnvVar != null && "true".equalsIgnoreCase(jaasEnvVar)) { options.put("debug", "true"); } entry = new AppConfigurationEntry[]{ new AppConfigurationEntry(getKrb5LoginModuleName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options)}; }
private String setJaasConfiguration(Properties config) throws Exception { String keytabFile = config.getProperty(ZOOKEEPER_KERBEROS_KEYTAB).trim(); if (keytabFile == null || keytabFile.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_KEYTAB + " must be specified"); } String principal = config.getProperty(ZOOKEEPER_KERBEROS_PRINCIPAL) .trim(); if (principal == null || principal.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_PRINCIPAL + " must be specified"); } // This is equivalent to writing a jaas.conf file and setting the system // property, "java.security.auth.login.config", to point to it JaasConfiguration jConf = new JaasConfiguration(JAAS_LOGIN_ENTRY_NAME, principal, keytabFile); Configuration.setConfiguration(jConf); return principal.split("[/@]")[0]; }
private String setJaasConfiguration(Properties config) throws Exception { String keytabFile = config.getProperty(ZOOKEEPER_KERBEROS_KEYTAB).trim(); if (keytabFile == null || keytabFile.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_KEYTAB + " must be specified"); } String principal = config.getProperty(ZOOKEEPER_KERBEROS_PRINCIPAL) .trim(); if (principal == null || principal.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_PRINCIPAL + " must be specified"); } // This is equivalent to writing a jaas.conf file and setting the system // property, "java.security.auth.login.config", to point to it JaasConfiguration jConf = new JaasConfiguration(JAAS_LOGIN_ENTRY_NAME, principal, keytabFile); Configuration.setConfiguration(jConf); return principal.split("[/@]")[0]; }
private String setJaasConfiguration(Properties config) throws Exception { String keytabFile = config.getProperty(ZOOKEEPER_KERBEROS_KEYTAB).trim(); if (keytabFile == null || keytabFile.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_KEYTAB + " must be specified"); } String principal = config.getProperty(ZOOKEEPER_KERBEROS_PRINCIPAL) .trim(); if (principal == null || principal.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_PRINCIPAL + " must be specified"); } // This is equivalent to writing a jaas.conf file and setting the system // property, "java.security.auth.login.config", to point to it JaasConfiguration jConf = new JaasConfiguration(JAAS_LOGIN_ENTRY_NAME, principal, keytabFile); Configuration.setConfiguration(jConf); return principal.split("[/@]")[0]; }
private String setJaasConfiguration(Properties config) throws Exception { String keytabFile = config.getProperty(ZOOKEEPER_KERBEROS_KEYTAB).trim(); if (keytabFile == null || keytabFile.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_KEYTAB + " must be specified"); } String principal = config.getProperty(ZOOKEEPER_KERBEROS_PRINCIPAL) .trim(); if (principal == null || principal.length() == 0) { throw new IllegalArgumentException(ZOOKEEPER_KERBEROS_PRINCIPAL + " must be specified"); } // This is equivalent to writing a jaas.conf file and setting the system // property, "java.security.auth.login.config", to point to it JaasConfiguration jConf = new JaasConfiguration(JAAS_LOGIN_ENTRY_NAME, principal, keytabFile); Configuration.setConfiguration(jConf); return principal.split("[/@]")[0]; }