directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject [20/48] directory-kerby git commit: DIRKRB-426. KrbClient wont accept principal name not of realm part
Date Wed, 04 Nov 2015 08:25:46 GMT
DIRKRB-426. KrbClient wont accept principal name not of realm part


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/b3018754
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/b3018754
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/b3018754

Branch: refs/heads/pkinit-support
Commit: b301875499aae1673f6acb11428f2a2cf69c83b6
Parents: 59a6b65
Author: Kai Zheng <kai.zheng@intel.com>
Authored: Wed Sep 30 08:44:01 2015 +0800
Committer: Kai Zheng <kai.zheng@intel.com>
Committed: Wed Sep 30 08:44:01 2015 +0800

----------------------------------------------------------------------
 .../apache/kerby/kerberos/kerb/admin/Kadmin.java |  5 ++---
 .../kerby/kerberos/kerb/client/KrbClient.java    |  2 +-
 .../client/impl/AbstractInternalKrbClient.java   | 19 +++++++++++++++++--
 3 files changed, 20 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b3018754/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
index 285544f..ea4bacc 100644
--- a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/Kadmin.java
@@ -541,7 +541,7 @@ public class Kadmin {
     /**
      * Stop the backend and release any resources associated.
      *
-     * @throws org.apache.kerby.kerberos.kerb.KrbException e
+     * @throws KrbException e
      */
     public void release() throws KrbException {
         if (backend != null) {
@@ -550,10 +550,9 @@ public class Kadmin {
     }
 
     /**
-     * Fix principal name.
+     * Fix principal name, making it complete.
      *
      * @param principal The principal name
-     * @throws KrbException
      */
     private String fixPrincipal(String principal) {
         if (!principal.contains("@")) {

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b3018754/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
index db318fb..b5ec953 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
@@ -246,7 +246,7 @@ public class KrbClient {
      */
     public TgtTicket requestTgtWithOptions(KOptions requestOptions) throws KrbException {
         if (requestOptions == null) {
-            throw new IllegalArgumentException("Null KrbOptions specified");
+            throw new IllegalArgumentException("Null requestOptions specified");
         }
 
         return innerClient.requestTgtTicket(requestOptions);

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b3018754/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java
b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java
index 0dedc75..2c55ff8 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/impl/AbstractInternalKrbClient.java
@@ -97,6 +97,7 @@ public abstract class AbstractInternalKrbClient implements InternalKrbClient
{
         if (requestOptions.contains(KrbOption.CLIENT_PRINCIPAL)) {
             String principal = requestOptions.getStringOption(
                     KrbOption.CLIENT_PRINCIPAL);
+            principal = fixPrincipal(principal);
             asRequest.setClientPrincipal(new PrincipalName(principal));
         }
         asRequest.setKrbOptions(requestOptions);
@@ -121,8 +122,10 @@ public abstract class AbstractInternalKrbClient implements InternalKrbClient
{
             throw new IllegalArgumentException(
                     "No valid krb client request option found");
         }
-        tgsRequest.setServerPrincipal(new PrincipalName(requestOptions.
-                getStringOption(KrbOption.SERVER_PRINCIPAL)));
+
+        String serverPrincipal = fixPrincipal(requestOptions.
+                getStringOption(KrbOption.SERVER_PRINCIPAL));
+        tgsRequest.setServerPrincipal(new PrincipalName(serverPrincipal));
         tgsRequest.setKrbOptions(requestOptions);
 
         return doRequestServiceTicket(tgsRequest);
@@ -133,4 +136,16 @@ public abstract class AbstractInternalKrbClient implements InternalKrbClient
{
 
     protected abstract ServiceTicket doRequestServiceTicket(
             TgsRequest tgsRequest) throws KrbException;
+
+    /**
+     * Fix principal name.
+     *
+     * @param principal The principal name
+     */
+    protected String fixPrincipal(String principal) {
+        if (!principal.contains("@")) {
+            principal += "@" + krbSetting.getKdcRealm();
+        }
+        return principal;
+    }
 }


Mime
View raw message