svn commit: r1748630 - in /zookeeper/trunk: CHANGES.txt src/java/main/org/apache/zookeeper/server/ZooKeeperSaslServer.java

Wed, 15 Jun 2016 13:30:26 -0700 

Author: phunt
Date: Wed Jun 15 20:30:05 2016
New Revision: 1748630

URL: http://svn.apache.org/viewvc?rev=1748630&view=rev
Log:
ZOOKEEPER-2433: ZooKeeperSaslServer: allow user principals in subject (Andy B 
via phunt)

Modified:
    zookeeper/trunk/CHANGES.txt
    
zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperSaslServer.java

Modified: zookeeper/trunk/CHANGES.txt
URL: 
http://svn.apache.org/viewvc/zookeeper/trunk/CHANGES.txt?rev=1748630&r1=1748629&r2=1748630&view=diff
==============================================================================
--- zookeeper/trunk/CHANGES.txt (original)
+++ zookeeper/trunk/CHANGES.txt Wed Jun 15 20:30:05 2016
@@ -434,6 +434,9 @@ IMPROVEMENTS:
   ZOOKEEPER-2410: add time unit to 'ELECTION TOOK' log.info message
   (Christine Poerschke via phunt)
 
+  ZOOKEEPER-2433: ZooKeeperSaslServer: allow user principals in
+  subject (Andy B via phunt)
+
 Release 3.5.0 - 8/4/2014
 
 NEW FEATURES:

Modified: 
zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperSaslServer.java
URL: 
http://svn.apache.org/viewvc/zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperSaslServer.java?rev=1748630&r1=1748629&r2=1748630&view=diff
==============================================================================
--- 
zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperSaslServer.java
 (original)
+++ 
zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperSaslServer.java
 Wed Jun 15 20:30:05 2016
@@ -63,16 +63,23 @@ public class ZooKeeperSaslServer {
 
                         int indexOf = 
servicePrincipalNameAndHostname.indexOf("/");
 
-                        // e.g. servicePrincipalName := "zookeeper"
-                        final String servicePrincipalName = 
servicePrincipalNameAndHostname.substring(0, indexOf);
-
                         // e.g. serviceHostnameAndKerbDomain := 
"[email protected]"
                         final String serviceHostnameAndKerbDomain = 
servicePrincipalNameAndHostname.substring(indexOf+1,servicePrincipalNameAndHostname.length());
 
-                        indexOf = serviceHostnameAndKerbDomain.indexOf("@");
-                        // e.g. serviceHostname := "myhost.foo.com"
-                        final String serviceHostname = 
serviceHostnameAndKerbDomain.substring(0,indexOf);
+                        int indexOfAt = 
serviceHostnameAndKerbDomain.indexOf("@");
 
+                        // Handle Kerberos Service as well as User Principal 
Names
+                        final String servicePrincipalName, serviceHostname;
+                        if (indexOf > 0){
+                            // e.g. servicePrincipalName := "zookeeper"
+                            servicePrincipalName = 
servicePrincipalNameAndHostname.substring(0, indexOf);
+                            // e.g. serviceHostname := "myhost.foo.com"
+                            serviceHostname = 
serviceHostnameAndKerbDomain.substring(0, indexOfAt);
+                        } else {
+                            servicePrincipalName = 
servicePrincipalNameAndHostname.substring(0, indexOfAt);
+                            serviceHostname = null;
+                        }
+                        
                         final String mech = "GSSAPI";   // TODO: should depend 
on zoo.cfg specified mechs, but if subject is non-null, it can be assumed to be 
GSSAPI.
 
                         LOG.debug("serviceHostname is '"+ serviceHostname + 
"'");

Reply via email to