List of usage examples for org.apache.zookeeper.server.auth KerberosName toString
@Override
public String toString()
From source file:blazingcache.security.sasl.SaslNettyClient.java
License:Apache License
/** * Create a SaslNettyClient for authentication with servers. *//*from w w w . ja va 2 s . c om*/ public SaslNettyClient(String username, String password, String serverHostname) throws Exception { String serverPrincipal = "blazingcache/" + serverHostname; clientSubject = loginClient(); if (clientSubject == null) { LOG.log(Level.SEVERE, "Using plain SASL/DIGEST-MD5 auth to connect to " + serverHostname); saslClient = Sasl.createSaslClient(new String[] { SaslUtils.AUTH_DIGEST_MD5 }, null, null, SaslUtils.DEFAULT_REALM, SaslUtils.getSaslProps(), new SaslClientCallbackHandler(username, password.toCharArray())); } else if (clientSubject.getPrincipals().isEmpty()) { LOG.log(Level.SEVERE, "Using JAAS/SASL/DIGEST-MD5 auth to connect to " + serverPrincipal); String[] mechs = { "DIGEST-MD5" }; username = (String) (clientSubject.getPublicCredentials().toArray()[0]); password = (String) (clientSubject.getPrivateCredentials().toArray()[0]); saslClient = Sasl.createSaslClient(mechs, username, "blazingcache", "blazingcache", null, new ClientCallbackHandler(password)); } else { // GSSAPI. final Object[] principals = clientSubject.getPrincipals().toArray(); // determine client principal from subject. final Principal clientPrincipal = (Principal) principals[0]; final KerberosName clientKerberosName = new KerberosName(clientPrincipal.getName()); KerberosName serviceKerberosName = new KerberosName( serverPrincipal + "@" + clientKerberosName.getRealm()); final String serviceName = serviceKerberosName.getServiceName(); final String serviceHostname = serviceKerberosName.getHostName(); final String clientPrincipalName = clientKerberosName.toString(); LOG.log(Level.SEVERE, "Using JAAS/SASL/GSSAPI auth to connect to server Principal " + serverPrincipal); saslClient = Subject.doAs(clientSubject, new PrivilegedExceptionAction<SaslClient>() { @Override public SaslClient run() throws SaslException { String[] mechs = { "GSSAPI" }; return Sasl.createSaslClient(mechs, clientPrincipalName, serviceName, serviceHostname, null, new ClientCallbackHandler(null)); } }); } if (saslClient == null) { throw new IOException("Cannot create JVM SASL Client"); } }
From source file:herddb.security.sasl.SaslNettyClient.java
License:Apache License
/** * Create a SaslNettyClient for authentication with servers. *///w w w .j a v a 2 s . com public SaslNettyClient(String username, String password, String serverHostname) throws Exception { String serverPrincipal = "herddb/" + serverHostname; clientSubject = loginClient(); if (clientSubject == null) { LOG.log(Level.FINEST, "Using plain SASL/DIGEST-MD5 auth to connect to " + serverHostname); saslClient = Sasl.createSaslClient(new String[] { SaslUtils.AUTH_DIGEST_MD5 }, null, null, SaslUtils.DEFAULT_REALM, SaslUtils.getSaslProps(), new SaslClientCallbackHandler(username, password.toCharArray())); } else if (clientSubject.getPrincipals().isEmpty()) { LOG.log(Level.FINEST, "Using JAAS/SASL/DIGEST-MD5 auth to connect to " + serverPrincipal); String[] mechs = { "DIGEST-MD5" }; username = (String) (clientSubject.getPublicCredentials().toArray()[0]); password = (String) (clientSubject.getPrivateCredentials().toArray()[0]); saslClient = Sasl.createSaslClient(mechs, username, "herddb", "herddb", null, new ClientCallbackHandler(password)); } else { // GSSAPI. final Object[] principals = clientSubject.getPrincipals().toArray(); // determine client principal from subject. final Principal clientPrincipal = (Principal) principals[0]; final KerberosName clientKerberosName = new KerberosName(clientPrincipal.getName()); KerberosName serviceKerberosName = new KerberosName( serverPrincipal + "@" + clientKerberosName.getRealm()); final String serviceName = serviceKerberosName.getServiceName(); final String serviceHostname = serviceKerberosName.getHostName(); final String clientPrincipalName = clientKerberosName.toString(); LOG.log(Level.FINEST, "Using JAAS/SASL/GSSAPI auth to connect to server Principal " + serverPrincipal); saslClient = Subject.doAs(clientSubject, new PrivilegedExceptionAction<SaslClient>() { @Override public SaslClient run() throws SaslException { String[] mechs = { "GSSAPI" }; return Sasl.createSaslClient(mechs, clientPrincipalName, serviceName, serviceHostname, null, new ClientCallbackHandler(null)); } }); } if (saslClient == null) { throw new IOException("Cannot create JVM SASL Client"); } }
From source file:majordodo.security.sasl.SaslNettyClient.java
License:Apache License
/** * Create a SaslNettyClient for authentication with servers. */// w w w .j a v a 2s. c om public SaslNettyClient(String username, String password, String serverHostname) throws Exception { String serverPrincipal = "majordodo/" + serverHostname; clientSubject = loginClient(); if (clientSubject == null) { LOG.log(Level.SEVERE, "Using plain SASL/DIGEST-MD5 auth to connect to " + serverHostname); saslClient = Sasl.createSaslClient(new String[] { SaslUtils.AUTH_DIGEST_MD5 }, null, null, SaslUtils.DEFAULT_REALM, SaslUtils.getSaslProps(), new SaslClientCallbackHandler(username, password.toCharArray())); } else if (clientSubject.getPrincipals().isEmpty()) { LOG.log(Level.SEVERE, "Using JAAS/SASL/DIGEST-MD5 auth to connect to " + serverPrincipal); String[] mechs = { "DIGEST-MD5" }; username = (String) (clientSubject.getPublicCredentials().toArray()[0]); password = (String) (clientSubject.getPrivateCredentials().toArray()[0]); saslClient = Sasl.createSaslClient(mechs, username, "majordodo", "majordodo", null, new ClientCallbackHandler(password)); } else { // GSSAPI. final Object[] principals = clientSubject.getPrincipals().toArray(); // determine client principal from subject. final Principal clientPrincipal = (Principal) principals[0]; final KerberosName clientKerberosName = new KerberosName(clientPrincipal.getName()); KerberosName serviceKerberosName = new KerberosName( serverPrincipal + "@" + clientKerberosName.getRealm()); final String serviceName = serviceKerberosName.getServiceName(); final String serviceHostname = serviceKerberosName.getHostName(); final String clientPrincipalName = clientKerberosName.toString(); LOG.log(Level.SEVERE, "Using JAAS/SASL/GSSAPI auth to connect to server Principal " + serverPrincipal); saslClient = Subject.doAs(clientSubject, new PrivilegedExceptionAction<SaslClient>() { @Override public SaslClient run() throws SaslException { String[] mechs = { "GSSAPI" }; return Sasl.createSaslClient(mechs, clientPrincipalName, serviceName, serviceHostname, null, new ClientCallbackHandler(null)); } }); } if (saslClient == null) { throw new IOException("Cannot create JVM SASL Client"); } }
From source file:org.apache.bookkeeper.sasl.SaslClientState.java
License:Apache License
public SaslClientState(String serverHostname, Subject subject) throws SaslException { String serverPrincipal = SaslConstants.SASL_BOOKKEEPER_PROTOCOL + "/" + serverHostname; this.clientSubject = subject; if (clientSubject == null) { throw new SaslException("Cannot create JAAS Sujbect for SASL"); }//from w w w. j av a 2 s. c o m if (clientSubject.getPrincipals().isEmpty()) { if (LOG.isDebugEnabled()) { LOG.debug("Using JAAS/SASL/DIGEST-MD5 auth to connect to {}", serverPrincipal); } String[] mechs = { "DIGEST-MD5" }; username = (String) (clientSubject.getPublicCredentials().toArray()[0]); password = (String) (clientSubject.getPrivateCredentials().toArray()[0]); saslClient = Sasl.createSaslClient(mechs, username, SaslConstants.SASL_BOOKKEEPER_PROTOCOL, SaslConstants.SASL_MD5_DUMMY_HOSTNAME, null, new ClientCallbackHandler(password)); } else { // GSSAPI/Kerberos final Object[] principals = clientSubject.getPrincipals().toArray(); final Principal clientPrincipal = (Principal) principals[0]; final KerberosName clientKerberosName = new KerberosName(clientPrincipal.getName()); KerberosName serviceKerberosName = new KerberosName( serverPrincipal + "@" + clientKerberosName.getRealm()); final String serviceName = serviceKerberosName.getServiceName(); final String serviceHostname = serviceKerberosName.getHostName(); final String clientPrincipalName = clientKerberosName.toString(); if (LOG.isDebugEnabled()) { LOG.debug("Using JAAS/SASL/GSSAPI auth to connect to server Principal {}", serverPrincipal); } try { saslClient = Subject.doAs(clientSubject, new PrivilegedExceptionAction<SaslClient>() { @Override public SaslClient run() throws SaslException { String[] mechs = { "GSSAPI" }; return Sasl.createSaslClient(mechs, clientPrincipalName, serviceName, serviceHostname, null, new ClientCallbackHandler(null)); } }); } catch (PrivilegedActionException err) { if (LOG.isDebugEnabled()) { LOG.debug("GSSAPI client error", err.getCause()); } throw new SaslException("error while booting GSSAPI client", err.getCause()); } } if (saslClient == null) { throw new SaslException("Cannot create JVM SASL Client"); } }