public static void authenticate( PGStream pgStream, String host, String user, String password, String jaasApplicationName, String kerberosServerName, Logger logger) throws IOException, SQLException { if (logger.logDebug()) logger.debug(" <=BE AuthenticationReqGSS"); Object result = null; if (jaasApplicationName == null) jaasApplicationName = "pgjdbc"; if (kerberosServerName == null) kerberosServerName = "postgres"; try { LoginContext lc = new LoginContext(jaasApplicationName, new GSSCallbackHandler(user, password)); lc.login(); Subject sub = lc.getSubject(); PrivilegedAction action = new GssAction(pgStream, host, user, password, kerberosServerName, logger); result = Subject.doAs(sub, action); } catch (Exception e) { throw new PSQLException(GT.tr("GSS Authentication failed"), PSQLState.CONNECTION_FAILURE, e); } if (result instanceof IOException) throw (IOException) result; else if (result instanceof SQLException) throw (SQLException) result; else if (result != null) throw new PSQLException( GT.tr("GSS Authentication failed"), PSQLState.CONNECTION_FAILURE, (Exception) result); }
public String toString() { // Now construct the message from what the server sent // The general format is: // SEVERITY: Message \n // Detail: \n // Hint: \n // Position: \n // Where: \n // Internal Query: \n // Internal Position: \n // Location: File:Line:Routine \n // SQLState: \n // // Normally only the message and detail is included. // If INFO level logging is enabled then detail, hint, position and where are // included. If DEBUG level logging is enabled then all information // is included. StringBuffer l_totalMessage = new StringBuffer(); String l_message = (String) m_mesgParts.get(SEVERITY); if (l_message != null) l_totalMessage.append(l_message).append(": "); l_message = (String) m_mesgParts.get(MESSAGE); if (l_message != null) l_totalMessage.append(l_message); l_message = (String) m_mesgParts.get(DETAIL); if (l_message != null) l_totalMessage.append("\n ").append(GT.tr("Detail: {0}", l_message)); l_message = (String) m_mesgParts.get(HINT); if (l_message != null) l_totalMessage.append("\n ").append(GT.tr("Hint: {0}", l_message)); l_message = (String) m_mesgParts.get(POSITION); if (l_message != null) l_totalMessage.append("\n ").append(GT.tr("Position: {0}", l_message)); l_message = (String) m_mesgParts.get(WHERE); if (l_message != null) l_totalMessage.append("\n ").append(GT.tr("Where: {0}", l_message)); if (verbosity > 2) { String l_internalQuery = (String) m_mesgParts.get(INTERNAL_QUERY); if (l_internalQuery != null) l_totalMessage.append("\n ").append(GT.tr("Internal Query: {0}", l_internalQuery)); String l_internalPosition = (String) m_mesgParts.get(INTERNAL_POSITION); if (l_internalPosition != null) l_totalMessage.append("\n ").append(GT.tr("Internal Position: {0}", l_internalPosition)); String l_file = (String) m_mesgParts.get(FILE); String l_line = (String) m_mesgParts.get(LINE); String l_routine = (String) m_mesgParts.get(ROUTINE); if (l_file != null || l_line != null || l_routine != null) l_totalMessage .append("\n ") .append( GT.tr( "Location: File: {0}, Routine: {1}, Line: {2}", new Object[] {l_file, l_routine, l_line})); l_message = (String) m_mesgParts.get(SQLSTATE); if (l_message != null) l_totalMessage.append("\n ").append(GT.tr("Server SQLState: {0}", l_message)); } return l_totalMessage.toString(); }
@Override public Boolean visit(GT ast) { boolean checkLhs = ast.getLhs().accept(this); boolean checkRhs = ast.getRhs().accept(this); if (!(checkLhs && checkRhs)) return false; Type lhsType = ast.getLhs().typeOf(env); Type rhsType = ast.getRhs().typeOf(env); if (!(lhsType.isCompatibleTo(rhsType) && lhsType.isCompatibleToNumeric() && rhsType.isCompatibleToNumeric())) { addToErrorList( ast, "the operator > can not be applied to instances of type " + lhsType.getClass() + " and type " + rhsType.getClass()); return false; } return true; }
public Object run() { try { org.ietf.jgss.Oid desiredMechs[] = new org.ietf.jgss.Oid[1]; desiredMechs[0] = new org.ietf.jgss.Oid("1.2.840.113554.1.2.2"); GSSManager manager = GSSManager.getInstance(); GSSName clientName = manager.createName(user, GSSName.NT_USER_NAME); GSSCredential clientCreds = manager.createCredential(clientName, 8 * 3600, desiredMechs, GSSCredential.INITIATE_ONLY); GSSName serverName = manager.createName(kerberosServerName + "@" + host, GSSName.NT_HOSTBASED_SERVICE); GSSContext secContext = manager.createContext( serverName, desiredMechs[0], clientCreds, GSSContext.DEFAULT_LIFETIME); secContext.requestMutualAuth(true); byte inToken[] = new byte[0]; byte outToken[] = null; boolean established = false; while (!established) { outToken = secContext.initSecContext(inToken, 0, inToken.length); if (outToken != null) { if (logger.logDebug()) logger.debug(" FE=> Password(GSS Authentication Token)"); pgStream.SendChar('p'); pgStream.SendInteger4(4 + outToken.length); pgStream.Send(outToken); pgStream.flush(); } if (!secContext.isEstablished()) { int response = pgStream.ReceiveChar(); // Error if (response == 'E') { int l_elen = pgStream.ReceiveInteger4(); ServerErrorMessage l_errorMsg = new ServerErrorMessage(pgStream.ReceiveString(l_elen - 4), logger.getLogLevel()); if (logger.logDebug()) logger.debug(" <=BE ErrorMessage(" + l_errorMsg + ")"); return new PSQLException(l_errorMsg); } else if (response == 'R') { if (logger.logDebug()) logger.debug(" <=BE AuthenticationGSSContinue"); int len = pgStream.ReceiveInteger4(); int type = pgStream.ReceiveInteger4(); // should check type = 8 inToken = pgStream.Receive(len - 8); } else { // Unknown/unexpected message type. return new PSQLException( GT.tr("Protocol error. Session setup failed."), PSQLState.CONNECTION_UNABLE_TO_CONNECT); } } else { established = true; } } } catch (IOException e) { return e; } catch (GSSException gsse) { return new PSQLException( GT.tr("GSS Authentication failed"), PSQLState.CONNECTION_FAILURE, gsse); } return null; }