com.jaeksoft.searchlib.util.Krb5Utils Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of opensearchserver Show documentation

OpenSearchServer is a powerful, enterprise-class, search engine program. Using the web user interface, the crawlers (web, file, database, ...) and the REST/RESTFul API you will be able to integrate quickly and easily advanced full-text search capabilities in your application. OpenSearchServer runs on Windows and Linux/Unix/BSD.

The newest version!

/**
 * License Agreement for OpenSearchServer
 * 
 * Copyright (C) 2016 Emmanuel Keller / Jaeksoft
 * 

 * http://www.open-search-server.com
 * 

 * This file is part of OpenSearchServer.
 * 

 * OpenSearchServer is free software: you can redistribute it and/or
 * modify it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 

 * OpenSearchServer is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with OpenSearchServer.
 * If not, see .
 **/
package com.jaeksoft.searchlib.util;

import com.sun.security.auth.module.Krb5LoginModule;

import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import java.util.HashMap;
import java.util.Map;

public class Krb5Utils {

	public static Subject loginWithKeyTab(final String krb5confPath, final String principal,
			final String krb5keyTabPath) throws LoginException {

		// Set state
		final Map state = new HashMap<>();
		state.put("java.security.krb5.conf", krb5confPath);

		// Set options
		final Map option = new HashMap<>();
		//option.put("debug", "true");
		option.put("principal", principal);
		option.put("useKeyTab", "true");
		option.put("keyTab", krb5keyTabPath);
		//option.put("refreshKrb5Config", "true");
		option.put("doNotPrompt", "true");
		option.put("storeKey", "true");
		option.put("useTicketCache", "true");

		// Login
		final Subject subject = new Subject();
		Krb5LoginModule login = new Krb5LoginModule();
		login.initialize(subject, null, state, option);
		if (login.login())
			login.commit();
		return subject;
	}

}