directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject [1/2] directory-kerby git commit: 1.Kpasswd. Initially added kpasswd and kpasswd server.2.DIRKRB-578 Set up network connection between Kpasswd Server and Client.
Date Wed, 29 Jun 2016 01:38:55 GMT
Repository: directory-kerby
Updated Branches:
  refs/heads/kpasswd 79d4a5841 -> 70fd3d0c5


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdConfig.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdConfig.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdConfig.java
new file mode 100644
index 0000000..583ccf6
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdConfig.java
@@ -0,0 +1,120 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd;
+
+import org.apache.kerby.kerberos.kerb.common.Krb5Conf;
+
+/**
+ * Kerb client side configuration API.
+ */
+public class PasswdConfig extends Krb5Conf {
+    private static final String LIBDEFAULT = "libdefaults";
+
+    public boolean enableDebug() {
+        return getBoolean(PasswdConfigKey.KRB_DEBUG, true, LIBDEFAULT);
+    }
+
+    /**
+     * Get KDC host name
+     *
+     * @return The kdc host
+     */
+    public String getAdminHost() {
+        return getString(
+            PasswdConfigKey.ADMIN_HOST, true, LIBDEFAULT);
+    }
+
+    /**
+     * Get KDC port, as both TCP and UDP ports
+     *
+     * @return The kdc host
+     */
+    public int getAdminPort() {
+        Integer kdcPort = getInt(PasswdConfigKey.ADMIN_PORT, true, LIBDEFAULT);
+        if (kdcPort != null) {
+            return kdcPort.intValue();
+        }
+        return -1;
+    }
+
+    /**
+     * Get KDC TCP port
+     *
+     * @return The kdc tcp port
+     */
+    public int getAdminTcpPort() {
+        Integer kdcPort = getInt(PasswdConfigKey.ADMIN_TCP_PORT, true, LIBDEFAULT);
+        if (kdcPort != null && kdcPort > 0) {
+            return kdcPort.intValue();
+        }
+        return getAdminPort();
+    }
+
+    /**
+     * Is to allow UDP for KDC
+     *
+     * @return true to allow UDP, false otherwise
+     */
+    public boolean allowUdp() {
+        return getBoolean(PasswdConfigKey.ADMIN_ALLOW_UDP, true, LIBDEFAULT)
+                || getInt(PasswdConfigKey.ADMIN_UDP_PORT, true, LIBDEFAULT) != null
+            || getInt(PasswdConfigKey.ADMIN_PORT, false, LIBDEFAULT) != null;
+    }
+
+    /**
+     * Is to allow TCP for KDC
+     *
+     * @return true to allow TCP, false otherwise
+     */
+    public boolean allowTcp() {
+        return getBoolean(PasswdConfigKey.ADMIN_ALLOW_TCP, true, LIBDEFAULT)
+                || getInt(PasswdConfigKey.ADMIN_TCP_PORT, true, LIBDEFAULT) != null
+            || getInt(PasswdConfigKey.ADMIN_PORT, false, LIBDEFAULT) != null;
+    }
+
+    /**
+     * Get KDC UDP port
+     *
+     * @return The kdc udp port
+     */
+    public int getAdminUdpPort() {
+        Integer kdcPort = getInt(PasswdConfigKey.ADMIN_UDP_PORT, true, LIBDEFAULT);
+        if (kdcPort != null && kdcPort > 0) {
+            return kdcPort.intValue();
+        }
+        return getAdminPort();
+    }
+
+    /**
+     * Get KDC realm.
+     * @return The kdc realm
+     */
+    public String getAdminRealm() {
+        String realm = getString(PasswdConfigKey.ADMIN_REALM, false, LIBDEFAULT);
+        if (realm == null) {
+            realm = getString(PasswdConfigKey.DEFAULT_REALM, false, LIBDEFAULT);
+            if (realm == null) {
+                realm = (String) PasswdConfigKey.ADMIN_REALM.getDefaultValue();
+            }
+        }
+
+        return realm;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdConfigKey.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdConfigKey.java
new file mode 100644
index 0000000..b963076
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdConfigKey.java
@@ -0,0 +1,55 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd;
+
+import org.apache.kerby.config.ConfigKey;
+
+public enum PasswdConfigKey implements ConfigKey {
+    KRB_DEBUG(true),
+    ADMIN_HOST("localhost"),
+    ADMIN_PORT(null),
+    ADMIN_ALLOW_UDP(true),
+    ADMIN_ALLOW_TCP(true),
+    ADMIN_UDP_PORT(null),
+    ADMIN_TCP_PORT(null),
+    ADMIN_DOMAIN("example.com"),
+    DEFAULT_REALM(null),
+    ADMIN_REALM("EXAMPLE.COM");
+
+    private Object defaultValue;
+
+    PasswdConfigKey() {
+        this.defaultValue = null;
+    }
+
+    PasswdConfigKey(Object defaultValue) {
+        this.defaultValue = defaultValue;
+    }
+
+    @Override
+    public String getPropertyKey() {
+        return name().toLowerCase();
+    }
+
+    @Override
+    public Object getDefaultValue() {
+        return this.defaultValue;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdContext.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdContext.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdContext.java
new file mode 100644
index 0000000..16837d9
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdContext.java
@@ -0,0 +1,49 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd;
+
+public class PasswdContext {
+
+    private PasswdSetting passwdSetting;
+
+    /**
+     * Init with krbsetting.
+     * @param passwdSetting The krb setting
+     */
+    public void init(PasswdSetting passwdSetting) {
+        this.passwdSetting = passwdSetting;
+    }
+
+    /**
+     * Get krbsetting.
+     * @return The krb setting
+     */
+    public PasswdSetting getPasswdSetting() {
+        return passwdSetting;
+    }
+
+    /**
+     * Get krbconfig.
+     * @return The krb config
+     */
+    public PasswdConfig getConfig() {
+        return passwdSetting.getPasswdConfig();
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdHandler.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdHandler.java
new file mode 100644
index 0000000..8f07bbc
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdHandler.java
@@ -0,0 +1,84 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.admin.kpasswd.request.PasswdRequest;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public abstract class PasswdHandler {
+
+    /**
+     * Init with krbcontext.
+     *
+     * @param context The krbcontext
+     */
+    public void init(PasswdContext context) {
+
+    }
+
+    /**
+     * Handle the password server request.
+     *
+     * @param passwdRequest The password server request
+     * @throws KrbException e
+     */
+    public void handleRequest(PasswdRequest passwdRequest) throws KrbException {
+        passwdRequest.process();
+
+        String request = "Client request change password.";
+        ByteBuffer requestMessage = ByteBuffer.allocate(request.length() + 4);
+        requestMessage.putInt(request.length());
+        requestMessage.put(request.getBytes());
+        requestMessage.flip();
+
+        try {
+            sendMessage(passwdRequest, requestMessage);
+        } catch (IOException e) {
+            throw new KrbException("sending message failed", e);
+        }
+    }
+
+    /**
+     * Process the response message from kdc.
+     *
+     * @param passwdRequest The kpasswd request
+     * @param responseMessage The message from kdc
+     * @throws KrbException e
+     */
+    public void onResponseMessage(PasswdRequest passwdRequest,
+                                  ByteBuffer responseMessage) throws KrbException {
+        String message = new String(responseMessage.array());
+        System.out.println("client receive message: ");
+        System.out.println(message);
+    }
+
+    /**
+     * Send message to password server.
+     *
+     * @param passwdRequest The change password request
+     * @param requestMessage The request message to password server
+     * @throws IOException e
+     */
+    protected abstract void sendMessage(PasswdRequest passwdRequest,
+                                        ByteBuffer requestMessage) throws IOException;
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdOption.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdOption.java
new file mode 100644
index 0000000..228733b
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdOption.java
@@ -0,0 +1,102 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd;
+
+import org.apache.kerby.KOption;
+import org.apache.kerby.KOptionInfo;
+import org.apache.kerby.KOptionType;
+
+/**
+ * This defines all the options that come across the client side.
+ */
+public enum PasswdOption implements KOption {
+    NONE(null),
+
+    ADMIN_REALM(new KOptionInfo("admin-realm", "kdc realm",
+        KOptionType.STR)),
+    ADMIN_HOST(new KOptionInfo("admin-host", "kdc host",
+        KOptionType.STR)),
+    ADMIN_TCP_PORT(new KOptionInfo("admin-tcp-port", "kdc tcp port",
+        KOptionType.INT)),
+    ALLOW_UDP(new KOptionInfo("allow-udp", "allow udp",
+        KOptionType.BOOL)),
+    ALLOW_TCP(new KOptionInfo("allow-tcp", "allow tcp",
+        KOptionType.BOOL)),
+    ADMIN_UDP_PORT(new KOptionInfo("admin-udp-port", "kdc udp port",
+        KOptionType.INT)),
+    CONN_TIMEOUT(new KOptionInfo("conn-timeout", "connection timeout",
+        KOptionType.INT)),
+
+    LIFE_TIME(new KOptionInfo("life-time", "life time",
+        KOptionType.INT)),
+    START_TIME(new KOptionInfo("start-time", "start time",
+        KOptionType.INT)),
+    RENEWABLE_TIME(new KOptionInfo("renewable_lifetime", "renewable lifetime",
+        KOptionType.INT)),
+    INCLUDE_ADDRESSES(new KOptionInfo("include_addresses",
+        "include addresses")),
+    AS_ENTERPRISE_PN(new KOptionInfo("as-enterprise-pn",
+        "client is enterprise principal name")),
+    CLIENT_PRINCIPAL(new KOptionInfo("client-principal", "Client principal",
+        KOptionType.STR)),
+
+    USE_PASSWD(new KOptionInfo("using-password", "using password")),
+    USER_PASSWD(new KOptionInfo("user-passwd", "User plain password")),
+
+    USE_KEYTAB(new KOptionInfo("use-keytab", "use keytab")),
+    USE_DFT_KEYTAB(new KOptionInfo("use-dft-keytab", "use default client keytab (with -k)")),
+    KEYTAB_FILE(new KOptionInfo("keytab-file", "filename of keytab to use",
+        KOptionType.FILE)),
+
+    KRB5_CACHE(new KOptionInfo("krb5-cache", "K5 cache name",
+        KOptionType.FILE)),
+    SERVICE_PRINCIPAL(new KOptionInfo("service-principal", "service principal",
+        KOptionType.STR)),
+    SERVER_PRINCIPAL(new KOptionInfo("admin-principal", "admin principal",
+        KOptionType.STR)),
+    ARMOR_CACHE(new KOptionInfo("armor-cache", "armor credential cache",
+        KOptionType.STR)),
+    USE_TGT(new KOptionInfo("use-tgt", "use tgt to get service ticket",
+        KOptionType.OBJ)),
+    CONF_DIR(new KOptionInfo("-conf", "conf dir", KOptionType.DIR));
+
+    private final KOptionInfo optionInfo;
+
+    PasswdOption(KOptionInfo optionInfo) {
+        this.optionInfo = optionInfo;
+    }
+
+    @Override
+    public KOptionInfo getOptionInfo() {
+        return optionInfo;
+    }
+
+    public static PasswdOption fromOptionName(String optionName) {
+        if (optionName != null) {
+            for (PasswdOption ko : values()) {
+                if (ko.optionInfo != null
+                    && ko.optionInfo.getName().equals(optionName)) {
+                    return ko;
+                }
+            }
+        }
+        return NONE;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdSetting.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdSetting.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdSetting.java
new file mode 100644
index 0000000..56aa030
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdSetting.java
@@ -0,0 +1,129 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd;
+
+import org.apache.kerby.KOptions;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+/**
+ * Admin client setting that combines common options and client config.
+ */
+public class PasswdSetting {
+    private final KOptions commonOptions;
+    private final PasswdConfig passwdConfig;
+
+    public PasswdSetting(KOptions commonOptions, PasswdConfig config) {
+        this.commonOptions = commonOptions;
+        this.passwdConfig = config;
+    }
+
+    public PasswdSetting(PasswdConfig config) {
+        this.commonOptions = new KOptions();
+        this.passwdConfig = config;
+    }
+
+    public PasswdConfig getPasswdConfig() {
+        return passwdConfig;
+    }
+
+    public String getKdcRealm() {
+        String kdcRealm = commonOptions.getStringOption(PasswdOption.ADMIN_REALM);
+        if (kdcRealm == null || kdcRealm.isEmpty()) {
+            kdcRealm = passwdConfig.getAdminRealm();
+        }
+        return kdcRealm;
+    }
+
+    public String getKdcHost() {
+        String kdcHost = commonOptions.getStringOption(PasswdOption.ADMIN_HOST);
+        if (kdcHost == null) {
+            return passwdConfig.getAdminHost();
+        }
+        return kdcHost;
+    }
+
+    /**
+     * Check kdc tcp setting and see if any bad.
+     * @return valid tcp port or -1 if not allowTcp
+     * @throws KrbException e
+     */
+    public int checkGetKdcTcpPort() throws KrbException {
+        if (allowTcp()) {
+            int kdcPort = getKdcTcpPort();
+            if (kdcPort < 1) {
+                throw new KrbException("KDC tcp port isn't set or configured");
+            }
+            return kdcPort;
+        }
+        return -1;
+    }
+
+    /**
+     * Check kdc udp setting and see if any bad.
+     * @return valid udp port or -1 if not allowUdp
+     * @throws KrbException e
+     */
+    public int checkGetKdcUdpPort() throws KrbException {
+        if (allowUdp()) {
+            int kdcPort = getKdcUdpPort();
+            if (kdcPort < 1) {
+                throw new KrbException("KDC udp port isn't set or configured");
+            }
+            return kdcPort;
+        }
+        return -1;
+    }
+
+    public int getKdcTcpPort() {
+        int tcpPort = commonOptions.getIntegerOption(PasswdOption.ADMIN_TCP_PORT);
+        if (tcpPort > 0) {
+            return tcpPort;
+        }
+        return passwdConfig.getAdminTcpPort();
+    }
+
+    public boolean allowUdp() {
+        Boolean allowUdp = commonOptions.getBooleanOption(
+                PasswdOption.ALLOW_UDP, passwdConfig.allowUdp());
+        return allowUdp;
+    }
+
+    public boolean allowTcp() {
+        Boolean allowTcp = commonOptions.getBooleanOption(
+                PasswdOption.ALLOW_TCP, passwdConfig.allowTcp());
+        return allowTcp;
+    }
+
+    public int getKdcUdpPort() {
+        int udpPort = commonOptions.getIntegerOption(PasswdOption.ADMIN_UDP_PORT);
+        if (udpPort > 0) {
+            return udpPort;
+        }
+        return passwdConfig.getAdminUdpPort();
+    }
+
+    public int getTimeout() {
+        int timeout = commonOptions.getIntegerOption(PasswdOption.CONN_TIMEOUT);
+        if (timeout > 0) {
+            return timeout;
+        }
+        return 1000; // by default
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdUtil.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdUtil.java
new file mode 100644
index 0000000..8843b74
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/PasswdUtil.java
@@ -0,0 +1,127 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.transport.TransportPair;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.util.Map;
+
+public final class PasswdUtil {
+    private PasswdUtil() { }
+
+    private static final String KRB5_FILE_NAME = "kpasswdClient.conf";
+    private static final String KRB5_ENV_NAME = "KRB5_CONFIG";
+
+    /**
+     * Load krb5.conf from specified conf dir.
+     * @param confDir The conf dir
+     * @return PasswdConfig
+     * @throws KrbException e
+     */
+    public static PasswdConfig getConfig(File confDir) throws KrbException {
+        File confFile = new File(confDir, KRB5_FILE_NAME);
+        if (!confFile.exists()) {
+            throw new KrbException(KRB5_FILE_NAME + " not found");
+        }
+
+        if (confFile != null && confFile.exists()) {
+            PasswdConfig adminConfig = new PasswdConfig();
+            try {
+                adminConfig.addKrb5Config(confFile);
+                return adminConfig;
+            } catch (IOException e) {
+                throw new KrbException("Failed to load krb config "
+                        + confFile.getAbsolutePath());
+            }
+        }
+
+        return null;
+    }
+
+    /**
+     * Load default krb5.conf
+     * @return The PasswdConfig
+     * @throws KrbException e
+     */
+    public static PasswdConfig getDefaultConfig() throws KrbException {
+        File confFile = null;
+        File confDir;
+        String tmpEnv;
+
+        try {
+            Map<String, String> mapEnv = System.getenv();
+            tmpEnv = mapEnv.get(KRB5_ENV_NAME);
+        } catch (SecurityException e) {
+            tmpEnv = null;
+        }
+        if (tmpEnv != null) {
+            confFile = new File(tmpEnv);
+            if (!confFile.exists()) {
+                throw new KrbException("krb5 conf not found. Invalid env "
+                        + KRB5_ENV_NAME);
+            }
+        } else {
+            confDir = new File("/etc/"); // for Linux. TODO: fix for Win etc.
+            if (confDir.exists()) {
+                confFile = new File(confDir, "krb5.conf");
+            }
+        }
+
+        PasswdConfig adminConfig = new PasswdConfig();
+        if (confFile != null && confFile.exists()) {
+            try {
+                adminConfig.addKrb5Config(confFile);
+            } catch (IOException e) {
+                throw new KrbException("Failed to load krb config "
+                        + confFile.getAbsolutePath());
+            }
+        }
+
+        return adminConfig;
+    }
+
+    /**
+     * Get KDC network transport addresses according to krb client setting.
+     * @param setting The krb setting
+     * @return UDP and TCP addresses pair
+     * @throws KrbException e
+     */
+    public static TransportPair getTransportPair(
+            PasswdSetting setting) throws KrbException {
+        TransportPair result = new TransportPair();
+
+        int tcpPort = setting.checkGetKdcTcpPort();
+        if (tcpPort > 0) {
+            result.tcpAddress = new InetSocketAddress(
+                    setting.getKdcHost(), tcpPort);
+        }
+        int udpPort = setting.checkGetKdcUdpPort();
+        if (udpPort > 0) {
+            result.udpAddress = new InetSocketAddress(
+                    setting.getKdcHost(), udpPort);
+        }
+
+        return result;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/AbstractInternalPasswdClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/AbstractInternalPasswdClient.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/AbstractInternalPasswdClient.java
new file mode 100644
index 0000000..675c93e
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/AbstractInternalPasswdClient.java
@@ -0,0 +1,71 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd.impl;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.admin.kpasswd.PasswdSetting;
+import org.apache.kerby.kerberos.kerb.admin.kpasswd.PasswdContext;
+
+/**
+ * A krb client API for applications to interact with KDC
+ */
+public abstract class AbstractInternalPasswdClient
+                                    implements InternalPasswdClient {
+    private PasswdContext context;
+    private final PasswdSetting passwdSetting;
+
+    public AbstractInternalPasswdClient(PasswdSetting passwdSetting) {
+        this.passwdSetting = passwdSetting;
+    }
+
+    protected PasswdContext getContext() {
+        return context;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public PasswdSetting getSetting() {
+        return passwdSetting;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public void init() throws KrbException {
+        context = new PasswdContext();
+        context.init(passwdSetting);
+    }
+
+    /**
+     * Fix principal name.
+     *
+     * @param principal The principal name
+     * @return The fixed principal
+     */
+    protected String fixPrincipal(String principal) {
+        if (!principal.contains("@")) {
+            principal += "@" + passwdSetting.getKdcRealm();
+        }
+        return principal;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/DefaultInternalPasswdClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/DefaultInternalPasswdClient.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/DefaultInternalPasswdClient.java
new file mode 100644
index 0000000..561de7c
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/DefaultInternalPasswdClient.java
@@ -0,0 +1,64 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd.impl;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.admin.kpasswd.PasswdSetting;
+import org.apache.kerby.kerberos.kerb.admin.kpasswd.PasswdUtil;
+import org.apache.kerby.kerberos.kerb.transport.KrbNetwork;
+import org.apache.kerby.kerberos.kerb.transport.KrbTransport;
+import org.apache.kerby.kerberos.kerb.transport.TransportPair;
+
+import java.io.IOException;
+
+/**
+ * A default krb client implementation.
+ */
+public class DefaultInternalPasswdClient extends AbstractInternalPasswdClient {
+
+    private DefaultPasswdHandler passwdHandler;
+    private KrbTransport transport;
+
+    public DefaultInternalPasswdClient(PasswdSetting krbSetting) {
+        super(krbSetting);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    @Override
+    public void init() throws KrbException {
+        super.init();
+
+        this.passwdHandler = new DefaultPasswdHandler();
+        passwdHandler.init(getContext());
+
+        TransportPair tpair = PasswdUtil.getTransportPair(getSetting());
+        KrbNetwork network = new KrbNetwork();
+        network.setSocketTimeout(getSetting().getTimeout());
+        try {
+            transport = network.connect(tpair);
+        } catch (IOException e) {
+            throw new KrbException("Failed to create transport", e);
+        } finally {
+            transport.release();
+        }
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/DefaultPasswdHandler.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/DefaultPasswdHandler.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/DefaultPasswdHandler.java
new file mode 100644
index 0000000..dc82983
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/DefaultPasswdHandler.java
@@ -0,0 +1,61 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd.impl;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.admin.kpasswd.PasswdHandler;
+import org.apache.kerby.kerberos.kerb.admin.kpasswd.request.PasswdRequest;
+import org.apache.kerby.kerberos.kerb.transport.KrbTransport;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+
+public class DefaultPasswdHandler extends PasswdHandler {
+
+    /**
+     * Client handle request.
+     * Use super.handleRequest to send message,
+     * and use this.handleRequest to receive message.
+     */
+    @Override
+    public void handleRequest(PasswdRequest passwdRequest) throws KrbException {
+        /** super is used to send messsage*/
+        super.handleRequest(passwdRequest);
+
+        KrbTransport transport = passwdRequest.getTransport();
+        ByteBuffer receiveMessage = null;
+        try {
+            receiveMessage = transport.receiveMessage();
+        } catch (IOException e) {
+            throw new KrbException("Client receives response message failed.");
+        }
+        super.onResponseMessage(passwdRequest, receiveMessage);
+    }
+
+    /**
+     * Override super's sendMessage method.
+     */
+    @Override
+    protected void sendMessage(PasswdRequest passwdRequest,
+                               ByteBuffer requestMessage) throws IOException {
+        KrbTransport transport = passwdRequest.getTransport();
+        transport.sendMessage(requestMessage);
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/InternalPasswdClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/InternalPasswdClient.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/InternalPasswdClient.java
new file mode 100644
index 0000000..55f30c2
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/impl/InternalPasswdClient.java
@@ -0,0 +1,41 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd.impl;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.admin.kpasswd.PasswdSetting;
+
+/**
+ * An internal krb client interface.
+ */
+public interface InternalPasswdClient {
+
+    /**
+     * Init with all the necessary options.
+     * @throws KrbException e
+     */
+    void init() throws KrbException;
+
+    /**
+     * Get krb client settings.
+     * @return setting
+     */
+    PasswdSetting getSetting();
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/70fd3d0c/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/request/PasswdRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/request/PasswdRequest.java
b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/request/PasswdRequest.java
new file mode 100644
index 0000000..7f8868c
--- /dev/null
+++ b/kerby-kerb/kerb-admin/src/main/java/org/apache/kerby/kerberos/kerb/admin/kpasswd/request/PasswdRequest.java
@@ -0,0 +1,42 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.admin.kpasswd.request;
+
+import org.apache.kerby.kerberos.kerb.transport.KrbTransport;
+
+/**
+ * There is only one kind of password request,
+ * that is the change password request.
+ */
+public class PasswdRequest {
+    private KrbTransport transport;
+
+    public void setTransport(KrbTransport transport) {
+        this.transport = transport;
+    }
+
+    public KrbTransport getTransport() {
+        return transport;
+    }
+
+    public void process() {
+
+    }
+}
\ No newline at end of file


Mime
View raw message