Merge remote-tracking branch 'asf/trunk' into trunk
diff --git a/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasInitClient.java b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasInitClient.java
new file mode 100644
index 0000000..5d28867
--- /dev/null
+++ b/has-project/has-client/src/main/java/org/apache/kerby/has/client/HasInitClient.java
@@ -0,0 +1,123 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.kerby.has.client;
+
+import com.sun.jersey.api.client.Client;
+import com.sun.jersey.api.client.ClientResponse;
+import com.sun.jersey.api.client.WebResource;
+import com.sun.jersey.api.client.config.ClientConfig;
+import com.sun.jersey.api.client.config.DefaultClientConfig;
+import com.sun.jersey.client.urlconnection.HTTPSProperties;
+import com.sun.jersey.core.util.MultivaluedMapImpl;
+import org.apache.kerby.has.common.HasConfig;
+import org.codehaus.jettison.json.JSONException;
+import org.codehaus.jettison.json.JSONObject;
+import org.glassfish.jersey.SslConfigurator;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.ws.rs.core.MultivaluedMap;
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.HttpURLConnection;
+import java.net.URL;
+
+/**
+ * HAS client API for applications to interact with HAS server
+ */
+public class HasInitClient {
+
+ public static final Logger LOG = LoggerFactory.getLogger(HasInitClient.class);
+
+ private HasConfig hasConfig;
+ private File confDir;
+
+ public HasInitClient(HasConfig hasConfig, File confDir) {
+ this.hasConfig = hasConfig;
+ this.confDir = confDir;
+ }
+
+ public File getConfDir() {
+ return confDir;
+ }
+
+ private WebResource getWebResource(String restName) {
+ Client client;
+ String server = null;
+ if (hasConfig.getHttpsPort() != null && hasConfig.getHttpsHost() != null) {
+ server = "https://" + hasConfig.getHttpsHost() + ":" + hasConfig.getHttpsPort()
+ + "/has/v1/" + restName;
+ LOG.info("Admin request url: " + server);
+ HasConfig conf = new HasConfig();
+ try {
+ conf.addIniConfig(new File(hasConfig.getSslClientConf()));
+ } catch (IOException e) {
+ throw new RuntimeException("Errors occurred when adding ssl conf. "
+ + e.getMessage());
+ }
+ SslConfigurator sslConfigurator = SslConfigurator.newInstance()
+ .trustStoreFile(conf.getString("ssl.client.truststore.location"))
+ .trustStorePassword(conf.getString("ssl.client.truststore.password"));
+ sslConfigurator.securityProtocol("SSL");
+ SSLContext sslContext = sslConfigurator.createSSLContext();
+ ClientConfig clientConfig = new DefaultClientConfig();
+ clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
+ new HTTPSProperties(new HostnameVerifier() {
+ @Override
+ public boolean verify(String s, SSLSession sslSession) {
+ return false;
+ }
+ }, sslContext));
+ client = Client.create(clientConfig);
+ } else {
+ client = Client.create();
+ }
+ if (server == null) {
+ throw new RuntimeException("Please set the https address and port.");
+ }
+ return client.resource(server);
+ }
+
+ public void startKdc() {
+ WebResource webResource = getWebResource("init/kdcstart");
+ ClientResponse response = webResource.get(ClientResponse.class);
+ try {
+ JSONObject result = new JSONObject(response.getEntity(String.class));
+ if (result.getString("result").equals("success")) {
+ System.out.println(result.getString("msg"));
+ } else {
+ System.err.println(result.getString("msg"));
+ }
+ } catch (JSONException e) {
+ System.err.println(e.getMessage());
+ }
+ }
+
+ public InputStream initKdc() {
+ WebResource webResource = getWebResource("init/kdcinit");
+ ClientResponse response = webResource.get(ClientResponse.class);
+ if (response.getStatus() == 200) {
+ return response.getEntityInputStream();
+ }
+ return null;
+ }
+}
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/HasServer.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/HasServer.java
index e14e619..8608bf0 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/HasServer.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/HasServer.java
@@ -141,6 +141,23 @@
setHttpFilter();
}
+ public File initKdcServer() throws KrbException {
+ File adminKeytabFile = new File(workDir, "admin.keytab");
+ LocalKadmin kadmin = new LocalKadminImpl(kdcServer.getKdcSetting(),
+ kdcServer.getIdentityService());
+ if (adminKeytabFile.exists()) {
+ throw new KrbException("KDC Server is already inited.");
+ }
+ kadmin.createBuiltinPrincipals();
+ kadmin.exportKeytab(adminKeytabFile, kadmin.getKadminPrincipal());
+ System.out.println("The keytab for kadmin principal "
+ + " has been exported to the specified file "
+ + adminKeytabFile.getAbsolutePath() + ", please safely keep it, "
+ + "in order to use kadmin tool later");
+
+ return adminKeytabFile;
+ }
+
private void setHttpFilter() throws HasException {
File httpKeytabFile = new File(workDir, "http.keytab");
LocalKadmin kadmin = new LocalKadminImpl(kdcServer.getKdcSetting(),
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/WebServer.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/WebServer.java
index 15e817c..abf3a9a 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/WebServer.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/WebServer.java
@@ -28,6 +28,7 @@
import org.apache.kerby.has.common.HasConfig;
import org.apache.kerby.has.common.HasException;
import org.apache.kerby.has.server.HasServer;
+import org.apache.kerby.has.server.web.rest.AsRequestApi;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -58,6 +59,16 @@
return conf;
}
+ private void init() {
+
+ final String pathSpec = "/has/v1/*";
+
+ // add has packages
+ httpServer.addJerseyResourcePackage(AsRequestApi.class
+ .getPackage().getName(),
+ pathSpec);
+ }
+
public void defineFilter() {
String authType = conf.getString(WebConfigKey.HAS_AUTHENTICATION_FILTER_AUTH_TYPE);
if (authType.equals("kerberos")) {
@@ -170,6 +181,8 @@
throw new HasException("Errors occurred when building http server. " + e.getMessage());
}
+ init();
+
try {
httpServer.start();
} catch (IOException e) {
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HasApi.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/AsRequestApi.java
similarity index 97%
rename from has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HasApi.java
rename to has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/AsRequestApi.java
index eaa3587..6415161 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HasApi.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/AsRequestApi.java
@@ -53,7 +53,7 @@
* HAS web methods implementation.
*/
@Path("")
-public class HasApi {
+public class AsRequestApi {
@Context
private ServletContext context;
@@ -146,6 +146,6 @@
}
return Response.ok(js).type(MediaType.APPLICATION_JSON).build();
}
- return Response.status(403).entity("HTTPS required.\n").build();
+ return Response.status(Response.Status.FORBIDDEN).entity("HTTPS required.\n").build();
}
}
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HadminApi.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HadminApi.java
index a7febc1..f81a266 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HadminApi.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/HadminApi.java
@@ -54,7 +54,7 @@
/**
* HAS Admin web methods implementation.
*/
-@Path("/admin")
+@Path("/hadmin")
public class HadminApi {
@Context
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/InitApi.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/InitApi.java
new file mode 100644
index 0000000..6e1cc6e
--- /dev/null
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/InitApi.java
@@ -0,0 +1,96 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.kerby.has.server.web.rest;
+
+import org.apache.kerby.has.common.HasException;
+import org.apache.kerby.has.server.HasServer;
+import org.apache.kerby.has.server.web.WebServer;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.codehaus.jettison.json.JSONObject;
+
+import javax.servlet.ServletContext;
+import javax.servlet.http.HttpServletRequest;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import java.io.File;
+
+/**
+ * HAS initialize methods implementation.
+ */
+@Path("/init")
+public class InitApi {
+
+ @Context
+ private ServletContext context;
+
+ @Context
+ private HttpServletRequest httpRequest;
+
+ @GET
+ @Path("/kdcinit")
+ @Produces(MediaType.TEXT_PLAIN)
+ public Response kdcInit() {
+ if (httpRequest.isSecure()) {
+ final HasServer hasServer = WebServer.getHasServerFromContext(context);
+ String msg;
+ try {
+ File adminKeytab = hasServer.initKdcServer();
+ return Response.ok(adminKeytab).header("Content-Disposition",
+ "attachment; filename=" + adminKeytab.getName()).build();
+ } catch (KrbException e) {
+ msg = "Failed to initialize KDC, because: " + e.getMessage();
+ WebServer.LOG.error(msg);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+ }
+ }
+ return Response.status(Response.Status.FORBIDDEN).entity("HTTPS required.\n").build();
+ }
+
+ @GET
+ @Path("/kdcstart")
+ @Produces(MediaType.TEXT_PLAIN)
+ public Response kdcStart() {
+ if (httpRequest.isSecure()) {
+ final HasServer hasServer = WebServer.getHasServerFromContext(context);
+ JSONObject result = new JSONObject();
+ String msg;
+ try {
+ hasServer.startKdcServer();
+ } catch (HasException e) {
+ msg = "Failed to start kdc server, because: " + e.getMessage();
+ WebServer.LOG.error(msg);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+ }
+ try {
+ msg = "Succeed in starting KDC server.";
+ result.put("result", "success");
+ result.put("msg", msg);
+ return Response.ok(result.toString()).build();
+ } catch (Exception e) {
+ msg = "Failed to start kdc server, because: " + e.getMessage();
+ WebServer.LOG.error(msg);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build();
+ }
+ }
+ return Response.status(Response.Status.FORBIDDEN).entity("HTTPS required.\n").build();
+ }
+}
diff --git a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/KadminApi.java b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/KadminApi.java
index 1e8e82c..6445156 100644
--- a/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/KadminApi.java
+++ b/has-project/has-server/src/main/java/org/apache/kerby/has/server/web/rest/KadminApi.java
@@ -45,6 +45,7 @@
/**
* Kadmin web methods implementation.
*/
+@Path("/kadmin")
public class KadminApi {
@Context
private ServletContext context;
diff --git a/kerby-dist/has-dist/bin/hasinit.sh b/kerby-dist/has-dist/bin/hasinit.sh
new file mode 100644
index 0000000..2bbbf6a
--- /dev/null
+++ b/kerby-dist/has-dist/bin/hasinit.sh
@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+CONF_DIR=$1
+APP_MAIN=org.apache.kerby.kerberos.tool.HasInitTool
+
+# Reset HAS_CONF_DIR if CONF_DIR not null
+if [ "$CONF_DIR" != "" ]; then
+ if [ ! -d "$CONF_DIR" ]; then
+ echo "[ERROR] ${CONF_DIR} is not a directory"
+ usage
+ fi
+else
+ if [ "$HAS_CONF_DIR" != "" ] && [ -d "$HAS_CONF_DIR" ]; then
+ CONF_DIR=${HAS_CONF_DIR}
+ else
+ echo "[ERROR] HAS_CONF_DIR is null or not a directory"
+ exit
+ fi
+fi
+
+# Load HAS environment variables
+if [ -f "${CONF_DIR}/has-env.sh" ]; then
+ . "${CONF_DIR}/has-env.sh"
+fi
+
+# Get HAS_HOME directory
+bin=`dirname "$0"`
+HAS_HOME=`cd ${bin}/..; pwd`
+cd ${HAS_HOME}
+
+for var in $*; do
+ if [ X"$var" = X"-D" ]; then
+ DEBUG="-Xdebug -Xrunjdwp:transport=dt_socket,address=8011,server=y,suspend=y"
+ fi
+done
+
+echo "[INFO] conf_dir=$CONF_DIR"
+HAS_OPTS="-DHAS_LOGFILE=kdcinit"
+
+java ${DEBUG} -classpath target/lib/*:. ${HAS_OPTS} ${APP_MAIN} ${CONF_DIR}
diff --git a/kerby-dist/has-dist/conf/hadmin.conf b/kerby-dist/has-dist/conf/hadmin.conf
new file mode 100644
index 0000000..e950aea
--- /dev/null
+++ b/kerby-dist/has-dist/conf/hadmin.conf
@@ -0,0 +1,6 @@
+[HAS]
+ https_host = plusplus-desktop
+ https_port = 8092
+ admin_keytab = /etc/has/admin.keytab
+ admin_keytab_principal = kadmin/HADOOP.COM@HADOOP.COM
+ filter_auth_type = kerberos
diff --git a/kerby-dist/has-dist/pom.xml b/kerby-dist/has-dist/pom.xml
index bea34d4..882be35 100644
--- a/kerby-dist/has-dist/pom.xml
+++ b/kerby-dist/has-dist/pom.xml
@@ -19,6 +19,11 @@
<artifactId>has-server</artifactId>
<version>${project.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>has-tool</artifactId>
+ <version>${project.version}</version>
+ </dependency>
</dependencies>
<build>
diff --git a/kerby-tool/has-tool/pom.xml b/kerby-tool/has-tool/pom.xml
new file mode 100644
index 0000000..36328ed
--- /dev/null
+++ b/kerby-tool/has-tool/pom.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <parent>
+ <artifactId>kerby-tool</artifactId>
+ <groupId>org.apache.kerby</groupId>
+ <version>1.1.1-SNAPSHOT</version>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+
+ <artifactId>has-tool</artifactId>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>has-client</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>has-common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+
+
+</project>
\ No newline at end of file
diff --git a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/HasInitTool.java b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/HasInitTool.java
new file mode 100644
index 0000000..bd0a466
--- /dev/null
+++ b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/HasInitTool.java
@@ -0,0 +1,108 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.tool;
+
+import org.apache.kerby.has.client.HasInitClient;
+import org.apache.kerby.has.common.HasConfig;
+import org.apache.kerby.has.common.HasException;
+import org.apache.kerby.has.common.util.HasUtil;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.tool.cmd.InitKdcCmd;
+import org.apache.kerby.kerberos.tool.cmd.StartKdcCmd;
+import org.apache.kerby.kerberos.tool.cmd.InitCmd;
+import org.apache.kerby.util.OSUtil;
+
+import java.io.File;
+import java.util.Scanner;
+
+public class HasInitTool {
+ private static final String PROMPT = HasInitTool.class.getSimpleName();
+ private static final String USAGE = (OSUtil.isWindows()
+ ? "Usage: bin\\hasinit.cmd" : "Usage: sh bin/hasinit.sh")
+ + " <conf-file>\n"
+ + "\tExample:\n"
+ + "\t\t"
+ + (OSUtil.isWindows()
+ ? "bin\\hasinit.cmd" : "sh bin/hasinit.sh")
+ + " conf\n";
+
+ private static final String LEGAL_COMMANDS = "Available commands are: "
+ + "\n"
+ + "start_kdc, start\n"
+ + " Start kdc\n"
+ + "init_kdc, init\n"
+ + " Init kdc\n";
+
+ public static void main(String[] args) {
+ if (args.length < 1) {
+ System.err.println(USAGE);
+ System.exit(1);
+ }
+ String confDirPath = args[0];
+ File confFile = new File(confDirPath, "hadmin.conf");
+ HasConfig hasConfig;
+ try {
+ hasConfig = HasUtil.getHasConfig(confFile);
+ } catch (HasException e) {
+ System.err.println(e.getMessage());
+ return;
+ }
+
+ System.out.println(LEGAL_COMMANDS);
+ System.out.println("enter \"<cmd> [?][-help]\" to get cmd help.");
+ Scanner scanner = new Scanner(System.in, "UTF-8");
+ System.out.print(PROMPT + ": ");
+ String input = scanner.nextLine();
+
+ HasInitClient hasInitClient = new HasInitClient(hasConfig, new File(confDirPath));
+ while (!(input.equals("quit") || input.equals("exit") || input.equals("q"))) {
+ try {
+ execute(hasInitClient, input);
+ } catch (KrbException e) {
+ System.err.println(e.getMessage());
+ }
+ System.out.print(PROMPT + ": ");
+ input = scanner.nextLine();
+ }
+ }
+
+ private static void execute(HasInitClient hasInitClient, String input) throws KrbException {
+ input = input.trim();
+ if (input.startsWith("cmd")) {
+ System.out.println(LEGAL_COMMANDS);
+ return;
+ }
+ String[] items = input.split("\\s+");
+ String cmd = items[0];
+
+ InitCmd executor;
+ if (cmd.equals("start_kdc")
+ || cmd.equals("start")) {
+ executor = new StartKdcCmd(hasInitClient);
+ } else if (cmd.equals("init_kdc")
+ || cmd.equals("init")) {
+ executor = new InitKdcCmd(hasInitClient);
+ } else {
+ System.out.println(LEGAL_COMMANDS);
+ return;
+ }
+ executor.execute(items);
+ }
+}
diff --git a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/cmd/InitCmd.java b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/cmd/InitCmd.java
new file mode 100644
index 0000000..c03d5bd
--- /dev/null
+++ b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/cmd/InitCmd.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.tool.cmd;
+
+import org.apache.kerby.has.client.HasInitClient;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+public abstract class InitCmd {
+
+ private HasInitClient client;
+
+ public InitCmd(HasInitClient client) {
+ this.client = client;
+ }
+
+ protected HasInitClient getClient() {
+ return client;
+ }
+
+ /**
+ * Execute the kdc init cmd.
+ * @param input Input cmd to execute
+ */
+ public abstract void execute(String[] input) throws KrbException;
+}
diff --git a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/cmd/InitKdcCmd.java b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/cmd/InitKdcCmd.java
new file mode 100644
index 0000000..63fe30a
--- /dev/null
+++ b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/cmd/InitKdcCmd.java
@@ -0,0 +1,90 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.tool.cmd;
+
+import org.apache.kerby.has.client.HasInitClient;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * Remote init kdc cmd
+ */
+public class InitKdcCmd extends InitCmd {
+
+ public static final String USAGE = "Usage: init_kdc [-p] [path]\n"
+ + "\tExample:\n"
+ + "\t\tinit_kdc\n";
+
+ public InitKdcCmd(HasInitClient client) {
+ super(client);
+ }
+
+ @Override
+ public void execute(String[] items) throws KrbException {
+ if (items.length >= 2 && (items[1].startsWith("?") || items[1].startsWith("-help"))) {
+ System.out.println(USAGE);
+ return;
+ }
+ File path = getClient().getConfDir();
+ if (items.length >= 3 && items[1].startsWith("-p")) {
+ path = new File(items[2]);
+ if (!path.exists() && !path.mkdirs()) {
+ System.err.println("Cannot create file : " + items[2]);
+ return;
+ }
+ }
+ File adminKeytab = new File(path, "admin.keytab");
+
+ HasInitClient client = getClient();
+ InputStream content = client.initKdc();
+
+ if (content == null) {
+ System.err.println("Failed to init kdc.");
+ return;
+ }
+
+ FileOutputStream fos = null;
+ try {
+ fos = new FileOutputStream(adminKeytab);
+ } catch (FileNotFoundException e) {
+ System.err.println("the admin keytab file not found. " + e.getMessage());
+ }
+ byte[] buffer = new byte[4 * 1024];
+ int read;
+ try {
+ while ((read = content.read(buffer)) > 0) {
+ fos.write(buffer, 0, read);
+ }
+ fos.close();
+ content.close();
+ } catch (IOException e) {
+ System.err.println("Errors occurred when getting the admin.keytab. " + e.getMessage());
+ }
+
+ System.out.println("admin.keytab has saved in : " + adminKeytab.getAbsolutePath()
+ + ",\nplease safely save it to use kadmin.");
+
+ }
+}
diff --git a/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/cmd/StartKdcCmd.java b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/cmd/StartKdcCmd.java
new file mode 100644
index 0000000..05c9932
--- /dev/null
+++ b/kerby-tool/has-tool/src/main/java/org/apache/kerby/kerberos/tool/cmd/StartKdcCmd.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.tool.cmd;
+
+import org.apache.kerby.has.client.HasInitClient;
+import org.apache.kerby.kerberos.kerb.KrbException;
+
+/**
+ * Remote start kdc cmd
+ */
+public class StartKdcCmd extends InitCmd {
+
+ public static final String USAGE = "Usage: start_kdc\n"
+ + "\tExample:\n"
+ + "\t\tstart\n";
+
+ public StartKdcCmd(HasInitClient client) {
+ super(client);
+ }
+
+ @Override
+ public void execute(String[] items) throws KrbException {
+ if (items.length >= 2 && (items[1].startsWith("?") || items[1].startsWith("-help"))) {
+ System.out.println(USAGE);
+ return;
+ }
+
+ if (items.length != 1) {
+ System.err.println(USAGE);
+ return;
+ }
+ HasInitClient client = getClient();
+ client.startKdc();
+ }
+}
diff --git a/kerby-tool/pom.xml b/kerby-tool/pom.xml
index af99196..4fd24d3 100644
--- a/kerby-tool/pom.xml
+++ b/kerby-tool/pom.xml
@@ -28,6 +28,7 @@
<modules>
<module>client-tool</module>
<module>kdc-tool</module>
+ <module>has-tool</module>
</modules>
</project>
