--- /dev/null
+// Copyright 2006 the Contributors, as shown in the revision logs.
+// Licensed under the Apache Public Source License 2.0 ("the License").
+// You may not use this file except in compliance with the License.
+
+package org.ibex.crypto;
+import javax.security.auth.*;
+import javax.security.auth.login.*;
+import javax.security.auth.callback.*;
+import java.util.*;
+import java.io.*;
+import org.ibex.util.*;
+import java.util.*;
+import java.io.*;
+
+/**
+ * Another big, gross hack.
+ */
+public class KerberosAuth {
+
+ private final String realm;
+ private final String kdc;
+
+ /** JAAS doesn't know how to do KDC discovery via DNS */
+ public KerberosAuth(String realm, String kdc) {
+ this.realm = realm;
+ this.kdc = kdc;
+ }
+
+ public boolean auth(final String name, final String pass) {
+ try {
+ synchronized(KerberosAuth.class) {
+ System.setProperty("java.security.krb5.realm", realm);
+ System.setProperty("java.security.krb5.kdc", kdc);
+ Configuration.setConfiguration(new Configuration() {
+ public AppConfigurationEntry[] getAppConfigurationEntry(String appName) {
+ Map map = new HashMap<String,String>();
+ return new AppConfigurationEntry[] {
+ new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule",
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, map)
+ };
+ }
+ public void refresh() { }
+ });
+ LoginContext lc =
+ new LoginContext(name,
+ new CallbackHandler() {
+ public void handle(Callback[] callbacks)
+ throws IOException, UnsupportedCallbackException {
+ for (int i = 0; i < callbacks.length; i++) {
+ if (callbacks[i] instanceof TextOutputCallback) {
+ TextOutputCallback toc = (TextOutputCallback)callbacks[i];
+ switch (toc.getMessageType()) {
+ case TextOutputCallback.INFORMATION: break;
+ case TextOutputCallback.ERROR: throw new RuntimeException(toc.getMessage());
+ case TextOutputCallback.WARNING:
+ Log.warn(this, toc.getMessage());
+ break;
+ default:
+ throw new RuntimeException("Unsupported message type: " +
+ toc.getMessageType());
+ }
+
+ } else if (callbacks[i] instanceof NameCallback) {
+ NameCallback nc = (NameCallback)callbacks[i];
+ nc.setName(name);
+
+ } else if (callbacks[i] instanceof PasswordCallback) {
+ PasswordCallback pc = (PasswordCallback)callbacks[i];
+ pc.setPassword(pass.toCharArray());
+
+ } else {
+ throw new UnsupportedCallbackException
+ (callbacks[i], "Unrecognized Callback");
+ }
+ }
+ }
+ });
+ lc.login();
+ return lc.getSubject()!=null;
+ }
+ } catch (Exception e) {
+ Log.warn(this, e);
+ return false;
+ }
+ }
+}