Example 11 with DestroyFailedException
use of javax.security.auth.DestroyFailedException in project hadoop by apache.
the class UserGroupInformation method fixKerberosTicketOrder.
// if the first kerberos ticket is not TGT, then remove and destroy it since
// the kerberos library of jdk always use the first kerberos ticket as TGT.
// See HADOOP-13433 for more details.
@VisibleForTesting
void fixKerberosTicketOrder() {
Set<Object> creds = getSubject().getPrivateCredentials();
synchronized (creds) {
for (Iterator<Object> iter = creds.iterator(); iter.hasNext(); ) {
Object cred = iter.next();
if (cred instanceof KerberosTicket) {
KerberosTicket ticket = (KerberosTicket) cred;
if (!ticket.getServer().getName().startsWith("krbtgt")) {
LOG.warn("The first kerberos ticket is not TGT" + "(the server principal is {}), remove and destroy it.", ticket.getServer());
iter.remove();
try {
ticket.destroy();
} catch (DestroyFailedException e) {
LOG.warn("destroy ticket failed", e);
}
} else {
return;
}
}
}
}
LOG.warn("Warning, no kerberos ticket found while attempting to renew ticket");
}
Also used :
DestroyFailedException(javax.security.auth.DestroyFailedException)
KerberosTicket(javax.security.auth.kerberos.KerberosTicket)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
Example 12 with DestroyFailedException
use of javax.security.auth.DestroyFailedException in project storm by apache.
the class AutoTGT method clearCredentials.
public static void clearCredentials(Subject subject, KerberosTicket tgt) {
Set<Object> creds = subject.getPrivateCredentials();
synchronized (creds) {
Iterator<Object> iterator = creds.iterator();
while (iterator.hasNext()) {
Object o = iterator.next();
if (o instanceof KerberosTicket) {
KerberosTicket t = (KerberosTicket) o;
iterator.remove();
try {
t.destroy();
} catch (DestroyFailedException e) {
LOG.warn("Failed to destory ticket ", e);
}
}
}
if (tgt != null) {
creds.add(tgt);
}
}
}
Also used :
DestroyFailedException(javax.security.auth.DestroyFailedException)
KerberosTicket(javax.security.auth.kerberos.KerberosTicket)
Example 13 with DestroyFailedException
use of javax.security.auth.DestroyFailedException in project jstorm by alibaba.
the class AutoTGT method populateSubjectWithTGT.
private void populateSubjectWithTGT(Subject subject, Map<String, String> credentials) {
KerberosTicket tgt = getTGT(credentials);
if (tgt != null) {
Set<Object> creds = subject.getPrivateCredentials();
synchronized (creds) {
Iterator<Object> iterator = creds.iterator();
while (iterator.hasNext()) {
Object o = iterator.next();
if (o instanceof KerberosTicket) {
KerberosTicket t = (KerberosTicket) o;
iterator.remove();
try {
t.destroy();
} catch (DestroyFailedException e) {
LOG.warn("Failed to destory ticket ", e);
}
}
}
creds.add(tgt);
}
subject.getPrincipals().add(tgt.getClient());
kerbTicket.set(tgt);
} else {
LOG.info("No TGT found in credentials");
}
}
Also used :
DestroyFailedException(javax.security.auth.DestroyFailedException)
KerberosTicket(javax.security.auth.kerberos.KerberosTicket)
Example 14 with DestroyFailedException
use of javax.security.auth.DestroyFailedException in project j2objc by google.
the class DestroyFailedExceptionTest method testDestroyFailedException01.
/**
* javax.security.auth.DestroyFailedException#DestroyFailedException()
* Assertion: constructs DestroyFailedException with no detail message
*/
public void testDestroyFailedException01() {
DestroyFailedException dfE = new DestroyFailedException();
assertNull("getMessage() must return null.", dfE.getMessage());
assertNull("getCause() must return null", dfE.getCause());
}
Also used :
DestroyFailedException(javax.security.auth.DestroyFailedException)
Example 15 with DestroyFailedException
use of javax.security.auth.DestroyFailedException in project j2objc by google.
the class DestroyFailedExceptionTest method testDestroyFailedException03.
/**
* javax.security.auth.DestroyFailedException#DestroyFailedException(String msg)
* Assertion: constructs with null parameter.
*/
public void testDestroyFailedException03() {
String msg = null;
DestroyFailedException dfE = new DestroyFailedException(msg);
assertNull("getMessage() must return null.", dfE.getMessage());
assertNull("getCause() must return null", dfE.getCause());
}
Also used :
DestroyFailedException(javax.security.auth.DestroyFailedException)
Aggregations
DestroyFailedException (javax.security.auth.DestroyFailedException)30
SecretKey (javax.crypto.SecretKey)9
PrivateKey (java.security.PrivateKey)5
X509Certificate (java.security.cert.X509Certificate)4
CallbackHandler (javax.security.auth.callback.CallbackHandler)4
Crypto (org.apache.wss4j.common.crypto.Crypto)4
SecretKeySpec (javax.crypto.spec.SecretKeySpec)3
KerberosTicket (javax.security.auth.kerberos.KerberosTicket)3
CryptoType (org.apache.wss4j.common.crypto.CryptoType)3
WSPasswordCallback (org.apache.wss4j.common.ext.WSPasswordCallback)3
WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)3
IOException (java.io.IOException)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
XMLCipher (org.apache.xml.security.encryption.XMLCipher)2
XMLEncryptionException (org.apache.xml.security.encryption.XMLEncryptionException)2
VisibleForTesting (com.google.common.annotations.VisibleForTesting)1
java.io (java.io)1
Signature (java.security.Signature)1
AlgorithmParameterSpec (java.security.spec.AlgorithmParameterSpec)1
Cipher (javax.crypto.Cipher)1
