Return-Path: 
 <commits-return-43923-apmail-directory-commits-archive=directory.apache.org@directory.apache.org>
X-Original-To: apmail-directory-commits-archive@www.apache.org
Delivered-To: apmail-directory-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 6C81318C9C
	for <apmail-directory-commits-archive@www.apache.org>;
 Mon, 30 Nov 2015 03:09:43 +0000 (UTC)
Received: (qmail 36777 invoked by uid 500); 30 Nov 2015 03:09:43 -0000
Delivered-To: apmail-directory-commits-archive@directory.apache.org
Received: (qmail 36682 invoked by uid 500); 30 Nov 2015 03:09:43 -0000
Mailing-List: contact commits-help@directory.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@directory.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@directory.apache.org>
List-Post: <mailto:commits@directory.apache.org>
List-Id: <commits.directory.apache.org>
Reply-To: dev@directory.apache.org
Delivered-To: mailing list commits@directory.apache.org
Received: (qmail 36326 invoked by uid 99); 30 Nov 2015 03:09:42 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 30 Nov 2015 03:09:42 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id A15BEDFF46; Mon, 30 Nov 2015 03:09:42 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: plusplusjiajia@apache.org
To: commits@directory.apache.org
Date: Mon, 30 Nov 2015 03:09:46 -0000
Message-Id: <75534a2de22f4c58879d9fcd751e01f9@git.apache.org>
In-Reply-To: <c28d9b396a8443d5bfc269bc520192d7@git.apache.org>
References: <c28d9b396a8443d5bfc269bc520192d7@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [05/19] directory-kerby git commit: DIRKRB-480 Separate PKINIT client
 out of KrbClient

DIRKRB-480 Separate PKINIT client out of KrbClient


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/d10bf630
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/d10bf630
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/d10bf630

Branch: refs/heads/pkinit-support
Commit: d10bf630b516e597b96c23d70614ea982efaa9c8
Parents: 759f26f
Author: Kai Zheng <kai.zheng@intel.com>
Authored: Sun Nov 29 07:15:10 2015 +0800
Committer: Kai Zheng <kai.zheng@intel.com>
Committed: Sun Nov 29 07:15:10 2015 +0800

----------------------------------------------------------------------
 .../kerby/kerberos/kerb/client/KrbClient.java   | 26 -------
 .../kerberos/kerb/client/KrbPkinitClient.java   | 76 ++++++++++++++++++++
 2 files changed, 76 insertions(+), 26 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/d10bf630/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
index 80bfa67..7053286 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbClient.java
@@ -194,32 +194,6 @@ public class KrbClient {
     }
 
     /**
-     * Request a TGT with user x509 certificate credential
-     * @param certificate The certificate
-     * @param privateKey The private key
-     * @return TGT
-     * @throws KrbException e
-     */
-    public TgtTicket requestTgtWithCert(Certificate certificate,
-                                        PrivateKey privateKey) throws KrbException {
-        KOptions requestOptions = new KOptions();
-        requestOptions.add(KrbOption.PKINIT_X509_CERTIFICATE, certificate);
-        requestOptions.add(KrbOption.PKINIT_X509_PRIVATE_KEY, privateKey);
-        return requestTgtWithOptions(requestOptions);
-    }
-
-    /**
-     * Request a TGT with using Anonymous PKINIT
-     * @return TGT
-     * @throws KrbException e
-     */
-    public TgtTicket requestTgtWithPkintAnonymous() throws KrbException {
-        KOptions requestOptions = new KOptions();
-        requestOptions.add(KrbOption.USE_PKINIT_ANONYMOUS);
-        return requestTgtWithOptions(requestOptions);
-    }
-
-    /**
      * Request a TGT with using well prepared requestOptions.
      * @param requestOptions The request options
      * @return TGT

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/d10bf630/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbPkinitClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbPkinitClient.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbPkinitClient.java
new file mode 100644
index 0000000..09ac113
--- /dev/null
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbPkinitClient.java
@@ -0,0 +1,76 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.client;
+
+import org.apache.kerby.KOptions;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+
+/**
+ * A krb PKINIT client API for applications to interact with KDC using PKINIT.
+ */
+public class KrbPkinitClient {
+    private final KrbClient krbClient;
+
+    /**
+     * Constructor with prepared KrbClient.
+     * @param krbClient The krb client
+     */
+    public KrbPkinitClient(KrbClient krbClient) {
+        this.krbClient = krbClient;
+    }
+
+    /**
+     * Get krb client.
+     * @return KrbClient
+     */
+    public KrbClient getKrbClient() {
+        return krbClient;
+    }
+
+    /**
+     * Request a TGT with user x509 certificate credential
+     * @param certificate The certificate
+     * @param privateKey The private key
+     * @return TGT
+     * @throws KrbException e
+     */
+    public TgtTicket requestTgt(Certificate certificate,
+                                PrivateKey privateKey) throws KrbException {
+        KOptions requestOptions = new KOptions();
+        requestOptions.add(KrbOption.PKINIT_X509_CERTIFICATE, certificate);
+        requestOptions.add(KrbOption.PKINIT_X509_PRIVATE_KEY, privateKey);
+        return krbClient.requestTgtWithOptions(requestOptions);
+    }
+
+    /**
+     * Request a TGT with using Anonymous PKINIT
+     * @return TGT
+     * @throws KrbException e
+     */
+    public TgtTicket requestTgt() throws KrbException {
+        KOptions requestOptions = new KOptions();
+        requestOptions.add(KrbOption.USE_PKINIT_ANONYMOUS);
+        return krbClient.requestTgtWithOptions(requestOptions);
+    }
+}