Author: kwright
Date: Sat Jan 25 01:57:41 2020
New Revision: 1873121
URL: http://svn.apache.org/viewvc?rev=1873121&view=rev
Log:
CONNECTORS-1629: Add support for global Kerberos setup for ManifoldCF
Added:
manifoldcf/trunk/framework/scripts-kerberos/
manifoldcf/trunk/framework/scripts-kerberos/jaas-client.conf (with props)
Modified:
manifoldcf/trunk/CHANGES.txt
manifoldcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java
manifoldcf/trunk/framework/build.xml
manifoldcf/trunk/framework/scripts-combined/combined-options.env.unix
manifoldcf/trunk/framework/scripts-combined/combined-options.env.win
manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.unix
manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.win
manifoldcf/trunk/framework/scripts-start/start-options.env.unix
manifoldcf/trunk/framework/scripts-start/start-options.env.win
manifoldcf/trunk/framework/scripts/options.env.unix
manifoldcf/trunk/framework/scripts/options.env.win
Modified: manifoldcf/trunk/CHANGES.txt
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/CHANGES.txt?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/CHANGES.txt (original)
+++ manifoldcf/trunk/CHANGES.txt Sat Jan 25 01:57:41 2020
@@ -3,6 +3,9 @@ $Id$
======================= 2.16-dev =====================
+CONNECTORS-1629: Add support for global Kerberos setup.
+(Jörn Franke, Karl Wright)
+
CONNECTORS-1632: Use TLS sockets and no longer support old SSL connections.
(Jörn Franke)
Modified:
manifoldcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
---
manifoldcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java
(original)
+++
manifoldcf/trunk/connectors/solr/connector/src/main/java/org/apache/manifoldcf/agents/output/solr/HttpPoster.java
Sat Jan 25 01:57:41 2020
@@ -67,6 +67,10 @@ import org.apache.solr.common.SolrInputD
import org.apache.commons.lang.StringUtils;
+import org.apache.solr.client.solrj.impl.HttpClientUtil;
+import org.apache.solr.client.solrj.impl.Krb5HttpClientBuilder;
+import org.apache.solr.client.solrj.impl.SolrHttpClientBuilder;
+
/**
* Posts an input stream to SOLR
*
@@ -167,6 +171,8 @@ public class HttpPoster
this.maxDocumentLength = maxDocumentLength;
+ initializeKerberos();
+
try
{
CloudSolrClient cloudSolrServer = new CloudSolrClient.Builder()
@@ -223,6 +229,8 @@ public class HttpPoster
this.maxDocumentLength = maxDocumentLength;
+ initializeKerberos();
+
String location = "";
if (webapp != null)
location = "/" + webapp;
@@ -292,6 +300,20 @@ public class HttpPoster
solrServer = new ModifiedHttpSolrClient(httpSolrServerUrl, localClient,
new XMLResponseParser(), allowCompression);
}
+ private static void initializeKerberos()
+ {
+
+ if (System.getProperty("java.security.auth.login.config") != null) {
+ if (Logging.ingest.isInfoEnabled()) {
+ Logging.ingest.info("Using Kerberos for Solr Authentication");
+ }
+ Krb5HttpClientBuilder krbBuild = new Krb5HttpClientBuilder();
+ SolrHttpClientBuilder kb = krbBuild.getBuilder();
+ HttpClientUtil.setHttpClientBuilder(kb);
+ }
+
+ }
+
/** Shut down the poster.
*/
public void shutdown()
Modified: manifoldcf/trunk/framework/build.xml
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/build.xml?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/framework/build.xml (original)
+++ manifoldcf/trunk/framework/build.xml Sat Jan 25 01:57:41 2020
@@ -1174,15 +1174,22 @@
<fileset dir="scripts-common"/>
</copy>
</target>
-
- <target name="scripts" depends="scripts-common">
+
+ <target name="scripts-kerberos">
+ <mkdir dir="${processes-dir}"/>
+ <copy todir="${processes-dir}">
+ <fileset dir="scripts-kerberos"/>
+ </copy>
+ </target>
+
+ <target name="scripts" depends="scripts-common,scripts-kerberos">
<mkdir dir="${processes-dir}"/>
<copy todir="${processes-dir}">
<fileset dir="scripts"/>
</copy>
</target>
- <target name="scripts-jetty" depends="scripts-common">
+ <target name="scripts-jetty" depends="scripts-common,scripts-kerberos">
<mkdir dir="${processes-dir}"/>
<copy todir="${processes-dir}">
<fileset dir="scripts-jetty"/>
@@ -1203,14 +1210,14 @@
</copy>
</target>
- <target name="scripts-combined" depends="scripts-common">
+ <target name="scripts-combined" depends="scripts-common,scripts-kerberos">
<mkdir dir="${processes-dir}"/>
<copy todir="${processes-dir}">
<fileset dir="scripts-combined"/>
</copy>
</target>
- <target name="scripts-start" depends="scripts-common">
+ <target name="scripts-start" depends="scripts-common,scripts-kerberos">
<mkdir dir="${processes-dir}"/>
<copy todir="${processes-dir}">
<fileset dir="scripts-start"/>
Modified: manifoldcf/trunk/framework/scripts-combined/combined-options.env.unix
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/scripts-combined/combined-options.env.unix?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/framework/scripts-combined/combined-options.env.unix
(original)
+++ manifoldcf/trunk/framework/scripts-combined/combined-options.env.unix Sat
Jan 25 01:57:41 2020
@@ -2,5 +2,6 @@
-Xmx512m
-Dorg.apache.manifoldcf.configfile=./properties.xml
-Dorg.apache.manifoldcf.jettyshutdowntoken=secret_token
+-Djava.security.auth.login.config=
-cp
.:
Modified: manifoldcf/trunk/framework/scripts-combined/combined-options.env.win
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/scripts-combined/combined-options.env.win?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/framework/scripts-combined/combined-options.env.win
(original)
+++ manifoldcf/trunk/framework/scripts-combined/combined-options.env.win Sat
Jan 25 01:57:41 2020
@@ -2,5 +2,6 @@
-Xmx512m
-Dorg.apache.manifoldcf.configfile=.\properties.xml
-Dorg.apache.manifoldcf.jettyshutdowntoken=secret_token
+-Djava.security.auth.login.config=
-cp
.;
Modified: manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.unix
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.unix?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.unix (original)
+++ manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.unix Sat Jan 25
01:57:41 2020
@@ -2,5 +2,6 @@
-Xmx256m
-Dorg.apache.manifoldcf.configfile=./properties.xml
-Dorg.apache.manifoldcf.jettyshutdowntoken=secret_token
+-Djava.security.auth.login.config=
-cp
.:
Modified: manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.win
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.win?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.win (original)
+++ manifoldcf/trunk/framework/scripts-jetty/jetty-options.env.win Sat Jan 25
01:57:41 2020
@@ -2,5 +2,6 @@
-Xmx256m
-Dorg.apache.manifoldcf.configfile=.\properties.xml
-Dorg.apache.manifoldcf.jettyshutdowntoken=secret_token
+-Djava.security.auth.login.config=
-cp
.;
Added: manifoldcf/trunk/framework/scripts-kerberos/jaas-client.conf
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/scripts-kerberos/jaas-client.conf?rev=1873121&view=auto
==============================================================================
--- manifoldcf/trunk/framework/scripts-kerberos/jaas-client.conf (added)
+++ manifoldcf/trunk/framework/scripts-kerberos/jaas-client.conf Sat Jan 25
01:57:41 2020
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+Client {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useKeyTab=true
+ keyTab="/path/to/file.keytab"
+ storeKey=true
+ useTicketCache=true
+ debug=true
+ principal="[email protected]";
+};
Propchange: manifoldcf/trunk/framework/scripts-kerberos/jaas-client.conf
------------------------------------------------------------------------------
svn:eol-style = LF
Modified: manifoldcf/trunk/framework/scripts-start/start-options.env.unix
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/scripts-start/start-options.env.unix?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/framework/scripts-start/start-options.env.unix (original)
+++ manifoldcf/trunk/framework/scripts-start/start-options.env.unix Sat Jan 25
01:57:41 2020
@@ -2,5 +2,6 @@
-Xmx512m
-Dorg.apache.manifoldcf.configfile=./properties.xml
-Dorg.apache.manifoldcf.jettyshutdowntoken=secret_token
+-Djava.security.auth.login.config=
-cp
.:
Modified: manifoldcf/trunk/framework/scripts-start/start-options.env.win
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/scripts-start/start-options.env.win?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/framework/scripts-start/start-options.env.win (original)
+++ manifoldcf/trunk/framework/scripts-start/start-options.env.win Sat Jan 25
01:57:41 2020
@@ -2,5 +2,6 @@
-Xmx512m
-Dorg.apache.manifoldcf.configfile=.\properties.xml
-Dorg.apache.manifoldcf.jettyshutdowntoken=secret_token
+-Djava.security.auth.login.config=
-cp
.;
Modified: manifoldcf/trunk/framework/scripts/options.env.unix
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/scripts/options.env.unix?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/framework/scripts/options.env.unix (original)
+++ manifoldcf/trunk/framework/scripts/options.env.unix Sat Jan 25 01:57:41 2020
@@ -1,5 +1,6 @@
-Xms512m
-Xmx512m
-Dorg.apache.manifoldcf.configfile=./properties.xml
+-Djava.security.auth.login.config=
-cp
.:
Modified: manifoldcf/trunk/framework/scripts/options.env.win
URL:
http://svn.apache.org/viewvc/manifoldcf/trunk/framework/scripts/options.env.win?rev=1873121&r1=1873120&r2=1873121&view=diff
==============================================================================
--- manifoldcf/trunk/framework/scripts/options.env.win (original)
+++ manifoldcf/trunk/framework/scripts/options.env.win Sat Jan 25 01:57:41 2020
@@ -1,5 +1,6 @@
-Xms512m
-Xmx512m
-Dorg.apache.manifoldcf.configfile=.\properties.xml
+-Djava.security.auth.login.config=
-cp
.;
