/** * Logout and log back in with the Kerberos identity. */ void renew() { try { // Lock on the instance of KerberosUtil synchronized (utilInstance) { Entry<LoginContext, Subject> pair = utilInstance.login(context, conf, subject); context = pair.getKey(); subject = pair.getValue(); } } catch (Exception e) { throw new RuntimeException("Failed to perform kerberos login"); } }
/** * Logout and log back in with the Kerberos identity. */ void renew() { try { // Lock on the instance of KerberosUtil synchronized (utilInstance) { Entry<LoginContext, Subject> pair = utilInstance.login(context, conf, subject); context = pair.getKey(); subject = pair.getValue(); } } catch (Exception e) { throw new RuntimeException("Failed to perform kerberos login"); } }
/** * Performs a Kerberos login given the {@code principal} and {@code keytab}. * * @return The {@code Subject} and {@code LoginContext} from the successful login. * @throws RuntimeException if the login failed */ Entry<LoginContext, Subject> performKerberosLogin() { // Loosely based on Apache Kerby's JaasKrbUtil class // Synchronized by the caller // Create a KerberosPrincipal given the principal. final Set<Principal> principals = new HashSet<Principal>(); principals.add(new KerberosPrincipal(principal)); final Subject subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>()); try { return login(null, jaasConf, subject); } catch (Exception e) { throw new RuntimeException("Failed to perform Kerberos login"); } }
/** * Performs a Kerberos login given the {@code principal} and {@code keytab}. * * @return The {@code Subject} and {@code LoginContext} from the successful login. * @throws RuntimeException if the login failed */ Entry<LoginContext, Subject> performKerberosLogin() { // Loosely based on Apache Kerby's JaasKrbUtil class // Synchronized by the caller // Create a KerberosPrincipal given the principal. final Set<Principal> principals = new HashSet<Principal>(); principals.add(new KerberosPrincipal(principal)); final Subject subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>()); try { return login(null, jaasConf, subject); } catch (Exception e) { throw new RuntimeException("Failed to perform Kerberos login"); } }
@Test public void noPreviousContextOnLogin() throws Exception { KerberosConnection krbUtil = mock(KerberosConnection.class); Subject subject = new Subject(); Subject loggedInSubject = new Subject(); Configuration conf = mock(Configuration.class); LoginContext context = mock(LoginContext.class); // Call the real login(LoginContext, Configuration, Subject) method when(krbUtil.login(nullable(LoginContext.class), any(Configuration.class), any(Subject.class))) .thenCallRealMethod(); // Return a fake LoginContext when(krbUtil.createLoginContext(conf)).thenReturn(context); // Return a fake Subject from that fake LoginContext when(context.getSubject()).thenReturn(loggedInSubject); Entry<LoginContext, Subject> pair = krbUtil.login(null, conf, subject); // Verify we get the fake LoginContext and Subject assertEquals(context, pair.getKey()); assertEquals(loggedInSubject, pair.getValue()); // login should be called on the LoginContext verify(context).login(); }
@Test public void previousContextLoggedOut() throws Exception { KerberosConnection krbUtil = mock(KerberosConnection.class); Subject subject = new Subject(); Subject loggedInSubject = new Subject(); Configuration conf = mock(Configuration.class); LoginContext originalContext = mock(LoginContext.class); LoginContext context = mock(LoginContext.class); // Call the real login(LoginContext, Configuration, Subject) method when(krbUtil.login(any(LoginContext.class), any(Configuration.class), any(Subject.class))) .thenCallRealMethod(); // Return a fake LoginContext when(krbUtil.createLoginContext(conf)).thenReturn(context); // Return a fake Subject from that fake LoginContext when(context.getSubject()).thenReturn(loggedInSubject); Entry<LoginContext, Subject> pair = krbUtil.login(originalContext, conf, subject); // Verify we get the fake LoginContext and Subject assertEquals(context, pair.getKey()); assertEquals(loggedInSubject, pair.getValue()); verify(originalContext).logout(); // login should be called on the LoginContext verify(context).login(); }
@Test public void noPreviousContextOnLogin() throws Exception { KerberosConnection krbUtil = mock(KerberosConnection.class); Subject subject = new Subject(); Subject loggedInSubject = new Subject(); Configuration conf = mock(Configuration.class); LoginContext context = mock(LoginContext.class); // Call the real login(LoginContext, Configuration, Subject) method when(krbUtil.login(nullable(LoginContext.class), any(Configuration.class), any(Subject.class))) .thenCallRealMethod(); // Return a fake LoginContext when(krbUtil.createLoginContext(conf)).thenReturn(context); // Return a fake Subject from that fake LoginContext when(context.getSubject()).thenReturn(loggedInSubject); Entry<LoginContext, Subject> pair = krbUtil.login(null, conf, subject); // Verify we get the fake LoginContext and Subject assertEquals(context, pair.getKey()); assertEquals(loggedInSubject, pair.getValue()); // login should be called on the LoginContext verify(context).login(); }
@Test public void previousContextLoggedOut() throws Exception { KerberosConnection krbUtil = mock(KerberosConnection.class); Subject subject = new Subject(); Subject loggedInSubject = new Subject(); Configuration conf = mock(Configuration.class); LoginContext originalContext = mock(LoginContext.class); LoginContext context = mock(LoginContext.class); // Call the real login(LoginContext, Configuration, Subject) method when(krbUtil.login(any(LoginContext.class), any(Configuration.class), any(Subject.class))) .thenCallRealMethod(); // Return a fake LoginContext when(krbUtil.createLoginContext(conf)).thenReturn(context); // Return a fake Subject from that fake LoginContext when(context.getSubject()).thenReturn(loggedInSubject); Entry<LoginContext, Subject> pair = krbUtil.login(originalContext, conf, subject); // Verify we get the fake LoginContext and Subject assertEquals(context, pair.getKey()); assertEquals(loggedInSubject, pair.getValue()); verify(originalContext).logout(); // login should be called on the LoginContext verify(context).login(); }
@Override public Meta createMeta(AvaticaConnection connection) { final ConnectionConfig config = connection.config(); // Perform the login and launch the renewal thread if necessary final KerberosConnection kerberosUtil = createKerberosUtility(config); if (null != kerberosUtil) { kerberosUtil.login(); connection.setKerberosConnection(kerberosUtil); } // Create a single Service and set it on the Connection instance final Service service = createService(connection, config); connection.setService(service); return new RemoteMeta(connection, service); }
@Override public Meta createMeta(AvaticaConnection connection) { final ConnectionConfig config = connection.config(); // Perform the login and launch the renewal thread if necessary final KerberosConnection kerberosUtil = createKerberosUtility(config); if (null != kerberosUtil) { kerberosUtil.login(); connection.setKerberosConnection(kerberosUtil); } // Create a single Service and set it on the Connection instance final Service service = createService(connection, config); connection.setService(service); return new RemoteMeta(connection, service); }