cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Backporting Kerberos patch
Date Mon, 07 Sep 2015 10:09:37 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes ce0c48bbb -> 66eac9bc0


Backporting Kerberos patch


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/66eac9bc
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/66eac9bc
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/66eac9bc

Branch: refs/heads/3.0.x-fixes
Commit: 66eac9bc09a59a9781022886f02477f2d2ed0d09
Parents: ce0c48b
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Sep 7 11:09:28 2015 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Sep 7 11:09:28 2015 +0100

----------------------------------------------------------------------
 .../http/auth/AbstractSpnegoAuthSupplier.java   | 37 +++++++++++++++++---
 1 file changed, 33 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/66eac9bc/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
index 713b55c..a59a6bf 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
@@ -18,6 +18,7 @@
  */
 package org.apache.cxf.transport.http.auth;
 
+import java.net.InetAddress;
 import java.net.URI;
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
@@ -62,6 +63,7 @@ public abstract class AbstractSpnegoAuthSupplier {
     private boolean credDelegation;
     private Configuration loginConfig;
     private Oid serviceNameType;
+    private boolean useCanonicalHostname;
     
     public String getAuthorization(AuthorizationPolicy authPolicy,
                                    URI currentURI,
@@ -154,8 +156,17 @@ public abstract class AbstractSpnegoAuthSupplier {
     }
 
     protected String getCompleteServicePrincipalName(URI currentURI) {
-        String name = servicePrincipalName == null 
-            ? "HTTP/" + currentURI.getHost() : servicePrincipalName;
+        String name;
+        
+        if (servicePrincipalName == null) {
+            String host = currentURI.getHost();
+            if (useCanonicalHostname) {
+                host = getCanonicalHostname(host);
+            }
+            name = "HTTP/" + host;
+        } else {
+            name = servicePrincipalName;
+        }
         if (realm != null) {            
             name += "@" + realm;
         }
@@ -163,10 +174,20 @@ public abstract class AbstractSpnegoAuthSupplier {
             LOG.fine("Service Principal Name is " + name);
         }
         return name;
-            
-            
     }
     
+    private String getCanonicalHostname(String hostname) {
+        String canonicalHostname = hostname;
+        try {
+            InetAddress in = InetAddress.getByName(hostname);
+            canonicalHostname = in.getCanonicalHostName();
+            LOG.fine("resolved hostname=" + hostname + " to canonicalHostname=" + canonicalHostname);
+        } catch (Exception e) {
+            LOG.log(Level.WARNING, "unable to resolve canonical hostname", e);
+        }
+        return canonicalHostname;
+    }
+
     public void setServicePrincipalName(String servicePrincipalName) {
         this.servicePrincipalName = servicePrincipalName;
     }
@@ -175,6 +196,14 @@ public abstract class AbstractSpnegoAuthSupplier {
         this.realm = realm;
     }
     
+    public boolean isUseCanonicalHostname() {
+        return useCanonicalHostname;
+    }
+
+    public void setUseCanonicalHostname(boolean useCanonicalHostname) {
+        this.useCanonicalHostname = useCanonicalHostname;
+    }
+    
     private final class CreateServiceTicketAction implements PrivilegedExceptionAction<byte[]>
{
         private final GSSContext context;
         private final byte[] token;


Mime
View raw message