directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject [22/26] directory-kerby git commit: Refined kdc init tool
Date Mon, 10 Aug 2015 05:16:03 GMT
Refined kdc init tool


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/3abac027
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/3abac027
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/3abac027

Branch: refs/heads/pkinit-support
Commit: 3abac0273edd9c10de2cc929a5bca1c22f189810
Parents: 174d0b7
Author: drankye <kai.zheng@intel.com>
Authored: Sun Aug 9 07:59:50 2015 +0800
Committer: Drankye <drankye@gmail.com>
Committed: Sun Aug 9 07:59:50 2015 +0800

----------------------------------------------------------------------
 .../kerby/kerberos/kerb/admin/Kadmin.java       |  9 +++++
 .../kerberos/tool/kdcinit/KdcInitTool.java      | 41 ++++++++++++--------
 2 files changed, 33 insertions(+), 17 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/3abac027/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
index b37adca..9901450 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
@@ -514,6 +514,15 @@ public class Kadmin {
     }
 
     /**
+     * Stop the backend and release any resources associated.
+     */
+    public void release() throws KrbException {
+        if (backend != null) {
+            backend.stop();
+        }
+    }
+
+    /**
      * Fix principal name.
      *
      * @param principal The principal name

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/3abac027/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kdcinit/KdcInitTool.java
----------------------------------------------------------------------
diff --git a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kdcinit/KdcInitTool.java
b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kdcinit/KdcInitTool.java
index 34df5b9..f194ce2 100644
--- a/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kdcinit/KdcInitTool.java
+++ b/kerby-tool/kdc-tool/src/main/java/org/apache/kerby/kerberos/tool/kdcinit/KdcInitTool.java
@@ -24,23 +24,30 @@ import org.apache.kerby.kerberos.kerb.admin.Kadmin;
 
 import java.io.File;
 
+/**
+ * A tool to initialize KDC backend for the first time when setup the KDC.
+ */
 public class KdcInitTool {
     private Kadmin kadmin;
     private static File keytabFile;
 
-    private static final String USAGE = "Usage: sh bin/kdcinit.sh [conf-dir] [keytab]\n"
-        + "\tExample:\n"
-        + "\t\tsh bin/kdcinit.sh conf /home/admin.keytab\n";
+    private static final String USAGE = "Usage: kdcinit [conf-dir] [output-keytab]\n"
+        + "\tThis tool initializes KDC backend and should only be performed the first time,\n"
+        + "\tand the output keytab should be carefully kept to administrate/kadmin KDC later.\nExample:\n"
+        + "\t\tbin/kdcinit.sh conf /home/admin.keytab\n";
 
-    private void init(File confDir) throws KrbException {
+    void initKdc(File confDir) throws KrbException {
         kadmin = new Kadmin(confDir);
-        kadmin.createBuiltinPrincipals();
-        kadmin.exportKeytab(keytabFile, kadmin.getKadminPrincipal());
-        System.out.println("The kadmin principal " + kadmin.getKadminPrincipal()
-                + " has exported into keytab file " + keytabFile.getAbsolutePath()
-                + ", please make sure to keep it, because it will be used by kadmin tool"
-                + " for the authentication.");
-        kadmin.getIdentityBackend().stop();
+        try {
+            kadmin.createBuiltinPrincipals();
+            kadmin.exportKeytab(keytabFile, kadmin.getKadminPrincipal());
+            System.out.println("The keytab for kadmin principal " +
+                    " has been exported to the specified file " +
+                    keytabFile.getAbsolutePath() + ", please safely keep it, " +
+                    "in order to use kadmin tool later");
+        } finally {
+            kadmin.release();
+        }
     }
 
     public static void main(String[] args) throws KrbException {
@@ -64,21 +71,21 @@ public class KdcInitTool {
         }
 
         if (keytabFile.exists()) {
-            System.err.println("There is one kadmin keytab exists in " + keyTabPath
-                    + ", this tool maybe have been executed, if not,"
-                    + " please delete it or change the keytab-dir.");
+            System.err.println("The kadmin keytab already exists in " + keyTabPath
+                    + ", this tool maybe have been executed already.");
             return;
         }
 
         KdcInitTool kdcInitTool = new KdcInitTool();
 
         try {
-            kdcInitTool.init(confDir);
+            kdcInitTool.initKdc(confDir);
         } catch (KrbException e) {
           System.err.println("Errors occurred when init the kdc " + e.getMessage());
-          return;
+          System.exit(1);
         }
 
-        System.out.println("Finish kdc init.");
+        System.out.println("Finished initializing the KDC backend");
+        System.exit(0);
     }
 }


Mime
View raw message