78 }
79 KDC.saveConfig(KRB5_CONF, this,
80 "forwardable = true",
81 "default_keytab_name = " + KTAB,
82 extraConfig);
83 System.setProperty("java.security.krb5.conf", KRB5_CONF);
84 // Whatever krb5.conf had been loaded before, we reload ours now.
85 Config.refresh();
86
87 writeKtab(KTAB);
88 Security.setProperty("auth.login.defaultCallbackHandler",
89 "OneKDC$CallbackForClient");
90 }
91
92 /**
93 * Writes a JAAS login config file, which contains as many as useful
94 * entries, including JGSS style initiator/acceptor and normal JAAS
95 * entries with names using existing OneKDC principals.
96 * @throws java.lang.Exception if anything goes wrong
97 */
98 public void writeJAASConf() throws IOException {
99 System.setProperty("java.security.auth.login.config", JAAS_CONF);
100 File f = new File(JAAS_CONF);
101 FileOutputStream fos = new FileOutputStream(f);
102 fos.write((
103 "com.sun.security.jgss.krb5.initiate {\n" +
104 " com.sun.security.auth.module.Krb5LoginModule required;\n};\n" +
105 "com.sun.security.jgss.krb5.accept {\n" +
106 " com.sun.security.auth.module.Krb5LoginModule required\n" +
107 " principal=\"*\"\n" +
108 " useKeyTab=true\n" +
109 " isInitiator=false\n" +
110 " storeKey=true;\n};\n" +
111 "client {\n" +
112 " com.sun.security.auth.module.Krb5LoginModule required;\n};\n" +
113 "server {\n" +
114 " com.sun.security.auth.module.Krb5LoginModule required\n" +
115 " principal=\"" + SERVER + "\"\n" +
116 " useKeyTab=true\n" +
117 " storeKey=true;\n};\n" +
118 "backend {\n" +
119 " com.sun.security.auth.module.Krb5LoginModule required\n" +
120 " principal=\"" + BACKEND + "\"\n" +
121 " useKeyTab=true\n" +
122 " storeKey=true\n" +
123 " isInitiator=false;\n};\n"
124 ).getBytes());
125 fos.close();
126 }
127
128 /**
129 * The default callback handler for JAAS login. Note that this handler is
130 * hard coded to provide only info for USER1. If you need to provide info
131 * for another principal, please use Context.fromUserPass() instead.
132 */
133 public static class CallbackForClient implements CallbackHandler {
134 public void handle(Callback[] callbacks) {
135 String user = OneKDC.USER;
136 char[] pass = OneKDC.PASS;
137 for (Callback callback : callbacks) {
138 if (callback instanceof NameCallback) {
139 System.out.println("Callback for name: " + user);
140 ((NameCallback) callback).setName(user);
141 }
142 if (callback instanceof PasswordCallback) {
143 System.out.println("Callback for pass: "
144 + new String(pass));
145 ((PasswordCallback) callback).setPassword(pass);
|
78 }
79 KDC.saveConfig(KRB5_CONF, this,
80 "forwardable = true",
81 "default_keytab_name = " + KTAB,
82 extraConfig);
83 System.setProperty("java.security.krb5.conf", KRB5_CONF);
84 // Whatever krb5.conf had been loaded before, we reload ours now.
85 Config.refresh();
86
87 writeKtab(KTAB);
88 Security.setProperty("auth.login.defaultCallbackHandler",
89 "OneKDC$CallbackForClient");
90 }
91
92 /**
93 * Writes a JAAS login config file, which contains as many as useful
94 * entries, including JGSS style initiator/acceptor and normal JAAS
95 * entries with names using existing OneKDC principals.
96 * @throws java.lang.Exception if anything goes wrong
97 */
98 public OneKDC writeJAASConf() throws IOException {
99 System.setProperty("java.security.auth.login.config", JAAS_CONF);
100 File f = new File(JAAS_CONF);
101 FileOutputStream fos = new FileOutputStream(f);
102 fos.write((
103 "com.sun.security.jgss.krb5.initiate {\n" +
104 " com.sun.security.auth.module.Krb5LoginModule required;\n};\n" +
105 "com.sun.security.jgss.krb5.accept {\n" +
106 " com.sun.security.auth.module.Krb5LoginModule required\n" +
107 " principal=\"*\"\n" +
108 " useKeyTab=true\n" +
109 " isInitiator=false\n" +
110 " storeKey=true;\n};\n" +
111 "client {\n" +
112 " com.sun.security.auth.module.Krb5LoginModule required;\n};\n" +
113 "server {\n" +
114 " com.sun.security.auth.module.Krb5LoginModule required\n" +
115 " principal=\"" + SERVER + "\"\n" +
116 " useKeyTab=true\n" +
117 " storeKey=true;\n};\n" +
118 "backend {\n" +
119 " com.sun.security.auth.module.Krb5LoginModule required\n" +
120 " principal=\"" + BACKEND + "\"\n" +
121 " useKeyTab=true\n" +
122 " storeKey=true\n" +
123 " isInitiator=false;\n};\n"
124 ).getBytes());
125 fos.close();
126 return this;
127 }
128
129 /**
130 * The default callback handler for JAAS login. Note that this handler is
131 * hard coded to provide only info for USER1. If you need to provide info
132 * for another principal, please use Context.fromUserPass() instead.
133 */
134 public static class CallbackForClient implements CallbackHandler {
135 public void handle(Callback[] callbacks) {
136 String user = OneKDC.USER;
137 char[] pass = OneKDC.PASS;
138 for (Callback callback : callbacks) {
139 if (callback instanceof NameCallback) {
140 System.out.println("Callback for name: " + user);
141 ((NameCallback) callback).setName(user);
142 }
143 if (callback instanceof PasswordCallback) {
144 System.out.println("Callback for pass: "
145 + new String(pass));
146 ((PasswordCallback) callback).setPassword(pass);
|