[jboss-cvs] JBossAS SVN: r70489 - in projects/security/security-negotiation/trunk/NegotiationToolkit: descriptors and 1 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Mar 6 10:43:21 EST 2008 

Author: darran.lofthouse at jboss.com
Date: 2008-03-06 10:43:21 -0500 (Thu, 06 Mar 2008)
New Revision: 70489

Added:
   projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/KeytabPasswordLogon.java
Modified:
   projects/security/security-negotiation/trunk/NegotiationToolkit/build.xml
   projects/security/security-negotiation/trunk/NegotiationToolkit/descriptors/jaas_authentication.conf
Log:
[SECURITY-149] Simple command line class to authenticate using the keytab.

Modified: projects/security/security-negotiation/trunk/NegotiationToolkit/build.xml
===================================================================
--- projects/security/security-negotiation/trunk/NegotiationToolkit/build.xml	2008-03-06 15:35:04 UTC (rev 70488)
+++ projects/security/security-negotiation/trunk/NegotiationToolkit/build.xml	2008-03-06 15:43:21 UTC (rev 70489)
@@ -74,4 +74,16 @@
       <jvmarg value="-Djava.security.krb5.realm=${java.security.krb5.realm}" />
     </java>
   </target>
+
+  <target name="RunKeytabPasswordLogon" depends="compile">
+    <java fork="true" classname="org.jboss.security.negotiation.toolkit.KeytabPasswordLogon">
+      <classpath>
+        <pathelement location="${build.classes.dir}" />
+      </classpath>
+
+      <jvmarg value="-Djava.security.auth.login.config=${descriptors.dir}/jaas_authentication.conf" />
+      <jvmarg value="-Djava.security.krb5.kdc=${java.security.krb5.kdc}" />
+      <jvmarg value="-Djava.security.krb5.realm=${java.security.krb5.realm}" />
+    </java>
+  </target>
 </project>
\ No newline at end of file

Modified: projects/security/security-negotiation/trunk/NegotiationToolkit/descriptors/jaas_authentication.conf
===================================================================
--- projects/security/security-negotiation/trunk/NegotiationToolkit/descriptors/jaas_authentication.conf	2008-03-06 15:35:04 UTC (rev 70488)
+++ projects/security/security-negotiation/trunk/NegotiationToolkit/descriptors/jaas_authentication.conf	2008-03-06 15:43:21 UTC (rev 70489)
@@ -2,5 +2,14 @@
 
 UsernamePasswordSample {
   com.sun.security.auth.module.Krb5LoginModule required
-    debug=true;
+    debug="true";
+};
+
+KeytabPasswordSample {
+  com.sun.security.auth.module.Krb5LoginModule required
+    debug="true"
+    useKeyTab="true"
+    principal="host/testserver.gsslab.rdu.redhat.com at GSSLAB.RDU.REDHAT.COM"
+    keyTab="/home/darranl/src/security-negotiation/spnego-configuration/descriptors/testserver.keytab"
+    doNotPromp="true";
 };
\ No newline at end of file

Added: projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/KeytabPasswordLogon.java
===================================================================
--- projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/KeytabPasswordLogon.java	                        (rev 0)
+++ projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/KeytabPasswordLogon.java	2008-03-06 15:43:21 UTC (rev 70489)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * 
+ * Copyright 2007, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.security.negotiation.toolkit;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+
+/**
+ * Utility to be called from the command line to verify that it is possible
+ * to authenticate against the KDC when providing the keytab.
+ * 
+ * @author darran.lofthouse at jboss.com
+ * @version $Revision$
+ */
+public class KeytabPasswordLogon
+{
+
+   /**
+    * Utility entry point.
+    */
+   public static void main(String[] args) throws Exception
+   {      
+      System.out.println(" * * KeytabPasswordLogin * *");
+      LoginContext login = new LoginContext("KeytabPasswordSample");
+      login.login();
+
+      System.out.println("Authenticated");
+
+      Subject subject = login.getSubject();
+
+      System.out.println("Subject - " + String.valueOf(subject));
+   }
+}


Property changes on: projects/security/security-negotiation/trunk/NegotiationToolkit/src/main/org/jboss/security/negotiation/toolkit/KeytabPasswordLogon.java
___________________________________________________________________
Name: svn:keywords
   + Id Revision
Name: svn:eol-style
   + LF

More information about the jboss-cvs-commits mailing list