public static void main(String[] args) throws Exception {
KOptions ktOptions = new KOptions();
KinitOption kto;
String principal = null;
int i = 0;
String opt, param, error;
while (i < args.length) {
error = null;
opt = args[i++];
if (opt.startsWith("-")) {
kto = KinitOption.fromName(opt);
if (kto == KinitOption.NONE) {
error = "Invalid option:" + opt;
System.err.println(error);
break;
}
} else {
principal = opt;
kto = KinitOption.NONE;
}
if (kto.getType() != KOptionType.NOV) { // require a parameter
param = null;
if (i < args.length) {
param = args[i++];
}
if (param != null) {
KOptions.parseSetValue(kto, param);
} else {
error = "Option " + opt + " require a parameter";
}
}
if (error != null) {
printUsage(error);
}
ktOptions.add(kto);
}
if (principal == null) {
printUsage("No principal is specified");
}
KinitTool.requestTicket(principal, ktOptions);
System.exit(0);
}
/**
* Create principal.
*
* @param principal The principal name to be created
* @param kOptions The KOptions with principal info
*/
static KrbIdentity createIdentity(String principal, KOptions kOptions) throws KrbException {
KrbIdentity kid = new KrbIdentity(principal);
kid.setCreatedTime(KerberosTime.now());
if (kOptions.contains(KadminOption.EXPIRE)) {
Date date = kOptions.getDateOption(KadminOption.EXPIRE);
kid.setExpireTime(new KerberosTime(date.getTime()));
} else {
kid.setExpireTime(new KerberosTime(253402300799900L));
}
if (kOptions.contains(KadminOption.KVNO)) {
kid.setKeyVersion(kOptions.getIntegerOption(KadminOption.KVNO));
} else {
kid.setKeyVersion(1);
}
kid.setDisabled(false);
kid.setLocked(false);
return kid;
}
private static void requestTicket(String principal, KOptions ktOptions) throws Exception {
ktOptions.add(KinitOption.CLIENT_PRINCIPAL, principal);
// If not request tickets by keytab than by password.
if (!ktOptions.contains(KinitOption.USE_KEYTAB)) {
ktOptions.add(KinitOption.USE_PASSWD);
String password = getPassword(principal);
ktOptions.add(KinitOption.USER_PASSWD, password);
}
KrbClient krbClient = getClient();
TgtTicket tgt = krbClient.requestTgtWithOptions(ToolUtil.convertOptions(ktOptions));
if (tgt == null) {
System.err.println("Requesting TGT failed");
return;
}
File ccacheFile;
if (ktOptions.contains(KrbOption.KRB5_CACHE)) {
String ccacheName = ktOptions.getStringOption(KrbOption.KRB5_CACHE);
ccacheFile = new File(ccacheName);
} else {
String ccacheName = principal.replaceAll("/", "_");
ccacheName = "krb5_" + ccacheName + ".cc";
ccacheFile = new File(SysUtil.getTempDir(), ccacheName);
}
krbClient.storeTicket(tgt, ccacheFile);
System.out.println(
"Successfully requested and stored ticket in " + ccacheFile.getAbsolutePath());
}
/**
* Modify the principal with KOptions.
*
* @param identity The identity to be modified
* @param kOptions The KOptions with changed principal info
* @throws KrbException
*/
static void updateIdentity(KrbIdentity identity, KOptions kOptions) {
if (kOptions.contains(KadminOption.EXPIRE)) {
Date date = kOptions.getDateOption(KadminOption.EXPIRE);
identity.setExpireTime(new KerberosTime(date.getTime()));
}
if (kOptions.contains(KadminOption.DISABLED)) {
identity.setDisabled(kOptions.getBooleanOption(KadminOption.DISABLED, false));
}
if (kOptions.contains(KadminOption.LOCKED)) {
identity.setLocked(kOptions.getBooleanOption(KadminOption.LOCKED, false));
}
}