279 *
280 * [capaths]
281 * TIVOLI.COM = {
282 * IBM.COM = IBM_LDAPCENTRAL.COM MOONLITE.ORG
283 * IBM_LDAPCENTRAL.COM = LDAPCENTRAL.NET
284 * LDAPCENTRAL.NET = .
285 * }
286 *
287 * TIVOLI.COM has a direct path to LDAPCENTRAL.NET, which has a direct
288 * path to IBM_LDAPCENTRAL.COM. It also has a partial path to IBM.COM
289 * being "IBM_LDAPCENTRAL.COM MOONLITE.ORG". Merging these info together,
290 * a full path from TIVOLI.COM to IBM.COM will be
291 *
292 * TIVOLI.COM -> LDAPCENTRAL.NET -> IBM_LDAPCENTRAL.COM
293 * -> IBM_LDAPCENTRAL.COM -> MOONLITE.ORG
294 *
295 * Please note the sRealm IBM.COM does not appear in the path.
296 *
297 * @param cRealm the initiating realm
298 * @param sRealm the target realm, not the same as cRealm
299 * @returns array of realms including at least cRealm as the first
300 * element
301 * @throws KrbException if the config does not contain a sub-stanza
302 * for cRealm in [capaths] or the sub-stanza does not contain
303 * sRealm as a tag
304 */
305 private static String[] parseCapaths(String cRealm, String sRealm)
306 throws KrbException {
307
308 // This line could throw a KrbException
309 Config cfg = Config.getInstance();
310
311 if (!cfg.exists("capaths", cRealm, sRealm)) {
312 throw new KrbException("No conf");
313 }
314
315 LinkedList<String> path = new LinkedList<>();
316
317 String head = sRealm;
318 while (true) {
319 String value = cfg.getAll("capaths", cRealm, head);
330 || more[i].equals(head)) {
331 // Ignore invalid values
332 continue;
333 }
334 changed = true;
335 path.addFirst(more[i]);
336 }
337 if (!changed) break;
338 head = path.getFirst();
339 }
340 path.addFirst(cRealm);
341 return path.toArray(new String[path.size()]);
342 }
343
344 /**
345 * Build a list of realm that can be traversed
346 * to obtain credentials from the initiating realm cRealm
347 * for a service in the target realm sRealm.
348 * @param cRealm the initiating realm
349 * @param sRealm the target realm, not the same as cRealm
350 * @returns array of realms including cRealm as the first element
351 */
352 private static String[] parseHierarchy(String cRealm, String sRealm) {
353
354 String[] cComponents = cRealm.split("\\.");
355 String[] sComponents = sRealm.split("\\.");
356
357 int cPos = cComponents.length;
358 int sPos = sComponents.length;
359
360 boolean hasCommon = false;
361 for (sPos--, cPos--; sPos >=0 && cPos >= 0 &&
362 sComponents[sPos].equals(cComponents[cPos]);
363 sPos--, cPos--) {
364 hasCommon = true;
365 }
366
367 // For those with common components:
368 // length pos
369 // SITES1.SALES.EXAMPLE.COM 4 1
370 // EVERYWHERE.EXAMPLE.COM 3 0
|
279 *
280 * [capaths]
281 * TIVOLI.COM = {
282 * IBM.COM = IBM_LDAPCENTRAL.COM MOONLITE.ORG
283 * IBM_LDAPCENTRAL.COM = LDAPCENTRAL.NET
284 * LDAPCENTRAL.NET = .
285 * }
286 *
287 * TIVOLI.COM has a direct path to LDAPCENTRAL.NET, which has a direct
288 * path to IBM_LDAPCENTRAL.COM. It also has a partial path to IBM.COM
289 * being "IBM_LDAPCENTRAL.COM MOONLITE.ORG". Merging these info together,
290 * a full path from TIVOLI.COM to IBM.COM will be
291 *
292 * TIVOLI.COM -> LDAPCENTRAL.NET -> IBM_LDAPCENTRAL.COM
293 * -> IBM_LDAPCENTRAL.COM -> MOONLITE.ORG
294 *
295 * Please note the sRealm IBM.COM does not appear in the path.
296 *
297 * @param cRealm the initiating realm
298 * @param sRealm the target realm, not the same as cRealm
299 * @return array of realms including at least cRealm as the first
300 * element
301 * @throws KrbException if the config does not contain a sub-stanza
302 * for cRealm in [capaths] or the sub-stanza does not contain
303 * sRealm as a tag
304 */
305 private static String[] parseCapaths(String cRealm, String sRealm)
306 throws KrbException {
307
308 // This line could throw a KrbException
309 Config cfg = Config.getInstance();
310
311 if (!cfg.exists("capaths", cRealm, sRealm)) {
312 throw new KrbException("No conf");
313 }
314
315 LinkedList<String> path = new LinkedList<>();
316
317 String head = sRealm;
318 while (true) {
319 String value = cfg.getAll("capaths", cRealm, head);
330 || more[i].equals(head)) {
331 // Ignore invalid values
332 continue;
333 }
334 changed = true;
335 path.addFirst(more[i]);
336 }
337 if (!changed) break;
338 head = path.getFirst();
339 }
340 path.addFirst(cRealm);
341 return path.toArray(new String[path.size()]);
342 }
343
344 /**
345 * Build a list of realm that can be traversed
346 * to obtain credentials from the initiating realm cRealm
347 * for a service in the target realm sRealm.
348 * @param cRealm the initiating realm
349 * @param sRealm the target realm, not the same as cRealm
350 * @return array of realms including cRealm as the first element
351 */
352 private static String[] parseHierarchy(String cRealm, String sRealm) {
353
354 String[] cComponents = cRealm.split("\\.");
355 String[] sComponents = sRealm.split("\\.");
356
357 int cPos = cComponents.length;
358 int sPos = sComponents.length;
359
360 boolean hasCommon = false;
361 for (sPos--, cPos--; sPos >=0 && cPos >= 0 &&
362 sComponents[sPos].equals(cComponents[cPos]);
363 sPos--, cPos--) {
364 hasCommon = true;
365 }
366
367 // For those with common components:
368 // length pos
369 // SITES1.SALES.EXAMPLE.COM 4 1
370 // EVERYWHERE.EXAMPLE.COM 3 0
|