Improve Kerberos logging and implement command line callback
git-svn-id: http://svn.code.sf.net/p/davmail/code/trunk@2061 3d1905a2-6b24-0410-a738-b14d5a86fcbd
This commit is contained in:
parent
a2060fb701
commit
acf7dcb7b9
|
@ -18,6 +18,7 @@
|
||||||
*/
|
*/
|
||||||
package davmail.http;
|
package davmail.http;
|
||||||
|
|
||||||
|
import davmail.Settings;
|
||||||
import org.apache.log4j.Logger;
|
import org.apache.log4j.Logger;
|
||||||
import org.ietf.jgss.*;
|
import org.ietf.jgss.*;
|
||||||
|
|
||||||
|
@ -25,7 +26,10 @@ import javax.security.auth.Subject;
|
||||||
import javax.security.auth.callback.*;
|
import javax.security.auth.callback.*;
|
||||||
import javax.security.auth.login.LoginContext;
|
import javax.security.auth.login.LoginContext;
|
||||||
import javax.security.auth.login.LoginException;
|
import javax.security.auth.login.LoginException;
|
||||||
|
import java.awt.GraphicsEnvironment;
|
||||||
|
import java.io.BufferedReader;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.io.InputStreamReader;
|
||||||
import java.security.PrivilegedAction;
|
import java.security.PrivilegedAction;
|
||||||
import java.security.Security;
|
import java.security.Security;
|
||||||
|
|
||||||
|
@ -60,13 +64,27 @@ public class KerberosHelper {
|
||||||
for (int i = 0; i < callbacks.length; i++) {
|
for (int i = 0; i < callbacks.length; i++) {
|
||||||
if (callbacks[i] instanceof NameCallback) {
|
if (callbacks[i] instanceof NameCallback) {
|
||||||
if (principal == null) {
|
if (principal == null) {
|
||||||
throw new UnsupportedCallbackException(callbacks[i]);
|
// if we get there kerberos token is missing or invalid
|
||||||
|
if (Settings.getBooleanProperty("davmail.server") || GraphicsEnvironment.isHeadless()) {
|
||||||
|
// headless or server mode
|
||||||
|
System.out.print(((NameCallback) callbacks[i]).getPrompt());
|
||||||
|
BufferedReader inReader = new BufferedReader(new InputStreamReader(System.in));
|
||||||
|
principal = inReader.readLine();
|
||||||
|
} else {
|
||||||
|
// TODO: get username and password from dialog
|
||||||
|
}
|
||||||
}
|
}
|
||||||
final NameCallback nameCallback = (NameCallback) callbacks[i];
|
final NameCallback nameCallback = (NameCallback) callbacks[i];
|
||||||
nameCallback.setName(principal);
|
nameCallback.setName(principal);
|
||||||
} else if (callbacks[i] instanceof PasswordCallback) {
|
} else if (callbacks[i] instanceof PasswordCallback) {
|
||||||
if (password == null) {
|
if (password == null) {
|
||||||
throw new UnsupportedCallbackException(callbacks[i]);
|
// if we get there kerberos token is missing or invalid
|
||||||
|
if (Settings.getBooleanProperty("davmail.server") || GraphicsEnvironment.isHeadless()) {
|
||||||
|
// headless or server mode
|
||||||
|
System.out.print(((PasswordCallback) callbacks[i]).getPrompt());
|
||||||
|
BufferedReader inReader = new BufferedReader(new InputStreamReader(System.in));
|
||||||
|
password = inReader.readLine();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
final PasswordCallback passCallback = (PasswordCallback) callbacks[i];
|
final PasswordCallback passCallback = (PasswordCallback) callbacks[i];
|
||||||
passCallback.setPassword(password.toCharArray());
|
passCallback.setPassword(password.toCharArray());
|
||||||
|
|
|
@ -18,6 +18,8 @@
|
||||||
*/
|
*/
|
||||||
package davmail.http;
|
package davmail.http;
|
||||||
|
|
||||||
|
import org.apache.log4j.Logger;
|
||||||
|
|
||||||
import javax.security.auth.login.AppConfigurationEntry;
|
import javax.security.auth.login.AppConfigurationEntry;
|
||||||
import javax.security.auth.login.Configuration;
|
import javax.security.auth.login.Configuration;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
|
@ -31,12 +33,20 @@ import java.util.HashMap;
|
||||||
* <p/>
|
* <p/>
|
||||||
*/
|
*/
|
||||||
public class KerberosLoginConfiguration extends Configuration {
|
public class KerberosLoginConfiguration extends Configuration {
|
||||||
|
protected static final Logger LOGGER = Logger.getLogger(KerberosHelper.class);
|
||||||
protected static final AppConfigurationEntry[] CLIENT_LOGIN_MODULE;
|
protected static final AppConfigurationEntry[] CLIENT_LOGIN_MODULE;
|
||||||
|
|
||||||
static {
|
static {
|
||||||
HashMap<String, String> loginModuleOptions = new HashMap<String, String>();
|
HashMap<String, String> loginModuleOptions = new HashMap<String, String>();
|
||||||
|
if (LOGGER.isDebugEnabled()) {
|
||||||
|
loginModuleOptions.put("debug", "true");
|
||||||
|
}
|
||||||
|
|
||||||
loginModuleOptions.put("useTicketCache", "true");
|
loginModuleOptions.put("useTicketCache", "true");
|
||||||
//loginModuleOptions.put("doNotPrompt", "true");
|
//loginModuleOptions.put("doNotPrompt", "true");
|
||||||
|
//loginModuleOptions.put("ticketCache", FileCredentialsCache.getDefaultCacheName());
|
||||||
|
//loginModuleOptions.put("refreshKrb5Config", "true");
|
||||||
|
//loginModuleOptions.put("storeKey", "true");
|
||||||
CLIENT_LOGIN_MODULE = new AppConfigurationEntry[]{new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, loginModuleOptions)};
|
CLIENT_LOGIN_MODULE = new AppConfigurationEntry[]{new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, loginModuleOptions)};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue