List of usage examples for javax.security.auth.login LoginContext LoginContext
public LoginContext(String name, Subject subject, CallbackHandler callbackHandler, Configuration config) throws LoginException
From source file:org.apache.hadoop.security.SecureClientLogin.java
public synchronized static Subject loginUserFromKeytab(String user, String path) throws IOException { try {//from ww w. j av a 2 s . com Subject subject = new Subject(); SecureClientLoginConfiguration loginConf = new SecureClientLoginConfiguration(true, user, path); LoginContext login = new LoginContext("hadoop-keytab-kerberos", subject, null, loginConf); subject.getPrincipals().add(new User(user, AuthenticationMethod.KERBEROS, login)); login.login(); return login.getSubject(); } catch (LoginException le) { throw new IOException("Login failure for " + user + " from keytab " + path, le); } }
From source file:org.apache.hadoop.security.SecureClientLogin.java
public synchronized static Subject loginUserFromKeytab(String user, String path, String nameRules) throws IOException { try {// www . j a v a 2s. com Subject subject = new Subject(); SecureClientLoginConfiguration loginConf = new SecureClientLoginConfiguration(true, user, path); LoginContext login = new LoginContext("hadoop-keytab-kerberos", subject, null, loginConf); KerberosName.setRules(nameRules); subject.getPrincipals().add(new User(user, AuthenticationMethod.KERBEROS, login)); login.login(); return login.getSubject(); } catch (LoginException le) { throw new IOException("Login failure for " + user + " from keytab " + path, le); } }
From source file:org.apache.hadoop.security.SecureClientLogin.java
public synchronized static Subject loginUserWithPassword(String user, String password) throws IOException { String tmpPass = password;/* w w w .ja v a 2 s . c om*/ try { Subject subject = new Subject(); SecureClientLoginConfiguration loginConf = new SecureClientLoginConfiguration(false, user, password); LoginContext login = new LoginContext("hadoop-keytab-kerberos", subject, null, loginConf); subject.getPrincipals().add(new User(user, AuthenticationMethod.KERBEROS, login)); login.login(); return login.getSubject(); } catch (LoginException le) { throw new IOException("Login failure for " + user + " using password " + tmpPass.replaceAll(".", "*"), le); } }
From source file:org.apache.hadoop.security.token.delegation.web.TestWebDelegationToken.java
public static <T> T doAsKerberosUser(String principal, String keytab, final Callable<T> callable) throws Exception { LoginContext loginContext = null; try {// w w w . j a v a 2 s . co m Set<Principal> principals = new HashSet<Principal>(); principals.add(new KerberosPrincipal(principal)); Subject subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>()); loginContext = new LoginContext("", subject, null, new KerberosConfiguration(principal, keytab)); loginContext.login(); subject = loginContext.getSubject(); return Subject.doAs(subject, new PrivilegedExceptionAction<T>() { @Override public T run() throws Exception { return callable.call(); } }); } catch (PrivilegedActionException ex) { throw ex.getException(); } finally { if (loginContext != null) { loginContext.logout(); } } }
From source file:org.apache.hadoop.security.UserGroupInformation.java
private static LoginContext newLoginContext(String appName, Subject subject) throws LoginException { return new LoginContext(appName, subject, null, new HadoopConfiguration()); }
From source file:org.apache.lens.client.SpnegoClientFilter.java
private LoginContext buildLoginContext() throws LoginException { ClientLoginConfig loginConfig = new ClientLoginConfig(keyTabLocation, userPrincipal); Subject subject = null;//from www . j a v a 2 s . c om if (StringUtils.isNotBlank(keyTabLocation) && StringUtils.isNotBlank(userPrincipal)) { Set<Principal> princ = new HashSet<>(1); princ.add(new KerberosPrincipal(userPrincipal)); subject = new Subject(false, princ, new HashSet<>(), new HashSet<>()); } LoginContext lc = new LoginContext("", subject, null, loginConfig); return lc; }
From source file:org.apache.lens.server.auth.SpnegoAuthenticationFilter.java
private Subject loginAndGetSubject() throws LoginException { // The login without a callback can work if // - Kerberos keytabs are used with a principal name set in the JAAS config // - Kerberos is integrated into the OS logon process // meaning that a process which runs this code has the // user identity LoginContext lc = null;//w w w.j a va2s .co m if (loginConfig != null) { lc = new LoginContext("", null, null, loginConfig); } else { log.info("LoginContext can not be initialized"); throw new LoginException(); } lc.login(); return lc.getSubject(); }
From source file:org.apache.nifi.security.krb.KerberosKeytabUser.java
@Override protected LoginContext createLoginContext(Subject subject) throws LoginException { final Configuration config = new KeytabConfiguration(principal, keytabFile); return new LoginContext("KeytabConf", subject, null, config); }
From source file:org.apache.nifi.security.krb.KerberosPasswordUser.java
@Override protected LoginContext createLoginContext(final Subject subject) throws LoginException { final Configuration configuration = new PasswordConfig(); final CallbackHandler callbackHandler = new UsernamePasswordCallbackHandler(principal, password); return new LoginContext("PasswordConf", subject, callbackHandler, configuration); }
From source file:org.apache.nifi.security.krb.StandardKeytabUser.java
/** * Performs a login using the specified principal and keytab. * * @throws LoginException if the login fails */// www . jav a 2 s . co m @Override public synchronized void login() throws LoginException { if (isLoggedIn()) { return; } try { // If it's the first time ever calling login then we need to initialize a new context if (loginContext == null) { LOGGER.debug("Initializing new login context..."); this.subject = new Subject(); final Configuration config = new KeytabConfiguration(principal, keytabFile); this.loginContext = new LoginContext("KeytabConf", subject, null, config); } loginContext.login(); loggedIn.set(true); LOGGER.debug("Successful login for {}", new Object[] { principal }); } catch (LoginException le) { throw new LoginException( "Unable to login with " + principal + " and " + keytabFile + " due to: " + le.getMessage()); } }