Refine search
@Override public AppConfigurationEntry[] getAppConfigurationEntry(String name) { return new AppConfigurationEntry[] { new AppConfigurationEntry( KERBEROS_LOGIN_MODULE, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options)}; } };
subject = login.getSubject(); isKrbTicket = !subject.getPrivateCredentials(KerberosTicket.class).isEmpty(); AppConfigurationEntry entries[] = Configuration.getConfiguration().getAppConfigurationEntry(loginContextName); for (AppConfigurationEntry entry : entries) { if (entry.getOptions().get("useTicketCache") != null) { String val = (String) entry.getOptions().get("useTicketCache"); if (val.equals("true")) { isUsingTicketCache = true; if (entry.getOptions().get("keyTab") != null) { keytabFile = (String) entry.getOptions().get("keyTab"); isUsingKeytab = true; if (entry.getOptions().get("principal") != null) { principal = (String) entry.getOptions().get("principal");
private void checkEntry(AppConfigurationEntry entry, String loginModule, LoginModuleControlFlag controlFlag, Map<String, ?> options) { assertEquals(loginModule, entry.getLoginModuleName()); assertEquals(controlFlag, entry.getControlFlag()); assertEquals(options, entry.getOptions()); }
/** * Returns the configuration option for <code>key</code> from this context. * If login module name is specified, return option value only from that module. */ public static String configEntryOption(List<AppConfigurationEntry> configurationEntries, String key, String loginModuleName) { for (AppConfigurationEntry entry : configurationEntries) { if (loginModuleName != null && !loginModuleName.equals(entry.getLoginModuleName())) continue; Object val = entry.getOptions().get(key); if (val != null) return (String) val; } return null; }
@Override public AppConfigurationEntry[] getAppConfigurationEntry(String appName) { if (loginContextName.equals(appName)) { Map<String, String> krbOptions = new HashMap<String, String>(); krbOptions.put("doNotPrompt", "true"); krbOptions.put("storeKey", "true"); krbOptions.put("useKeyTab", "true"); krbOptions.put("principal", principal); krbOptions.put("keyTab", keyTabFile); krbOptions.put("refreshKrb5Config", "true"); AppConfigurationEntry zooKeeperClientEntry = new AppConfigurationEntry( KerberosUtil.getKrb5LoginModuleName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, krbOptions); return new AppConfigurationEntry[] { zooKeeperClientEntry }; } // Try the base config if (baseConfig != null) { return baseConfig.getAppConfigurationEntry(appName); } return null; } }
public static String get(Configuration configuration, String section, String key) throws IOException { AppConfigurationEntry configurationEntries[] = configuration.getAppConfigurationEntry(section); if (configurationEntries == null) { String errorMessage = "Could not find a '" + section + "' entry in this configuration."; throw new IOException(errorMessage); } for (AppConfigurationEntry entry : configurationEntries) { Object val = entry.getOptions().get(key); if (val != null) return (String) val; } return null; } }
AppConfigurationEntry[] dynamicEntries = configuration.getAppConfigurationEntry(clientContextName); assertEquals(moduleCount, dynamicEntries.length); AppConfigurationEntry[] staticEntries = Configuration.getConfiguration().getAppConfigurationEntry(serverContextName); for (int i = 0; i < moduleCount; i++) { AppConfigurationEntry staticEntry = staticEntries[i]; checkEntry(staticEntry, dynamicEntries[i].getLoginModuleName(), LoginModuleControlFlag.REQUIRED, dynamicEntries[i].getOptions());
@Override public void afterSingletonsInstantiated() { // only use programmatic support if a file is not set via system property if (this.ignoreJavaLoginConfigParamSystemProperty) { Map<String, AppConfigurationEntry[]> configurationEntries = new HashMap<>(); AppConfigurationEntry kafkaClientConfigurationEntry = new AppConfigurationEntry( this.loginModule, this.controlFlag, this.options); configurationEntries.put(KAFKA_CLIENT_CONTEXT_NAME, new AppConfigurationEntry[] { kafkaClientConfigurationEntry }); Configuration.setConfiguration(new InternalConfiguration(configurationEntries)); // Workaround for a 0.9 client issue where even if the Configuration is // set // a system property check is performed. // Since the Configuration already exists, this will be ignored. if (this.placeholderJaasConfiguration != null) { System.setProperty(JaasUtils.JAVA_LOGIN_CONFIG_PARAM, this.placeholderJaasConfiguration.getAbsolutePath()); } } }
private AppConfigurationEntry createProxyEntry(AppConfigurationEntry entry) { Map<String, Object> options = new HashMap<>(entry.getOptions()); options.put(ProxyLoginModule.LOGIN_MODULE_OPTION_KEY, entry.getLoginModuleName()); return new AppConfigurationEntry(ProxyLoginModule.class.getName(), entry.getControlFlag(), options); }
@SuppressWarnings("unchecked") @Override public void configure(Map<String, ?> configs, String saslMechanism, List<AppConfigurationEntry> jaasConfigEntries) { if (!OAuthBearerLoginModule.OAUTHBEARER_MECHANISM.equals(saslMechanism)) throw new IllegalArgumentException(String.format("Unexpected SASL mechanism: %s", saslMechanism)); if (Objects.requireNonNull(jaasConfigEntries).size() != 1 || jaasConfigEntries.get(0) == null) throw new IllegalArgumentException( String.format("Must supply exactly 1 non-null JAAS mechanism configuration (size was %d)", jaasConfigEntries.size())); this.moduleOptions = Collections.unmodifiableMap((Map<String, String>) jaasConfigEntries.get(0).getOptions()); configured = true; }
public String getLoginModuleFQCN() { return entry.getLoginModuleName(); }
public AppConfigurationEntry.LoginModuleControlFlag getFlag() { return entry.getControlFlag(); }
@Override public AppConfigurationEntry[] getAppConfigurationEntry(String appName) { if (loginContextName.equals(appName)) { Map<String, String> krbOptions = new HashMap<String, String>(); if (IBM_JAVA) { krbOptions.put("credsType", "both"); krbOptions.put("useKeytab", keyTabFile); } else { krbOptions.put("doNotPrompt", "true"); krbOptions.put("storeKey", "true"); krbOptions.put("useKeyTab", "true"); krbOptions.put("keyTab", keyTabFile); } krbOptions.put("principal", principal); krbOptions.put("refreshKrb5Config", "true"); AppConfigurationEntry hiveZooKeeperClientEntry = new AppConfigurationEntry( KerberosUtil.getKrb5LoginModuleName(), LoginModuleControlFlag.REQUIRED, krbOptions); return new AppConfigurationEntry[] { hiveZooKeeperClientEntry }; } // Try the base config if (baseConfig != null) { return baseConfig.getAppConfigurationEntry(appName); } return null; } }
/** * Constructor based on a JAAS configuration * * For digest, you should have a pair of user name and password defined. * * @param configuration * @throws IOException */ public ClientCallbackHandler(Configuration configuration) throws IOException { if (configuration == null) return; AppConfigurationEntry configurationEntries[] = configuration.getAppConfigurationEntry(AuthUtils.LOGIN_CONTEXT_CLIENT); if (configurationEntries == null) { String errorMessage = "Could not find a '" + AuthUtils.LOGIN_CONTEXT_CLIENT + "' entry in this configuration: Client cannot start."; throw new IOException(errorMessage); } _password = ""; for (AppConfigurationEntry entry : configurationEntries) { if (entry.getOptions().get(USERNAME) != null) { _username = (String) entry.getOptions().get(USERNAME); } if (entry.getOptions().get(PASSWORD) != null) { _password = (String) entry.getOptions().get(PASSWORD); } } }
FileBasedSecStoreConfig getConfiguration() throws Exception { Configuration securityConfig = Configuration.getConfiguration(); AppConfigurationEntry[] entries = securityConfig.getAppConfigurationEntry(entry); for (AppConfigurationEntry entry : entries) { if (entry.getLoginModuleName().equals(PropertiesLoginModule.class.getName())) { String userFileName = (String) entry.getOptions().get(USER_FILE_PROP_NAME); String roleFileName = (String) entry.getOptions().get(ROLE_FILE_PROP_NAME); File etcDir = new File(getBrokerEtc()); File userFile = new File(etcDir, userFileName); File roleFile = new File(etcDir, roleFileName); if (!userFile.exists() || !roleFile.exists()) { throw new IllegalArgumentException("Couldn't find user file or role file!"); } return new FileBasedSecStoreConfig(userFile, roleFile); } } throw new IllegalArgumentException("Failed to load security file"); }
@SuppressWarnings("unchecked") @Override public void configure(Map<String, ?> configs, String saslMechanism, List<AppConfigurationEntry> jaasConfigEntries) { if (!OAuthBearerLoginModule.OAUTHBEARER_MECHANISM.equals(saslMechanism)) throw new IllegalArgumentException(String.format("Unexpected SASL mechanism: %s", saslMechanism)); if (Objects.requireNonNull(jaasConfigEntries).size() != 1 || jaasConfigEntries.get(0) == null) throw new IllegalArgumentException( String.format("Must supply exactly 1 non-null JAAS mechanism configuration (size was %d)", jaasConfigEntries.size())); final Map<String, String> unmodifiableModuleOptions = Collections .unmodifiableMap((Map<String, String>) jaasConfigEntries.get(0).getOptions()); this.moduleOptions = unmodifiableModuleOptions; configured = true; }
public String getLoginModuleFQCN() { return entry.getLoginModuleName(); }
public AppConfigurationEntry.LoginModuleControlFlag getFlag() { return entry.getControlFlag(); }
@Override public AppConfigurationEntry[] getAppConfigurationEntry(String name) { return new AppConfigurationEntry[] { new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, customLoginConfig)}; } };
subject = login.getSubject(); isKrbTicket = !subject.getPrivateCredentials(KerberosTicket.class).isEmpty(); AppConfigurationEntry entries[] = Configuration.getConfiguration().getAppConfigurationEntry(loginContextName); for (AppConfigurationEntry entry: entries) { if (entry.getOptions().get("useTicketCache") != null) { String val = (String)entry.getOptions().get("useTicketCache"); if (val.equals("true")) { isUsingTicketCache = true; if (entry.getOptions().get("principal") != null) { principal = (String)entry.getOptions().get("principal");