directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dran...@apache.org
Subject [1/2] directory-kerberos git commit: Refined kinit tool
Date Mon, 16 Mar 2015 08:09:25 GMT
Repository: directory-kerberos
Updated Branches:
  refs/heads/master d8c8344c1 -> 37895fa08


Refined kinit tool


Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/b01cd2db
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/b01cd2db
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/b01cd2db

Branch: refs/heads/master
Commit: b01cd2db82849ea7fc165ee5c09edc129f46767a
Parents: 8a30c1e
Author: Drankye <drankye@gmail.com>
Authored: Mon Mar 16 16:08:45 2015 +0800
Committer: Drankye <drankye@gmail.com>
Committed: Mon Mar 16 16:08:45 2015 +0800

----------------------------------------------------------------------
 .../apache/kerby/kerberos/tool/ToolUtil.java    |  71 ++++++
 .../apache/kerby/kerberos/tool/kinit/Kinit.java | 243 ++++++++-----------
 .../kerby/kerberos/tool/kinit/KinitOption.java  |  36 ++-
 kerby-dist/tool-dist/bin/kinit.sh               |   2 +-
 .../kerby/kerberos/kerb/client/KOption.java     |   4 +
 .../kerby/kerberos/kerb/client/KOptionType.java |  33 +++
 .../kerby/kerberos/kerb/client/KrbClient.java   |  27 +++
 .../kerby/kerberos/kerb/client/KrbOption.java   |  56 +++--
 8 files changed, 297 insertions(+), 175 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/ToolUtil.java
----------------------------------------------------------------------
diff --git a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/ToolUtil.java
b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/ToolUtil.java
new file mode 100644
index 0000000..6e81d9e
--- /dev/null
+++ b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/ToolUtil.java
@@ -0,0 +1,71 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+package org.apache.kerby.kerberos.tool;
+
+import org.apache.kerby.kerberos.kerb.client.KOption;
+import org.apache.kerby.kerberos.kerb.client.KOptionType;
+
+import java.io.File;
+
+/**
+ * Tool utilities.
+ */
+public class ToolUtil {
+
+    /**
+     * Parse string value according to kopt type.
+     * @param kopt
+     * @param strValue
+     * @return true when successful, false otherwise
+     */
+    public static boolean parseSetValue(KOption kopt, String strValue) {
+        KOptionType kt = kopt.getType();
+        if (kt == KOptionType.NOV) {
+            return true; // no need of a value
+        }
+        if (strValue == null || strValue.isEmpty()) {
+            return false;
+        }
+
+        if (kt == KOptionType.FILE) {
+            // May check file sanity
+            kopt.setValue(new File(strValue));
+        } else if (kt == KOptionType.DIR) {
+            File dir = new File(strValue);
+            if (! dir.exists()) {
+                throw new IllegalArgumentException("Invalid dir:" + strValue);
+            }
+            kopt.setValue(dir);
+        } else if (kt == KOptionType.INT) {
+            try {
+                Integer num = Integer.valueOf(strValue);
+                kopt.setValue(num);
+            } catch (NumberFormatException nfe) {
+                throw new IllegalArgumentException("Invalid integer:" + strValue);
+            }
+        } else if (kt == KOptionType.FILE) {
+            kopt.setValue(strValue);
+        } else {
+            throw new IllegalArgumentException("Not recognised option:" + strValue);
+        }
+
+        return true;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java
----------------------------------------------------------------------
diff --git a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java
b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java
index eb76b3a..f7cf76d 100644
--- a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java
+++ b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/Kinit.java
@@ -19,14 +19,14 @@
  */
 package org.apache.kerby.kerberos.tool.kinit;
 
-import org.apache.kerby.config.Conf;
 import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.client.KOptionType;
 import org.apache.kerby.kerberos.kerb.client.KrbClient;
-import org.apache.kerby.kerberos.kerb.client.KrbConfig;
+import org.apache.kerby.kerberos.kerb.client.KrbOptions;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.apache.kerby.kerberos.tool.ToolUtil;
 
 import java.io.Console;
-import java.io.File;
-import java.io.IOException;
 import java.util.Arrays;
 import java.util.Scanner;
 
@@ -35,113 +35,55 @@ import java.util.Scanner;
  */
 public class Kinit {
 
-    private static final String TOOL_NAME = Kinit.class.getSimpleName();
-    private static final String COMMON_USAGE = "Usage: " + TOOL_NAME +
-            " [-l lifetime]" +
-            " [-f | -F] principal\n" + "\n" +
-            "    options:\t-l lifetime\n" +
-            "\t-f forwardable\n" +
-            "\t-F not forwardable";
-
-    private void printUsage(String cmd) {
-        if ("-l".equals(cmd)) {
-            System.err.println("Usage: " + TOOL_NAME + " -l lifetime principal");
-        } else if ("-f".equals(cmd)) {
-            System.err.println("Usage: " + TOOL_NAME + " -f principal");
-        } else if ("-F".equals(cmd)) {
-            System.err.println("Usage: " + TOOL_NAME + " -F principal");
-        } else {
-            System.err.println(COMMON_USAGE);
-        }
-    }
-
-    /**
-     * args[0] is the configuration directory written in script.
-     * args[length - 1] is principal
-     */
-    private int execute(String[] args) {
-        if (args.length < 2 || args.length > 4) {
-            printUsage("");
-            return -1;
-        }
-
-        //no options
-        if (args.length == 2) {
-            return requestTicket(args, 1);
-        }
-
-        int exitCode = -1;
-        int i = 1;
-        String cmd = args[i];
-
-        //
-        // verify that we have enough option parameters
-        //
-        if ("-l".equals(cmd)) {
-            if (args.length != 4) {
-                printUsage(cmd);
-                return exitCode;
-            }
-        } else if ("-f".equals(cmd)) {
-            if (args.length != 3) {
-                printUsage(cmd);
-                return exitCode;
-            }
-        } else if ("-F".equals(cmd)) {
-            if (args.length != 3) {
-                printUsage(cmd);
-                return exitCode;
-            }
-        }
-
-        //
-        //execute the command
-        //
-        if ("-l".equals(cmd)) {
-            exitCode = ticketWithLifetime(args, i);
-        } else if ("-f".equals(cmd)) {
-            exitCode = ticketForwardable(args, i);
-        } else if ("-F".equals(cmd)) {
-            exitCode = ticketNonForwardable(args, i);
-        }
-
-        return exitCode;
-    }
-
-    /**
-     * Init the KrbClient
-     */
-    private KrbClient createClient(String confDirString) {
-        KrbConfig krbConfig = new KrbConfig();
-        Conf conf = krbConfig.getConf();
-
-        try {
-            File confDir = new File(confDirString);
-            File[] files = confDir.listFiles();
-            if (files == null) {
-                throw new IOException("There are no file in configuration directory: " +
confDirString);
-            }
-
-            for (File file : files) {
-                conf.addIniConfig(file);
-            }
-        } catch (IOException e) {
-            System.err.println("Something wrong with krb configuration.");
-            e.printStackTrace();
-        }
-
-        KrbClient krbClient = new KrbClient(krbConfig);
-        krbClient.init();
-        return krbClient;
+    private static final String USAGE =
+            "Usage: kinit [-V] [-l lifetime] [-s start_time]\n" +
+                    "\t\t[-r renewable_life] [-f | -F] [-p | -P] -n [-a | -A] [-C] [-E]\n"
+
+                    "\t\t[-v] [-R] [-k [-i|-t keytab_file]] [-c cachename]\n" +
+                    "\t\t[-S service_name] [-T ticket_armor_cache]\n" +
+                    "\t\t[-X <attribute>[=<value>]] <principal>\n\n" +
+                    "\tDESCRIPTION:\n" +
+                    "\t\tkinit obtains and caches an initial ticket-granting ticket for principal.\n\n"
+
+                    "\tOPTIONS:\n" +
+                    "\t\t-V verbose\n" +
+                    "\t\t-l lifetime\n" +
+                    "\t\t--s start time\n" +
+                    "\t\t-r renewable lifetime\n" +
+                    "\t\t-f forwardable\n" +
+                    "\t\t-F not forwardable\n" +
+                    "\t\t-p proxiable\n" +
+                    "\t\t-P not proxiable\n" +
+                    "\t\t-n anonymous\n" +
+                    "\t\t-a include addresses\n" +
+                    "\t\t-A do not include addresses\n" +
+                    "\t\t-v validate\n" +
+                    "\t\t-R renew\n" +
+                    "\t\t-C canonicalize\n" +
+                    "\t\t-E client is enterprise principal name\n" +
+                    "\t\t-k use keytab\n" +
+                    "\t\t-i use default client keytab (with -k)\n" +
+                    "\t\t-t filename of keytab to use\n" +
+                    "\t\t-c Kerberos 5 cache name\n" +
+                    "\t\t-S service\n" +
+                    "\t\t-T armor credential cache\n" +
+                    "\t\t-X <attribute>[=<value>]\n" +
+                    "\n";
+
+
+    private static void printUsage(String error) {
+        System.err.println(error + "\n");
+        System.err.println(USAGE);
+        System.exit(-1);
     }
 
     /**
      * Get password for the input principal from console
      */
-    private String getPassword(String principal) {
+    private static String getPassword(String principal) {
         Console console = System.console();
         if (console == null) {
-            System.out.println("Couldn't get Console instance, maybe you're running this
from within an IDE. Use scanner to read password.");
+            System.out.println("Couldn't get Console instance, " +
+                    "maybe you're running this from within an IDE. " +
+                    "Use scanner to read password.");
             System.out.println("Password for " + principal + ":");
             Scanner scanner = new Scanner(System.in);
             return scanner.nextLine().trim();
@@ -150,67 +92,72 @@ public class Kinit {
         char[] passwordChars = console.readPassword();
         String password = new String(passwordChars).trim();
         Arrays.fill(passwordChars, ' ');
+
         return password;
     }
 
-    private int requestTicket(String[] args, int i) {
-        String principal = args[i];
-        KrbClient client = createClient(args[0]);
+    public static int requestTicket(String principal, KrbOptions options) {
+        KrbClient krbClient = new KrbClient();
+        krbClient.init();
+
         String password = getPassword(principal);
 
         try {
-            client.requestTgtTicket(principal, password, null);
+            TgtTicket tgt = krbClient.requestTgtTicket(principal, password, null);
+            // TODO: write tgt into credentials cache.
             return 0;
         } catch (KrbException e) {
-            System.err.println("Something error.");
+            System.err.println("Error occurred:" + e.getMessage());
             return -1;
         }
     }
 
-    private int ticketWithLifetime(String[] args, int i) {
-        String lifetime = args[i];
-        String principal = args[i];
-        KrbClient client = createClient(args[0]);
-        String password = getPassword(principal);
-        try {
-            //TODO
-            return 0;
-        } catch (Exception e) {
-            System.err.println("Something error.");
-            return -1;
-        }
-    }
+    public static void main(String[] args) throws Exception {
+        KrbOptions ktOptions = new KrbOptions();
+        KinitOption kto;
+        String principal = null;
+
+        int i = 0;
+        String opt, param, error;
+        while (i < args.length) {
+            error = null;
+
+            opt = args[i++];
+            if (opt.startsWith("-")) {
+                kto = KinitOption.fromName(opt);
+                if (kto == KinitOption.NONE) {
+                    error = "Invalid option:" + opt;
+                    break;
+                }
+            } else {
+                principal = opt;
+                break;
+            }
 
-    private int ticketForwardable(String[] args, int i) {
-        String principal = args[i];
-        KrbClient client = createClient(args[0]);
-        String password = getPassword(principal);
-        try {
-            //TODO
-            return 0;
-        } catch (Exception e) {
-            System.err.println("Something error.");
-            return -1;
+            if (kto.getType() != KOptionType.NOV) { // require a parameter
+                param = null;
+                if (i < args.length) {
+                    param = args[i++];
+                }
+                if (param != null) {
+                    ToolUtil.parseSetValue(kto, param);
+                } else {
+                    error = "Option " + opt + " require a parameter";
+                }
+            }
+
+            if (error != null) {
+                printUsage(error);
+            }
+            ktOptions.add(kto);
         }
-    }
 
-    private int ticketNonForwardable(String[] args, int i) {
-        String principal = args[i];
-        KrbClient client = createClient(args[0]);
-        String password = getPassword(principal);
-        try {
-            //TODO
-            return 0;
-        } catch (Exception e) {
-            System.err.println("Something error.");
-            return -1;
+        if (principal == null) {
+            printUsage("No principal is specified");
         }
-    }
 
-    public static void main(String[] args) throws Exception {
-        Kinit kinit = new Kinit();
-        int exitCode = kinit.execute(args);
-        System.exit(exitCode);
+        int errNo = Kinit.requestTicket(principal, ktOptions);
+        System.exit(errNo);
     }
 
 }

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
----------------------------------------------------------------------
diff --git a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
index c36dda7..eb5e23f 100644
--- a/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
+++ b/kdc-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
@@ -20,12 +20,13 @@
 package org.apache.kerby.kerberos.tool.kinit;
 
 import org.apache.kerby.kerberos.kerb.client.KOption;
+import org.apache.kerby.kerberos.kerb.client.KOptionType;
 
 public enum KinitOption implements KOption {
     NONE("NONE"),
-    LIFE_TIME("-l", "lifetime"),
-    START_TIME("-s", "start time"),
-    RENEWABLE_TIME("-r", "renewable lifetime"),
+    LIFE_TIME("-l", "lifetime", KOptionType.INT),
+    START_TIME("-s", "start time", KOptionType.INT),
+    RENEWABLE_LIFE("-r", "renewable lifetime", KOptionType.INT),
     FORWARDABLE("-f", "forwardable"),
     NOT_FORWARDABLE("-F", "not forwardable"),
     PROXIABLE("-p", "proxiable"),
@@ -39,24 +40,43 @@ public enum KinitOption implements KOption {
     AS_ENTERPRISE_PN("-E", "client is enterprise principal name"),
     USE_KEYTAB("-k", "use keytab"),
     USE_DFT_KEYTAB("-i", "use default client keytab (with -k)"),
-    USER_KEYTAB_FILE("-t", "filename of keytab to use"),
-    KRB5_CACHE("-c", "Kerberos 5 cache name"),
-    SERVICE("-S", "service"),
-    ARMOR_CACHE("-T", "armor credential cache"),
-    XATTR("-X", "<attribute>[=<value>]"),
+    USER_KEYTAB_FILE("-t", "filename of keytab to use", KOptionType.STR),
+    KRB5_CACHE("-c", "Kerberos 5 cache name", KOptionType.STR),
+    SERVICE("-S", "service", KOptionType.STR),
+    ARMOR_CACHE("-T", "armor credential cache", KOptionType.FILE),
+    XATTR("-X", "<attribute>[=<value>]", KOptionType.STR),
     ;
 
     private String name;
+    private KOptionType type = KOptionType.NONE;
     private String description;
     private Object value;
 
     KinitOption(String description) {
+        this(description, KOptionType.NOV); // As a flag by default
+    }
+
+    KinitOption(String description, KOptionType type) {
         this.description = description;
+        this.type = type;
     }
 
     KinitOption(String name, String description) {
+        this(name, description, KOptionType.NOV); // As a flag by default
+    }
+
+    KinitOption(String name, String description, KOptionType type) {
         this.name = name;
         this.description = description;
+        this.type = type;
+    }
+
+    public void setType(KOptionType type) {
+        this.type = type;
+    }
+
+    public KOptionType getType() {
+        return this.type;
     }
 
     @Override

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-dist/tool-dist/bin/kinit.sh
----------------------------------------------------------------------
diff --git a/kerby-dist/tool-dist/bin/kinit.sh b/kerby-dist/tool-dist/bin/kinit.sh
index eec995d..f0de97e 100644
--- a/kerby-dist/tool-dist/bin/kinit.sh
+++ b/kerby-dist/tool-dist/bin/kinit.sh
@@ -1,3 +1,3 @@
 #!/bin/bash
 confdir=/etc/kerby/krb/conf
-java -cp ../lib/kerb-client-1.0-SNAPSHOT-jar-with-dependencies.jar:../lib/kinit-1.0-SNAPSHOT.jar
org.apache.kerby.kerberos.tool.kinit.Kinit ${confdir} $@
\ No newline at end of file
+java -cp ../lib/kerb-client-1.0-SNAPSHOT-jar-with-dependencies.jar:../lib/kinit-1.0-SNAPSHOT.jar
org.apache.kerby.kerberos.tool.kinit.Kinit $@
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java
b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java
index cb30d34..f5253f1 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOption.java
@@ -21,6 +21,10 @@ package org.apache.kerby.kerberos.kerb.client;
 
 public interface KOption {
 
+    public void setType(KOptionType type);
+
+    public KOptionType getType();
+
     public void setName(String name);
 
     public String getName();

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOptionType.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOptionType.java
b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOptionType.java
new file mode 100644
index 0000000..fd83aeb
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KOptionType.java
@@ -0,0 +1,33 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+/**
+ * Option type.
+ */
+public enum KOptionType {
+    NONE,
+    NOV, // no value, a control flag
+    STR, // string value
+    INT, // integer value
+    BOOL, // boolean value
+    FILE, // file path value
+    DIR // dir path value
+}

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
index d5d95a5..2cb6caf 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
@@ -19,6 +19,7 @@
  */
 package org.apache.kerby.kerberos.kerb.client;
 
+import org.apache.kerby.config.Conf;
 import org.apache.kerby.event.Event;
 import org.apache.kerby.event.EventHub;
 import org.apache.kerby.event.EventWaiter;
@@ -40,6 +41,7 @@ import org.apache.kerby.transport.Transport;
 import org.apache.kerby.transport.event.TransportEvent;
 import org.apache.kerby.transport.event.TransportEventType;
 
+import java.io.File;
 import java.io.IOException;
 import java.security.PrivateKey;
 import java.security.cert.Certificate;
@@ -62,6 +64,7 @@ public class KrbClient {
     private Boolean allowUdp;
     private int kdcUdpPort;
     private KrbConfig krbConfig;
+    private File confDir;
 
     /**
      * Default constructor.
@@ -95,6 +98,24 @@ public class KrbClient {
     }
 
     /**
+     * Prepare krb config, loading krb5.conf.
+     * It can be override to add more configuration resources.
+     *
+     * @throws IOException
+     */
+    protected void initConfig() throws IOException {
+        if (confDir == null) {
+            confDir = new File("/etc/"); // for Linux. TODO: fix for Win etc.
+        }
+        if (confDir != null && confDir.exists()) {
+            File kdcConfFile = new File(confDir, "krb5.conf");
+            if (kdcConfFile.exists()) {
+                krbConfig.getConf().addIniConfig(kdcConfFile);
+            }
+        }
+    }
+
+    /**
      * Set KDC realm for ticket request
      * @param realm
      */
@@ -171,6 +192,12 @@ public class KrbClient {
     }
 
     public void init() {
+        try {
+            initConfig();
+        } catch (IOException e) {
+            throw new RuntimeException("Failed to load config", e);
+        }
+
         this.krbHandler = new KrbHandler();
         krbHandler.init(context);
 

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/b01cd2db/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
index bc44937..a5a3a18 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbOption.java
@@ -21,53 +21,73 @@ package org.apache.kerby.kerberos.kerb.client;
 
 public enum KrbOption implements KOption {
     NONE("NONE"),
-    LIFE_TIME("lifetime"),
-    START_TIME("start-time"),
-    RENEWABLE_TIME("renewable-lifetime"),
+    LIFE_TIME("life time", KOptionType.INT),
+    START_TIME("start time", KOptionType.INT),
+    RENEWABLE_TIME("renewable lifetime", KOptionType.INT),
     FORWARDABLE("forwardable"),
-    NOT_FORWARDABLE("not-forwardable"),
+    NOT_FORWARDABLE("not forwardable"),
     PROXIABLE("proxiable"),
-    NOT_PROXIABLE("not-proxiable"),
+    NOT_PROXIABLE("not proxiable"),
     ANONYMOUS("anonymous"),
-    INCLUDE_ADDRESSES("include-addresses"),
-    NOT_INCLUDE_ADDRESSES("do-not-include-addresses"),
+    INCLUDE_ADDRESSES("include addresses"),
+    NOT_INCLUDE_ADDRESSES("do not include addresses"),
     VALIDATE("validate"),
     RENEW("renew"),
     CANONICALIZE("canonicalize"),
     AS_ENTERPRISE_PN("as-enterprise-pn", "client is enterprise principal name"),
-    USE_KEYTAB("use-keytab", "use-keytab"),
+    USE_KEYTAB("use-keytab", "use keytab"),
     USE_DFT_KEYTAB("user-default-keytab", "use default client keytab"),
-    USER_KEYTAB_FILE("user-keytab-file", "filename of keytab to use"),
-    KRB5_CACHE("krb5-cache", "K5 cache name"),
-    SERVICE("service"),
-    ARMOR_CACHE("armor-cache", "armor credential cache"),
+    USER_KEYTAB_FILE("user-keytab-file", "filename of keytab to use", KOptionType.FILE),
+    KRB5_CACHE("krb5-cache", "K5 cache name", KOptionType.FILE),
+    SERVICE("service", KOptionType.STR),
+    ARMOR_CACHE("armor-cache", "armor credential cache", KOptionType.STR),
 
+    CONF_DIR("conf dir", KOptionType.DIR),
     USER_PASSWD("user-passwd", "User plain password"),
 
-    PKINIT_X509_IDENTITY("x509-identities", "X509 user private key and cert"),
-    PKINIT_X509_PRIVATE_KEY("x509-privatekey", "X509 user private key"),
-    PKINIT_X509_CERTIFICATE("x509-cert", "X509 user certificate"),
-    PKINIT_X509_ANCHORS("x509-anchors", "X509 anchors"),
+    PKINIT_X509_IDENTITY("x509-identities", "X509 user private key and cert", KOptionType.STR),
+    PKINIT_X509_PRIVATE_KEY("x509-privatekey", "X509 user private key", KOptionType.STR),
+    PKINIT_X509_CERTIFICATE("x509-cert", "X509 user certificate", KOptionType.STR),
+    PKINIT_X509_ANCHORS("x509-anchors", "X509 anchors", KOptionType.STR),
     PKINIT_X509_ANONYMOUS("x509-anonymous", "X509 anonymous"),
     PKINIT_USING_RSA("using-rsa-or-dh", "Using RSA or DH"),
 
     TOKEN_USING_IDTOKEN("using-id-token", "Using identity token"),
-    TOKEN_USER_ID_TOKEN("user-id-token", "User identity token"),
-    TOKEN_USER_AC_TOKEN("user-ac-token", "User access token"),
+    TOKEN_USER_ID_TOKEN("user-id-token", "User identity token", KOptionType.STR),
+    TOKEN_USER_AC_TOKEN("user-ac-token", "User access token", KOptionType.STR),
 
     ;
 
     private String name;
+    private KOptionType type;
     private String description;
     private Object value;
 
     KrbOption(String description) {
+        this(description, KOptionType.NOV); // As a flag by default
+    }
+
+    KrbOption(String description, KOptionType type) {
         this.description = description;
+        this.type = type;
     }
 
     KrbOption(String name, String description) {
+        this(name, description, KOptionType.NOV); // As a flag by default
+    }
+
+    KrbOption(String name, String description, KOptionType type) {
         this.name = name;
         this.description = description;
+        this.type = type;
+    }
+
+    public void setType(KOptionType type) {
+        this.type = type;
+    }
+
+    public KOptionType getType() {
+        return this.type;
     }
 
     @Override


Mime
View raw message