Example #1
0
  private static void requestTicket(String principal, KOptions ktOptions) throws Exception {
    ktOptions.add(KinitOption.CLIENT_PRINCIPAL, principal);

    // If not request tickets by keytab than by password.
    if (!ktOptions.contains(KinitOption.USE_KEYTAB)) {
      ktOptions.add(KinitOption.USE_PASSWD);
      String password = getPassword(principal);
      ktOptions.add(KinitOption.USER_PASSWD, password);
    }

    KrbClient krbClient = getClient();
    TgtTicket tgt = krbClient.requestTgtWithOptions(ToolUtil.convertOptions(ktOptions));

    if (tgt == null) {
      System.err.println("Requesting TGT failed");
      return;
    }

    File ccacheFile;
    if (ktOptions.contains(KrbOption.KRB5_CACHE)) {
      String ccacheName = ktOptions.getStringOption(KrbOption.KRB5_CACHE);
      ccacheFile = new File(ccacheName);
    } else {
      String ccacheName = principal.replaceAll("/", "_");
      ccacheName = "krb5_" + ccacheName + ".cc";
      ccacheFile = new File(SysUtil.getTempDir(), ccacheName);
    }

    krbClient.storeTicket(tgt, ccacheFile);
    System.out.println(
        "Successfully requested and stored ticket in " + ccacheFile.getAbsolutePath());
  }
Example #2
0
 /**
  * Modify the principal with KOptions.
  *
  * @param identity The identity to be modified
  * @param kOptions The KOptions with changed principal info
  * @throws KrbException
  */
 static void updateIdentity(KrbIdentity identity, KOptions kOptions) {
   if (kOptions.contains(KadminOption.EXPIRE)) {
     Date date = kOptions.getDateOption(KadminOption.EXPIRE);
     identity.setExpireTime(new KerberosTime(date.getTime()));
   }
   if (kOptions.contains(KadminOption.DISABLED)) {
     identity.setDisabled(kOptions.getBooleanOption(KadminOption.DISABLED, false));
   }
   if (kOptions.contains(KadminOption.LOCKED)) {
     identity.setLocked(kOptions.getBooleanOption(KadminOption.LOCKED, false));
   }
 }
Example #3
0
  /**
   * Create principal.
   *
   * @param principal The principal name to be created
   * @param kOptions The KOptions with principal info
   */
  static KrbIdentity createIdentity(String principal, KOptions kOptions) throws KrbException {
    KrbIdentity kid = new KrbIdentity(principal);
    kid.setCreatedTime(KerberosTime.now());
    if (kOptions.contains(KadminOption.EXPIRE)) {
      Date date = kOptions.getDateOption(KadminOption.EXPIRE);
      kid.setExpireTime(new KerberosTime(date.getTime()));
    } else {
      kid.setExpireTime(new KerberosTime(253402300799900L));
    }
    if (kOptions.contains(KadminOption.KVNO)) {
      kid.setKeyVersion(kOptions.getIntegerOption(KadminOption.KVNO));
    } else {
      kid.setKeyVersion(1);
    }
    kid.setDisabled(false);
    kid.setLocked(false);

    return kid;
  }