All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.kafka.common.security.JaasConfig Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements. See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.kafka.common.security;

import java.io.IOException;
import java.io.StreamTokenizer;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;

import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;

import org.apache.kafka.common.KafkaException;
import org.apache.kafka.common.config.SaslConfigs;

/**
 * JAAS configuration parser that constructs a JAAS configuration object with a single
 * login context from the Kafka configuration option {@link SaslConfigs#SASL_JAAS_CONFIG}.
 * 

* JAAS configuration file format is described here. * The format of the property value is: *

 * {@code
 *     (=)*;
 * }
 * 
*/ class JaasConfig extends Configuration { private final String loginContextName; private final List configEntries; public JaasConfig(String loginContextName, String jaasConfigParams) { StreamTokenizer tokenizer = new StreamTokenizer(new StringReader(jaasConfigParams)); tokenizer.slashSlashComments(true); tokenizer.slashStarComments(true); tokenizer.wordChars('-', '-'); tokenizer.wordChars('_', '_'); tokenizer.wordChars('$', '$'); try { configEntries = new ArrayList<>(); while (tokenizer.nextToken() != StreamTokenizer.TT_EOF) { configEntries.add(parseAppConfigurationEntry(tokenizer)); } if (configEntries.isEmpty()) throw new IllegalArgumentException("Login module not specified in JAAS config"); this.loginContextName = loginContextName; } catch (IOException e) { throw new KafkaException("Unexpected exception while parsing JAAS config"); } } @Override public AppConfigurationEntry[] getAppConfigurationEntry(String name) { if (this.loginContextName.equals(name)) return configEntries.toArray(new AppConfigurationEntry[0]); else return null; } private LoginModuleControlFlag loginModuleControlFlag(String flag) { if (flag == null) throw new IllegalArgumentException("Login module control flag is not available in the JAAS config"); LoginModuleControlFlag controlFlag; switch (flag.toUpperCase(Locale.ROOT)) { case "REQUIRED": controlFlag = LoginModuleControlFlag.REQUIRED; break; case "REQUISITE": controlFlag = LoginModuleControlFlag.REQUISITE; break; case "SUFFICIENT": controlFlag = LoginModuleControlFlag.SUFFICIENT; break; case "OPTIONAL": controlFlag = LoginModuleControlFlag.OPTIONAL; break; default: throw new IllegalArgumentException("Invalid login module control flag '" + flag + "' in JAAS config"); } return controlFlag; } private AppConfigurationEntry parseAppConfigurationEntry(StreamTokenizer tokenizer) throws IOException { String loginModule = tokenizer.sval; if (tokenizer.nextToken() == StreamTokenizer.TT_EOF) throw new IllegalArgumentException("Login module control flag not specified in JAAS config"); LoginModuleControlFlag controlFlag = loginModuleControlFlag(tokenizer.sval); Map options = new HashMap<>(); while (tokenizer.nextToken() != StreamTokenizer.TT_EOF && tokenizer.ttype != ';') { String key = tokenizer.sval; if (tokenizer.nextToken() != '=' || tokenizer.nextToken() == StreamTokenizer.TT_EOF || tokenizer.sval == null) throw new IllegalArgumentException("Value not specified for key '" + key + "' in JAAS config"); String value = tokenizer.sval; options.put(key, value); } if (tokenizer.ttype != ';') throw new IllegalArgumentException("JAAS config entry not terminated by semi-colon"); return new AppConfigurationEntry(loginModule, controlFlag, options); } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy