From 5265a317bb9dbee050e5635a1b63917b36729ed3 Mon Sep 17 00:00:00 2001 From: adam Date: Wed, 28 Feb 2007 06:47:44 +0000 Subject: [PATCH] added KerberosAuth darcs-hash:20070228064744-5007d-fc87cabad76a85ea73824d02d94461e74a21500e.gz --- src/org/ibex/crypto/KerberosAuth.java | 86 +++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 src/org/ibex/crypto/KerberosAuth.java diff --git a/src/org/ibex/crypto/KerberosAuth.java b/src/org/ibex/crypto/KerberosAuth.java new file mode 100644 index 0000000..2b52462 --- /dev/null +++ b/src/org/ibex/crypto/KerberosAuth.java @@ -0,0 +1,86 @@ +// Copyright 2006 the Contributors, as shown in the revision logs. +// Licensed under the Apache Public Source License 2.0 ("the License"). +// You may not use this file except in compliance with the License. + +package org.ibex.crypto; +import javax.security.auth.*; +import javax.security.auth.login.*; +import javax.security.auth.callback.*; +import java.util.*; +import java.io.*; +import org.ibex.util.*; +import java.util.*; +import java.io.*; + +/** + * Another big, gross hack. + */ +public class KerberosAuth { + + private final String realm; + private final String kdc; + + /** JAAS doesn't know how to do KDC discovery via DNS */ + public KerberosAuth(String realm, String kdc) { + this.realm = realm; + this.kdc = kdc; + } + + public boolean auth(final String name, final String pass) { + try { + synchronized(KerberosAuth.class) { + System.setProperty("java.security.krb5.realm", realm); + System.setProperty("java.security.krb5.kdc", kdc); + Configuration.setConfiguration(new Configuration() { + public AppConfigurationEntry[] getAppConfigurationEntry(String appName) { + Map map = new HashMap(); + return new AppConfigurationEntry[] { + new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", + AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, map) + }; + } + public void refresh() { } + }); + LoginContext lc = + new LoginContext(name, + new CallbackHandler() { + public void handle(Callback[] callbacks) + throws IOException, UnsupportedCallbackException { + for (int i = 0; i < callbacks.length; i++) { + if (callbacks[i] instanceof TextOutputCallback) { + TextOutputCallback toc = (TextOutputCallback)callbacks[i]; + switch (toc.getMessageType()) { + case TextOutputCallback.INFORMATION: break; + case TextOutputCallback.ERROR: throw new RuntimeException(toc.getMessage()); + case TextOutputCallback.WARNING: + Log.warn(this, toc.getMessage()); + break; + default: + throw new RuntimeException("Unsupported message type: " + + toc.getMessageType()); + } + + } else if (callbacks[i] instanceof NameCallback) { + NameCallback nc = (NameCallback)callbacks[i]; + nc.setName(name); + + } else if (callbacks[i] instanceof PasswordCallback) { + PasswordCallback pc = (PasswordCallback)callbacks[i]; + pc.setPassword(pass.toCharArray()); + + } else { + throw new UnsupportedCallbackException + (callbacks[i], "Unrecognized Callback"); + } + } + } + }); + lc.login(); + return lc.getSubject()!=null; + } + } catch (Exception e) { + Log.warn(this, e); + return false; + } + } +} -- 1.7.10.4