Example 36 with Configuration
use of javax.security.auth.login.Configuration in project calcite-avatica by apache.
the class AvaticaJaasKrbUtil method loginUsingKeytab.
public static Subject loginUsingKeytab(String principal, File keytabFile) throws LoginException {
Set<Principal> principals = new HashSet<Principal>();
principals.add(new KerberosPrincipal(principal));
Subject subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>());
Configuration conf = useKeytab(principal, keytabFile);
String confName = "KeytabConf";
LoginContext loginContext = new LoginContext(confName, subject, null, conf);
loginContext.login();
return loginContext.getSubject();
}
Also used :
KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
LoginContext(javax.security.auth.login.LoginContext)
Configuration(javax.security.auth.login.Configuration)
Principal(java.security.Principal)
KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
Subject(javax.security.auth.Subject)
HashSet(java.util.HashSet)
Example 37 with Configuration
use of javax.security.auth.login.Configuration in project undertow by undertow-io.
the class KerberosKDCUtil method createJaasConfiguration.
private static Configuration createJaasConfiguration() {
return new Configuration() {
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
if (!"KDC".equals(name)) {
throw new IllegalArgumentException("Unexpected name '" + name + "'");
}
AppConfigurationEntry[] entries = new AppConfigurationEntry[1];
Map<String, Object> options = new HashMap<>();
options.put("debug", "true");
options.put("refreshKrb5Config", "true");
if (IS_IBM) {
options.put("noAddress", "true");
options.put("credsType", "both");
entries[0] = new AppConfigurationEntry("com.ibm.security.auth.module.Krb5LoginModule", REQUIRED, options);
} else {
options.put("storeKey", "true");
options.put("isInitiator", "true");
entries[0] = new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", REQUIRED, options);
}
return entries;
}
};
}
Also used :
AppConfigurationEntry(javax.security.auth.login.AppConfigurationEntry)
Configuration(javax.security.auth.login.Configuration)
HashMap(java.util.HashMap)
Example 38 with Configuration
use of javax.security.auth.login.Configuration in project storm by apache.
the class AuthUtils method GetConfiguration.
/**
* Construct a JAAS configuration object per storm configuration file
* @param storm_conf Storm configuration
* @return JAAS configuration object
*/
public static Configuration GetConfiguration(Map storm_conf) {
Configuration login_conf = null;
//find login file configuration from Storm configuration
String loginConfigurationFile = (String) storm_conf.get("java.security.auth.login.config");
if ((loginConfigurationFile != null) && (loginConfigurationFile.length() > 0)) {
File config_file = new File(loginConfigurationFile);
if (!config_file.canRead()) {
throw new RuntimeException("File " + loginConfigurationFile + " cannot be read.");
}
try {
URI config_uri = config_file.toURI();
login_conf = Configuration.getInstance("JavaLoginConfig", new URIParameter(config_uri));
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}
return login_conf;
}
Also used :
URIParameter(java.security.URIParameter)
Configuration(javax.security.auth.login.Configuration)
File(java.io.File)
URI(java.net.URI)
IOException(java.io.IOException)
Example 39 with Configuration
use of javax.security.auth.login.Configuration in project kafka by apache.
the class JaasUtils method isZkSecurityEnabled.
public static boolean isZkSecurityEnabled() {
boolean zkSaslEnabled = Boolean.parseBoolean(System.getProperty(ZK_SASL_CLIENT, "true"));
String zkLoginContextName = System.getProperty(ZK_LOGIN_CONTEXT_NAME_KEY, "Client");
boolean isSecurityEnabled;
try {
Configuration loginConf = Configuration.getConfiguration();
isSecurityEnabled = loginConf.getAppConfigurationEntry(zkLoginContextName) != null;
} catch (Exception e) {
throw new KafkaException("Exception while loading Zookeeper JAAS login context '" + zkLoginContextName + "'", e);
}
if (isSecurityEnabled && !zkSaslEnabled) {
LOG.error("JAAS configuration is present, but system property " + ZK_SASL_CLIENT + " is set to false, which disables " + "SASL in the ZooKeeper client");
throw new KafkaException("Exception while determining if ZooKeeper is secure");
}
return isSecurityEnabled;
}
Also used :
Configuration(javax.security.auth.login.Configuration)
KafkaException(org.apache.kafka.common.KafkaException)
KafkaException(org.apache.kafka.common.KafkaException)
Example 40 with Configuration
use of javax.security.auth.login.Configuration in project storm by apache.
the class AuthUtilsTest method getOptionsThrowsOnMissingSectionTest.
@Test(expected = IOException.class)
public void getOptionsThrowsOnMissingSectionTest() throws IOException {
Configuration mockConfig = Mockito.mock(Configuration.class);
AuthUtils.get(mockConfig, "bogus-section", "");
}
Also used :
Configuration(javax.security.auth.login.Configuration)
Test(org.junit.Test)
Aggregations
Configuration (javax.security.auth.login.Configuration)89
AppConfigurationEntry (javax.security.auth.login.AppConfigurationEntry)42
LoginContext (javax.security.auth.login.LoginContext)27
HashMap (java.util.HashMap)23
Subject (javax.security.auth.Subject)20
Test (org.junit.Test)16
IOException (java.io.IOException)13
LoginException (javax.security.auth.login.LoginException)12
CallbackHandler (javax.security.auth.callback.CallbackHandler)8
File (java.io.File)7
Principal (java.security.Principal)7
URI (java.net.URI)6
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
ArrayList (java.util.ArrayList)5
Test (org.junit.jupiter.api.Test)5
URIParameter (java.security.URIParameter)4
Map (java.util.Map)4
Callback (javax.security.auth.callback.Callback)4
PasswordCallback (javax.security.auth.callback.PasswordCallback)4
LoginModuleImpl (org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl)4
