View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.directory.kerberos.client;
21  
22  
23  import java.io.File;
24  
25  import org.apache.directory.kerberos.credentials.cache.Credentials;
26  import org.apache.directory.kerberos.credentials.cache.CredentialsCache;
27  import org.apache.directory.shared.kerberos.codec.types.PrincipalNameType;
28  import org.apache.directory.shared.kerberos.components.PrincipalName;
29  
30  
31  /**
32   * Authenticates to the Kerberos server and gets the initial Ticket Granting Ticket,
33   * then cache the tgt in credentials cache, as MIT kinit does.
34   * 
35   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
36   */
37  public class Kinit
38  {
39      private KdcConnection kdc;
40      private File credCacheFile;
41  
42  
43      public Kinit( KdcConnection kdc )
44      {
45          this.kdc = kdc;
46      }
47  
48  
49      public void setCredCacheFile( File credCacheFile )
50      {
51          this.credCacheFile = credCacheFile;
52      }
53  
54  
55      public File getCredCacheFile()
56      {
57          return this.credCacheFile;
58      }
59  
60  
61      /**
62       * Authenticates to the Kerberos server and gets the initial Ticket Granting Ticket,
63       * then cache the tgt in credentials cache, as MIT kinit does.
64       * 
65       * @param principal the client's principal 
66       * @param password password of the client
67       * @throws Exception If we had an issue while getting the TGT, or creating the PrincipalName, or
68       * storing the credentials
69       */
70      public void kinit( String principal, String password ) throws Exception
71      {
72          if ( principal == null || password == null || credCacheFile == null )
73          {
74              throw new IllegalArgumentException( "Invalid principal, password, or credentials cache file" );
75          }
76  
77          TgTicket tgt = kdc.getTgt( principal, password );
78  
79          CredentialsCacheals/cache/CredentialsCache.html#CredentialsCache">CredentialsCache credCache = new CredentialsCache();
80  
81          PrincipalNameberos/components/PrincipalName.html#PrincipalName">PrincipalName princ = new PrincipalName( principal, PrincipalNameType.KRB_NT_PRINCIPAL );
82          princ.setRealm( tgt.getRealm() );
83          credCache.setPrimaryPrincipalName( princ );
84  
85          Credentialss/credentials/cache/Credentials.html#Credentials">Credentials cred = new Credentials( tgt );
86          credCache.addCredentials( cred );
87  
88          CredentialsCache.store( credCacheFile, credCache );
89      }
90  }