Author: erodriguez Date: Sat Jan 15 17:36:14 2005 New Revision: 125330 URL: http://svn.apache.org/viewcvs?view=rev&rev=125330 Log: First pass at MINA front-end for Kerberos. Added: incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/Main.java incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosDecoder.java incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosEncoder.java incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolProvider.java
Added: incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/Main.java Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/Main.java?view=auto&rev=125330 ============================================================================== --- (empty file) +++ incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/Main.java Sat Jan 15 17:36:14 2005 @@ -0,0 +1,183 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos; + +import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; +import java.net.InetSocketAddress; +import java.util.Properties; + +import javax.naming.NamingException; +import javax.naming.directory.InitialDirContext; + +import org.apache.kerberos.kdc.KdcConfiguration; +import org.apache.kerberos.kdc.store.BootstrapStore; +import org.apache.kerberos.kdc.store.EmbeddedEveStore; +import org.apache.kerberos.kdc.store.PrincipalStore; +import org.apache.kerberos.protocol.KerberosProtocolProvider; +import org.apache.ldap.server.jndi.EnvKeys; +import org.apache.mina.io.datagram.DatagramAcceptor; +import org.apache.mina.io.filter.IoThreadPoolFilter; +import org.apache.mina.io.socket.SocketAcceptor; +import org.apache.mina.protocol.filter.ProtocolThreadPoolFilter; +import org.apache.mina.protocol.io.IoProtocolAcceptor; + + +public class Main +{ + private final KdcConfiguration config = new KdcConfiguration(); + private final BootstrapStore bootstrap = new BootstrapStore( config ); + private PrincipalStore store; + + public Main( Properties env ) + { + store = new EmbeddedEveStore( env ); + + init(); + + try + { + setup(); + } + catch (Exception e) + { + e.printStackTrace(); + } + } + + public static void main( String[] args ) + { + long startTime = System.currentTimeMillis(); + + if ( args.length == 0 ) + { + System.err.println( "Path to configuration file required!" ); + + System.exit( 1 ); + } + + File file = new File( args[0] ); + + if ( ! file.exists() ) + { + System.err.println( "Config file '" + file.getAbsolutePath() + "' does not exist!" ); + + System.exit( 2 ); + } + + Properties env = new Properties(); + + try + { + env.load( new FileInputStream( file ) ); + } + catch ( IOException e ) + { + System.err.println( "Failed while loading config file '" + file.getAbsolutePath() + "'" ); + + System.exit( 3 ); + } + + new Main( env ); + + System.out.println( "Apache Kerberos: started in " + + ( System.currentTimeMillis() - startTime ) + + " milliseconds" ); + + while ( true ) + { + try + { + // this is a big time cludge for now to just play + Thread.sleep( 20000 ); + + try + { + env.setProperty( EnvKeys.SYNC, "true" ); + new InitialDirContext( env ); + } + catch ( NamingException e ) + { + e.printStackTrace(); + } + } + catch ( InterruptedException e ) + { + e.printStackTrace(); + } + } + } + + /** + * Instantiates the factory then gets a handle on the Frontend. + * + * @throws Exception due to create() + */ + protected void setup() throws IOException + { + int port = config.getDefaultPort(); + + // Create I/O and Protocol thread pool filter. + // I/O thread pool performs encoding and decoding of messages. + // Protocol thread pool performs actual protocol flow. + IoThreadPoolFilter ioThreadPoolFilter = new IoThreadPoolFilter(); + ProtocolThreadPoolFilter protocolThreadPoolFilter = new ProtocolThreadPoolFilter(); + + // and start both. + ioThreadPoolFilter.start(); + protocolThreadPoolFilter.start(); + + // Create a TCP/IP acceptor. + IoProtocolAcceptor acceptor = new IoProtocolAcceptor( new SocketAcceptor() ); + + // Add both thread pool filters. + acceptor.getIoAcceptor().addFilter( Integer.MAX_VALUE, ioThreadPoolFilter ); + acceptor.addFilter( Integer.MAX_VALUE, protocolThreadPoolFilter ); + + // Bind + acceptor.bind( new InetSocketAddress( port ), new KerberosProtocolProvider( bootstrap, store, config ) ); + + // Create a UDP/IP acceptor + IoProtocolAcceptor datagramAcceptor = new IoProtocolAcceptor( new DatagramAcceptor() ); + + // Add both thread pool filters. + datagramAcceptor.getIoAcceptor().addFilter( Integer.MAX_VALUE, ioThreadPoolFilter ); + datagramAcceptor.addFilter( Integer.MAX_VALUE, protocolThreadPoolFilter ); + + // Bind + datagramAcceptor.bind( new InetSocketAddress( port ), new KerberosProtocolProvider( bootstrap, store, config ) ); + + System.out.println( "Apache Kerberos listening on port " + port ); + } + + private void init() + { + Runnable runnable = new Runnable() + { + public void run() + { + bootstrap.init(); + store.init(); + } + }; + Thread storeInit = new Thread( runnable ); + storeInit.start(); + } +} + Added: incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosDecoder.java Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosDecoder.java?view=auto&rev=125330 ============================================================================== --- (empty file) +++ incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosDecoder.java Sat Jan 15 17:36:14 2005 @@ -0,0 +1,47 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos.protocol; + +import java.io.IOException; + +import org.apache.kerberos.io.decoder.KdcRequestDecoder; +import org.apache.mina.common.ByteBuffer; +import org.apache.mina.protocol.ProtocolDecoder; +import org.apache.mina.protocol.ProtocolDecoderOutput; +import org.apache.mina.protocol.ProtocolSession; +import org.apache.mina.protocol.ProtocolViolationException; + + +public class KerberosDecoder implements ProtocolDecoder +{ + private KdcRequestDecoder decoder = new KdcRequestDecoder(); + + public void decode( ProtocolSession session, ByteBuffer in, ProtocolDecoderOutput out ) + throws ProtocolViolationException + { + try + { + out.write( decoder.decode( in.buf() ) ); + } + catch ( IOException ioe) + { + ioe.printStackTrace(); + } + } +} + Added: incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosEncoder.java Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosEncoder.java?view=auto&rev=125330 ============================================================================== --- (empty file) +++ incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosEncoder.java Sat Jan 15 17:36:14 2005 @@ -0,0 +1,67 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos.protocol; + +import java.io.IOException; + +import org.apache.kerberos.io.encoder.ErrorMessageEncoder; +import org.apache.kerberos.io.encoder.KdcReplyEncoder; +import org.apache.kerberos.messages.ErrorMessage; +import org.apache.kerberos.messages.KdcReply; +import org.apache.mina.common.ByteBuffer; +import org.apache.mina.protocol.ProtocolEncoder; +import org.apache.mina.protocol.ProtocolEncoderOutput; +import org.apache.mina.protocol.ProtocolSession; +import org.apache.mina.protocol.ProtocolViolationException; + + +public class KerberosEncoder implements ProtocolEncoder +{ + private KdcReplyEncoder replyEncoder = new KdcReplyEncoder(); + private ErrorMessageEncoder errorEncoder = new ErrorMessageEncoder(); + + public void encode( ProtocolSession session, Object message, ProtocolEncoderOutput out ) + throws ProtocolViolationException + { + ByteBuffer buf = ByteBuffer.allocate( 512 ); + + try + { + if ( message instanceof KdcReply ) + { + replyEncoder.encode( (KdcReply)message, buf.buf() ); + } + else + { + if ( message instanceof ErrorMessage ) + { + errorEncoder.encode( (ErrorMessage)message, buf.buf() ); + } + } + + buf.flip(); + + out.write( buf ); + } + catch ( IOException ioe ) + { + throw new ProtocolViolationException(); + } + } +} + Added: incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java?view=auto&rev=125330 ============================================================================== --- (empty file) +++ incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolHandler.java Sat Jan 15 17:36:14 2005 @@ -0,0 +1,121 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos.protocol; + +import java.io.IOException; + +import org.apache.kerberos.kdc.AuthenticationService; +import org.apache.kerberos.kdc.ErrorService; +import org.apache.kerberos.kdc.KdcConfiguration; +import org.apache.kerberos.kdc.KerberosException; +import org.apache.kerberos.kdc.TicketGrantingService; +import org.apache.kerberos.kdc.store.BootstrapStore; +import org.apache.kerberos.kdc.store.PrincipalStore; +import org.apache.kerberos.messages.AuthenticationReply; +import org.apache.kerberos.messages.ErrorMessage; +import org.apache.kerberos.messages.KdcRequest; +import org.apache.kerberos.messages.TicketGrantReply; +import org.apache.mina.common.IdleStatus; +import org.apache.mina.protocol.ProtocolHandler; +import org.apache.mina.protocol.ProtocolSession; + + +public class KerberosProtocolHandler implements ProtocolHandler +{ + private AuthenticationService authService; + private TicketGrantingService tgsService; + private ErrorService errorService; + + public KerberosProtocolHandler( BootstrapStore store, PrincipalStore bootstrap, KdcConfiguration config ) + { + errorService = new ErrorService( config ); + authService = new AuthenticationService( store, bootstrap, config ); + tgsService = new TicketGrantingService( store, bootstrap, config ); + } + + public void sessionOpened( ProtocolSession session ) + { + System.out.println( session.getRemoteAddress() + " OPENED" ); + } + + public void sessionClosed( ProtocolSession session ) + { + System.out.println( session.getRemoteAddress() + " CLOSED" ); + } + + public void sessionIdle( ProtocolSession session, IdleStatus status ) + { + System.out.println( session.getRemoteAddress() + " IDLE(" + status + ")" ); + } + + public void exceptionCaught( ProtocolSession session, Throwable cause ) + { + System.out.println( session.getRemoteAddress() + " EXCEPTION" ); + cause.printStackTrace( System.out ); + + session.close(); + } + + public void messageReceived( ProtocolSession session, Object message ) + { + System.out.println( session.getRemoteAddress() + " RCVD: " + message ); + + try + { + KdcRequest request = (KdcRequest)message; + + int messageType = request.getMessageType().getOrdinal(); + + switch ( messageType ) + { + case 10: + AuthenticationReply authReply = authService.getReplyFor( request ); + session.write( authReply ); + break; + + case 12: + TicketGrantReply ticketReply = tgsService.getReplyFor( request ); + session.write( ticketReply ); + break; + + case 11: + case 13: + throw KerberosException.KRB_AP_ERR_BADDIRECTION; + + default: + throw KerberosException.KRB_AP_ERR_MSG_TYPE; + } + } + catch ( KerberosException ke ) + { + System.out.println( "Returning error message: " + ke.getMessage() ); + ErrorMessage errorMessage = errorService.getReplyFor( ke ); + session.write( errorMessage ); + } + catch ( IOException ioe ) + { + ioe.printStackTrace(); + } + } + + public void messageSent( ProtocolSession session, Object message ) + { + System.out.println( session.getRemoteAddress() + " SENT: " + message ); + } +} + Added: incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolProvider.java Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolProvider.java?view=auto&rev=125330 ============================================================================== --- (empty file) +++ incubator/directory/kerberos/trunk/protocol/src/java/org/apache/kerberos/protocol/KerberosProtocolProvider.java Sat Jan 15 17:36:14 2005 @@ -0,0 +1,72 @@ +/* + * Copyright 2005 The Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +package org.apache.kerberos.protocol; + +import org.apache.kerberos.kdc.KdcConfiguration; +import org.apache.kerberos.kdc.store.BootstrapStore; +import org.apache.kerberos.kdc.store.PrincipalStore; +import org.apache.mina.protocol.ProtocolCodecFactory; +import org.apache.mina.protocol.ProtocolDecoder; +import org.apache.mina.protocol.ProtocolEncoder; +import org.apache.mina.protocol.ProtocolHandler; +import org.apache.mina.protocol.ProtocolProvider; + + +public class KerberosProtocolProvider implements ProtocolProvider +{ + private BootstrapStore store; + private PrincipalStore bootstrap; + private KdcConfiguration config; + + public KerberosProtocolProvider( BootstrapStore store, PrincipalStore bootstrap, KdcConfiguration config ) + { + this.store = store; + this.bootstrap = bootstrap; + this.config = config; + } + + // Protocol handler is usually a singleton. + private ProtocolHandler HANDLER = new KerberosProtocolHandler( store, bootstrap, config ); + + // Codec factory is also usually a singleton. + private static ProtocolCodecFactory CODEC_FACTORY = new ProtocolCodecFactory() + { + public ProtocolEncoder newEncoder() + { + // Create a new encoder. + return new KerberosEncoder(); + } + + public ProtocolDecoder newDecoder() + { + // Create a new decoder. + return new KerberosDecoder(); + } + }; + + public ProtocolCodecFactory getCodecFactory() + { + return CODEC_FACTORY; + } + + public ProtocolHandler getHandler() + { + return HANDLER; + } +} +
