From acf7dcb7b957197b40458dc52142d179185ae5aa Mon Sep 17 00:00:00 2001 From: mguessan Date: Wed, 13 Feb 2013 09:15:47 +0000 Subject: [PATCH] Improve Kerberos logging and implement command line callback git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@2061 3d1905a2-6b24-0410-a738-b14d5a86fcbd --- src/java/davmail/http/KerberosHelper.java | 22 +++++++++++++++++-- .../http/KerberosLoginConfiguration.java | 10 +++++++++ 2 files changed, 30 insertions(+), 2 deletions(-) diff --git a/src/java/davmail/http/KerberosHelper.java b/src/java/davmail/http/KerberosHelper.java index 48dcc403..2ff370ce 100644 --- a/src/java/davmail/http/KerberosHelper.java +++ b/src/java/davmail/http/KerberosHelper.java @@ -18,6 +18,7 @@ */ package davmail.http; +import davmail.Settings; import org.apache.log4j.Logger; import org.ietf.jgss.*; @@ -25,7 +26,10 @@ import javax.security.auth.Subject; import javax.security.auth.callback.*; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; +import java.awt.GraphicsEnvironment; +import java.io.BufferedReader; import java.io.IOException; +import java.io.InputStreamReader; import java.security.PrivilegedAction; import java.security.Security; @@ -60,13 +64,27 @@ public class KerberosHelper { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof NameCallback) { if (principal == null) { - throw new UnsupportedCallbackException(callbacks[i]); + // if we get there kerberos token is missing or invalid + if (Settings.getBooleanProperty("davmail.server") || GraphicsEnvironment.isHeadless()) { + // headless or server mode + System.out.print(((NameCallback) callbacks[i]).getPrompt()); + BufferedReader inReader = new BufferedReader(new InputStreamReader(System.in)); + principal = inReader.readLine(); + } else { + // TODO: get username and password from dialog + } } final NameCallback nameCallback = (NameCallback) callbacks[i]; nameCallback.setName(principal); } else if (callbacks[i] instanceof PasswordCallback) { if (password == null) { - throw new UnsupportedCallbackException(callbacks[i]); + // if we get there kerberos token is missing or invalid + if (Settings.getBooleanProperty("davmail.server") || GraphicsEnvironment.isHeadless()) { + // headless or server mode + System.out.print(((PasswordCallback) callbacks[i]).getPrompt()); + BufferedReader inReader = new BufferedReader(new InputStreamReader(System.in)); + password = inReader.readLine(); + } } final PasswordCallback passCallback = (PasswordCallback) callbacks[i]; passCallback.setPassword(password.toCharArray()); diff --git a/src/java/davmail/http/KerberosLoginConfiguration.java b/src/java/davmail/http/KerberosLoginConfiguration.java index 3170307f..d501877a 100644 --- a/src/java/davmail/http/KerberosLoginConfiguration.java +++ b/src/java/davmail/http/KerberosLoginConfiguration.java @@ -18,6 +18,8 @@ */ package davmail.http; +import org.apache.log4j.Logger; + import javax.security.auth.login.AppConfigurationEntry; import javax.security.auth.login.Configuration; import java.util.HashMap; @@ -31,12 +33,20 @@ import java.util.HashMap; *

*/ public class KerberosLoginConfiguration extends Configuration { + protected static final Logger LOGGER = Logger.getLogger(KerberosHelper.class); protected static final AppConfigurationEntry[] CLIENT_LOGIN_MODULE; static { HashMap loginModuleOptions = new HashMap(); + if (LOGGER.isDebugEnabled()) { + loginModuleOptions.put("debug", "true"); + } + loginModuleOptions.put("useTicketCache", "true"); //loginModuleOptions.put("doNotPrompt", "true"); + //loginModuleOptions.put("ticketCache", FileCredentialsCache.getDefaultCacheName()); + //loginModuleOptions.put("refreshKrb5Config", "true"); + //loginModuleOptions.put("storeKey", "true"); CLIENT_LOGIN_MODULE = new AppConfigurationEntry[]{new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, loginModuleOptions)}; }