Google Git
Sign in
apache / hbase-site / b6f9c9b1e30074a15d99b9846edeb24f586c9d35 / . / devapidocs / src-html / org / apache / hadoop / hbase / thrift / HttpDoAsClient.html
blob: a5e62ab1aa69629bb873f739d5acc7664d215183 [file] [log] [blame]
<!DOCTYPE HTML>
<html lang="en">
<head>
<!-- Generated by javadoc (17) -->
<title>Source code</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="source: package: org.apache.hadoop.hbase.thrift, class: HttpDoAsClient">
<meta name="generator" content="javadoc/SourceToHTMLConverter">
<link rel="stylesheet" type="text/css" href="../../../../../../stylesheet.css" title="Style">
</head>
<body class="source-page">
<main role="main">
<div class="source-container">
<pre><span class="source-line-no">001</span><span id="line-1">/*</span>
<span class="source-line-no">002</span><span id="line-2"> * Licensed to the Apache Software Foundation (ASF) under one</span>
<span class="source-line-no">003</span><span id="line-3"> * or more contributor license agreements. See the NOTICE file</span>
<span class="source-line-no">004</span><span id="line-4"> * distributed with this work for additional information</span>
<span class="source-line-no">005</span><span id="line-5"> * regarding copyright ownership. The ASF licenses this file</span>
<span class="source-line-no">006</span><span id="line-6"> * to you under the Apache License, Version 2.0 (the</span>
<span class="source-line-no">007</span><span id="line-7"> * "License"); you may not use this file except in compliance</span>
<span class="source-line-no">008</span><span id="line-8"> * with the License. You may obtain a copy of the License at</span>
<span class="source-line-no">009</span><span id="line-9"> *</span>
<span class="source-line-no">010</span><span id="line-10"> * http://www.apache.org/licenses/LICENSE-2.0</span>
<span class="source-line-no">011</span><span id="line-11"> *</span>
<span class="source-line-no">012</span><span id="line-12"> * Unless required by applicable law or agreed to in writing, software</span>
<span class="source-line-no">013</span><span id="line-13"> * distributed under the License is distributed on an "AS IS" BASIS,</span>
<span class="source-line-no">014</span><span id="line-14"> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.</span>
<span class="source-line-no">015</span><span id="line-15"> * See the License for the specific language governing permissions and</span>
<span class="source-line-no">016</span><span id="line-16"> * limitations under the License.</span>
<span class="source-line-no">017</span><span id="line-17"> */</span>
<span class="source-line-no">018</span><span id="line-18">package org.apache.hadoop.hbase.thrift;</span>
<span class="source-line-no">019</span><span id="line-19"></span>
<span class="source-line-no">020</span><span id="line-20">import java.io.File;</span>
<span class="source-line-no">021</span><span id="line-21">import java.nio.ByteBuffer;</span>
<span class="source-line-no">022</span><span id="line-22">import java.security.Principal;</span>
<span class="source-line-no">023</span><span id="line-23">import java.security.PrivilegedExceptionAction;</span>
<span class="source-line-no">024</span><span id="line-24">import java.util.ArrayList;</span>
<span class="source-line-no">025</span><span id="line-25">import java.util.Base64;</span>
<span class="source-line-no">026</span><span id="line-26">import java.util.HashMap;</span>
<span class="source-line-no">027</span><span id="line-27">import java.util.HashSet;</span>
<span class="source-line-no">028</span><span id="line-28">import java.util.Map;</span>
<span class="source-line-no">029</span><span id="line-29">import java.util.Set;</span>
<span class="source-line-no">030</span><span id="line-30">import javax.security.auth.Subject;</span>
<span class="source-line-no">031</span><span id="line-31">import javax.security.auth.kerberos.KerberosPrincipal;</span>
<span class="source-line-no">032</span><span id="line-32">import javax.security.auth.login.AppConfigurationEntry;</span>
<span class="source-line-no">033</span><span id="line-33">import javax.security.auth.login.Configuration;</span>
<span class="source-line-no">034</span><span id="line-34">import javax.security.auth.login.LoginContext;</span>
<span class="source-line-no">035</span><span id="line-35">import org.apache.hadoop.hbase.thrift.generated.AlreadyExists;</span>
<span class="source-line-no">036</span><span id="line-36">import org.apache.hadoop.hbase.thrift.generated.ColumnDescriptor;</span>
<span class="source-line-no">037</span><span id="line-37">import org.apache.hadoop.hbase.thrift.generated.Hbase;</span>
<span class="source-line-no">038</span><span id="line-38">import org.apache.hadoop.hbase.util.Bytes;</span>
<span class="source-line-no">039</span><span id="line-39">import org.apache.hadoop.hbase.util.ClientUtils;</span>
<span class="source-line-no">040</span><span id="line-40">import org.apache.thrift.protocol.TBinaryProtocol;</span>
<span class="source-line-no">041</span><span id="line-41">import org.apache.thrift.protocol.TProtocol;</span>
<span class="source-line-no">042</span><span id="line-42">import org.apache.thrift.transport.THttpClient;</span>
<span class="source-line-no">043</span><span id="line-43">import org.apache.thrift.transport.TSocket;</span>
<span class="source-line-no">044</span><span id="line-44">import org.apache.thrift.transport.TTransport;</span>
<span class="source-line-no">045</span><span id="line-45">import org.apache.yetus.audience.InterfaceAudience;</span>
<span class="source-line-no">046</span><span id="line-46">import org.ietf.jgss.GSSContext;</span>
<span class="source-line-no">047</span><span id="line-47">import org.ietf.jgss.GSSCredential;</span>
<span class="source-line-no">048</span><span id="line-48">import org.ietf.jgss.GSSException;</span>
<span class="source-line-no">049</span><span id="line-49">import org.ietf.jgss.GSSManager;</span>
<span class="source-line-no">050</span><span id="line-50">import org.ietf.jgss.GSSName;</span>
<span class="source-line-no">051</span><span id="line-51">import org.ietf.jgss.Oid;</span>
<span class="source-line-no">052</span><span id="line-52">import org.slf4j.Logger;</span>
<span class="source-line-no">053</span><span id="line-53">import org.slf4j.LoggerFactory;</span>
<span class="source-line-no">054</span><span id="line-54"></span>
<span class="source-line-no">055</span><span id="line-55">/**</span>
<span class="source-line-no">056</span><span id="line-56"> * See the instructions under hbase-examples/README.txt</span>
<span class="source-line-no">057</span><span id="line-57"> */</span>
<span class="source-line-no">058</span><span id="line-58">@InterfaceAudience.Private</span>
<span class="source-line-no">059</span><span id="line-59">public class HttpDoAsClient {</span>
<span class="source-line-no">060</span><span id="line-60"> private static final Logger LOG = LoggerFactory.getLogger(HttpDoAsClient.class);</span>
<span class="source-line-no">061</span><span id="line-61"></span>
<span class="source-line-no">062</span><span id="line-62"> static protected int port;</span>
<span class="source-line-no">063</span><span id="line-63"> static protected String host;</span>
<span class="source-line-no">064</span><span id="line-64"> private static boolean secure = false;</span>
<span class="source-line-no">065</span><span id="line-65"> static protected String doAsUser = null;</span>
<span class="source-line-no">066</span><span id="line-66"> static protected String principal = null;</span>
<span class="source-line-no">067</span><span id="line-67"> static protected String keyTab = null;</span>
<span class="source-line-no">068</span><span id="line-68"></span>
<span class="source-line-no">069</span><span id="line-69"> public static void main(String[] args) throws Exception {</span>
<span class="source-line-no">070</span><span id="line-70"> if (args.length &lt; 3 || args.length &gt; 6) {</span>
<span class="source-line-no">071</span><span id="line-71"> System.out.println("Invalid arguments!");</span>
<span class="source-line-no">072</span><span id="line-72"> System.out.println(</span>
<span class="source-line-no">073</span><span id="line-73"> "Usage: HttpDoAsClient host port doAsUserName [security=true] [principal] [keytab]");</span>
<span class="source-line-no">074</span><span id="line-74"> System.exit(-1);</span>
<span class="source-line-no">075</span><span id="line-75"> }</span>
<span class="source-line-no">076</span><span id="line-76"></span>
<span class="source-line-no">077</span><span id="line-77"> host = args[0];</span>
<span class="source-line-no">078</span><span id="line-78"> port = Integer.parseInt(args[1]);</span>
<span class="source-line-no">079</span><span id="line-79"> doAsUser = args[2];</span>
<span class="source-line-no">080</span><span id="line-80"> if (args.length &gt; 3) {</span>
<span class="source-line-no">081</span><span id="line-81"> secure = Boolean.parseBoolean(args[3]);</span>
<span class="source-line-no">082</span><span id="line-82"> if (args.length &gt; 4) {</span>
<span class="source-line-no">083</span><span id="line-83"> principal = args[4];</span>
<span class="source-line-no">084</span><span id="line-84"> keyTab = args[5];</span>
<span class="source-line-no">085</span><span id="line-85"> if (!new File(keyTab).exists()) {</span>
<span class="source-line-no">086</span><span id="line-86"> System.err.printf("ERROR: KeyTab File %s not found %n", keyTab);</span>
<span class="source-line-no">087</span><span id="line-87"> System.exit(-1);</span>
<span class="source-line-no">088</span><span id="line-88"> }</span>
<span class="source-line-no">089</span><span id="line-89"> } else {</span>
<span class="source-line-no">090</span><span id="line-90"> principal = getSubject().getPrincipals().iterator().next().getName();</span>
<span class="source-line-no">091</span><span id="line-91"> }</span>
<span class="source-line-no">092</span><span id="line-92"> }</span>
<span class="source-line-no">093</span><span id="line-93"></span>
<span class="source-line-no">094</span><span id="line-94"> final HttpDoAsClient client = new HttpDoAsClient();</span>
<span class="source-line-no">095</span><span id="line-95"> Subject.doAs(getSubject(), new PrivilegedExceptionAction&lt;Void&gt;() {</span>
<span class="source-line-no">096</span><span id="line-96"> @Override</span>
<span class="source-line-no">097</span><span id="line-97"> public Void run() throws Exception {</span>
<span class="source-line-no">098</span><span id="line-98"> client.run();</span>
<span class="source-line-no">099</span><span id="line-99"> return null;</span>
<span class="source-line-no">100</span><span id="line-100"> }</span>
<span class="source-line-no">101</span><span id="line-101"> });</span>
<span class="source-line-no">102</span><span id="line-102"> }</span>
<span class="source-line-no">103</span><span id="line-103"></span>
<span class="source-line-no">104</span><span id="line-104"> HttpDoAsClient() {</span>
<span class="source-line-no">105</span><span id="line-105"> }</span>
<span class="source-line-no">106</span><span id="line-106"></span>
<span class="source-line-no">107</span><span id="line-107"> // Helper to translate strings to UTF8 bytes</span>
<span class="source-line-no">108</span><span id="line-108"> private byte[] bytes(String s) {</span>
<span class="source-line-no">109</span><span id="line-109"> return Bytes.toBytes(s);</span>
<span class="source-line-no">110</span><span id="line-110"> }</span>
<span class="source-line-no">111</span><span id="line-111"></span>
<span class="source-line-no">112</span><span id="line-112"> private void run() throws Exception {</span>
<span class="source-line-no">113</span><span id="line-113"> TTransport transport = new TSocket(host, port);</span>
<span class="source-line-no">114</span><span id="line-114"></span>
<span class="source-line-no">115</span><span id="line-115"> transport.open();</span>
<span class="source-line-no">116</span><span id="line-116"> String url = "http://" + host + ":" + port;</span>
<span class="source-line-no">117</span><span id="line-117"> THttpClient httpClient = new THttpClient(url);</span>
<span class="source-line-no">118</span><span id="line-118"> httpClient.open();</span>
<span class="source-line-no">119</span><span id="line-119"> TProtocol protocol = new TBinaryProtocol(httpClient);</span>
<span class="source-line-no">120</span><span id="line-120"> Hbase.Client client = new Hbase.Client(protocol);</span>
<span class="source-line-no">121</span><span id="line-121"></span>
<span class="source-line-no">122</span><span id="line-122"> byte[] t = bytes("demo_table");</span>
<span class="source-line-no">123</span><span id="line-123"></span>
<span class="source-line-no">124</span><span id="line-124"> //</span>
<span class="source-line-no">125</span><span id="line-125"> // Scan all tables, look for the demo table and delete it.</span>
<span class="source-line-no">126</span><span id="line-126"> //</span>
<span class="source-line-no">127</span><span id="line-127"> System.out.println("scanning tables...");</span>
<span class="source-line-no">128</span><span id="line-128"> for (ByteBuffer name : refresh(client, httpClient).getTableNames()) {</span>
<span class="source-line-no">129</span><span id="line-129"> System.out.println(" found: " + ClientUtils.utf8(name));</span>
<span class="source-line-no">130</span><span id="line-130"> if (ClientUtils.utf8(name).equals(ClientUtils.utf8(t))) {</span>
<span class="source-line-no">131</span><span id="line-131"> if (refresh(client, httpClient).isTableEnabled(name)) {</span>
<span class="source-line-no">132</span><span id="line-132"> System.out.println(" disabling table: " + ClientUtils.utf8(name));</span>
<span class="source-line-no">133</span><span id="line-133"> refresh(client, httpClient).disableTable(name);</span>
<span class="source-line-no">134</span><span id="line-134"> }</span>
<span class="source-line-no">135</span><span id="line-135"> System.out.println(" deleting table: " + ClientUtils.utf8(name));</span>
<span class="source-line-no">136</span><span id="line-136"> refresh(client, httpClient).deleteTable(name);</span>
<span class="source-line-no">137</span><span id="line-137"> }</span>
<span class="source-line-no">138</span><span id="line-138"> }</span>
<span class="source-line-no">139</span><span id="line-139"></span>
<span class="source-line-no">140</span><span id="line-140"> //</span>
<span class="source-line-no">141</span><span id="line-141"> // Create the demo table with two column families, entry: and unused:</span>
<span class="source-line-no">142</span><span id="line-142"> //</span>
<span class="source-line-no">143</span><span id="line-143"> ArrayList&lt;ColumnDescriptor&gt; columns = new ArrayList&lt;&gt;(2);</span>
<span class="source-line-no">144</span><span id="line-144"> ColumnDescriptor col;</span>
<span class="source-line-no">145</span><span id="line-145"> col = new ColumnDescriptor();</span>
<span class="source-line-no">146</span><span id="line-146"> col.name = ByteBuffer.wrap(bytes("entry:"));</span>
<span class="source-line-no">147</span><span id="line-147"> col.timeToLive = Integer.MAX_VALUE;</span>
<span class="source-line-no">148</span><span id="line-148"> col.maxVersions = 10;</span>
<span class="source-line-no">149</span><span id="line-149"> columns.add(col);</span>
<span class="source-line-no">150</span><span id="line-150"> col = new ColumnDescriptor();</span>
<span class="source-line-no">151</span><span id="line-151"> col.name = ByteBuffer.wrap(bytes("unused:"));</span>
<span class="source-line-no">152</span><span id="line-152"> col.timeToLive = Integer.MAX_VALUE;</span>
<span class="source-line-no">153</span><span id="line-153"> columns.add(col);</span>
<span class="source-line-no">154</span><span id="line-154"></span>
<span class="source-line-no">155</span><span id="line-155"> System.out.println("creating table: " + ClientUtils.utf8(t));</span>
<span class="source-line-no">156</span><span id="line-156"> try {</span>
<span class="source-line-no">157</span><span id="line-157"></span>
<span class="source-line-no">158</span><span id="line-158"> refresh(client, httpClient).createTable(ByteBuffer.wrap(t), columns);</span>
<span class="source-line-no">159</span><span id="line-159"> } catch (AlreadyExists ae) {</span>
<span class="source-line-no">160</span><span id="line-160"> System.out.println("WARN: " + ae.message);</span>
<span class="source-line-no">161</span><span id="line-161"> }</span>
<span class="source-line-no">162</span><span id="line-162"></span>
<span class="source-line-no">163</span><span id="line-163"> System.out.println("column families in " + ClientUtils.utf8(t) + ": ");</span>
<span class="source-line-no">164</span><span id="line-164"> Map&lt;ByteBuffer, ColumnDescriptor&gt; columnMap =</span>
<span class="source-line-no">165</span><span id="line-165"> refresh(client, httpClient).getColumnDescriptors(ByteBuffer.wrap(t));</span>
<span class="source-line-no">166</span><span id="line-166"> for (ColumnDescriptor col2 : columnMap.values()) {</span>
<span class="source-line-no">167</span><span id="line-167"> System.out</span>
<span class="source-line-no">168</span><span id="line-168"> .println(" column: " + ClientUtils.utf8(col2.name) + ", maxVer: " + col2.maxVersions);</span>
<span class="source-line-no">169</span><span id="line-169"> }</span>
<span class="source-line-no">170</span><span id="line-170"></span>
<span class="source-line-no">171</span><span id="line-171"> transport.close();</span>
<span class="source-line-no">172</span><span id="line-172"> httpClient.close();</span>
<span class="source-line-no">173</span><span id="line-173"> }</span>
<span class="source-line-no">174</span><span id="line-174"></span>
<span class="source-line-no">175</span><span id="line-175"> private Hbase.Client refresh(Hbase.Client client, THttpClient httpClient) {</span>
<span class="source-line-no">176</span><span id="line-176"> httpClient.setCustomHeader("doAs", doAsUser);</span>
<span class="source-line-no">177</span><span id="line-177"> if (secure) {</span>
<span class="source-line-no">178</span><span id="line-178"> try {</span>
<span class="source-line-no">179</span><span id="line-179"> httpClient.setCustomHeader("Authorization", generateTicket());</span>
<span class="source-line-no">180</span><span id="line-180"> } catch (GSSException e) {</span>
<span class="source-line-no">181</span><span id="line-181"> LOG.error("Kerberos authentication failed", e);</span>
<span class="source-line-no">182</span><span id="line-182"> }</span>
<span class="source-line-no">183</span><span id="line-183"> }</span>
<span class="source-line-no">184</span><span id="line-184"> return client;</span>
<span class="source-line-no">185</span><span id="line-185"> }</span>
<span class="source-line-no">186</span><span id="line-186"></span>
<span class="source-line-no">187</span><span id="line-187"> private String generateTicket() throws GSSException {</span>
<span class="source-line-no">188</span><span id="line-188"> final GSSManager manager = GSSManager.getInstance();</span>
<span class="source-line-no">189</span><span id="line-189"> // Oid for kerberos principal name</span>
<span class="source-line-no">190</span><span id="line-190"> Oid krb5PrincipalOid = new Oid("1.2.840.113554.1.2.2.1");</span>
<span class="source-line-no">191</span><span id="line-191"> Oid KERB_V5_OID = new Oid("1.2.840.113554.1.2.2");</span>
<span class="source-line-no">192</span><span id="line-192"> final GSSName clientName = manager.createName(principal, krb5PrincipalOid);</span>
<span class="source-line-no">193</span><span id="line-193"> final GSSCredential clientCred =</span>
<span class="source-line-no">194</span><span id="line-194"> manager.createCredential(clientName, 8 * 3600, KERB_V5_OID, GSSCredential.INITIATE_ONLY);</span>
<span class="source-line-no">195</span><span id="line-195"></span>
<span class="source-line-no">196</span><span id="line-196"> final GSSName serverName = manager.createName(principal, krb5PrincipalOid);</span>
<span class="source-line-no">197</span><span id="line-197"></span>
<span class="source-line-no">198</span><span id="line-198"> final GSSContext context =</span>
<span class="source-line-no">199</span><span id="line-199"> manager.createContext(serverName, KERB_V5_OID, clientCred, GSSContext.DEFAULT_LIFETIME);</span>
<span class="source-line-no">200</span><span id="line-200"> context.requestMutualAuth(true);</span>
<span class="source-line-no">201</span><span id="line-201"> context.requestConf(false);</span>
<span class="source-line-no">202</span><span id="line-202"> context.requestInteg(true);</span>
<span class="source-line-no">203</span><span id="line-203"></span>
<span class="source-line-no">204</span><span id="line-204"> final byte[] outToken = context.initSecContext(new byte[0], 0, 0);</span>
<span class="source-line-no">205</span><span id="line-205"> StringBuilder outputBuffer = new StringBuilder();</span>
<span class="source-line-no">206</span><span id="line-206"> outputBuffer.append("Negotiate ");</span>
<span class="source-line-no">207</span><span id="line-207"> outputBuffer.append(Bytes.toString(Base64.getEncoder().encode(outToken)));</span>
<span class="source-line-no">208</span><span id="line-208"> System.out.print("Ticket is: " + outputBuffer);</span>
<span class="source-line-no">209</span><span id="line-209"> return outputBuffer.toString();</span>
<span class="source-line-no">210</span><span id="line-210"> }</span>
<span class="source-line-no">211</span><span id="line-211"></span>
<span class="source-line-no">212</span><span id="line-212"> static Subject getSubject() throws Exception {</span>
<span class="source-line-no">213</span><span id="line-213"> if (!secure) {</span>
<span class="source-line-no">214</span><span id="line-214"> return new Subject();</span>
<span class="source-line-no">215</span><span id="line-215"> }</span>
<span class="source-line-no">216</span><span id="line-216"></span>
<span class="source-line-no">217</span><span id="line-217"> /*</span>
<span class="source-line-no">218</span><span id="line-218"> * To authenticate the DemoClient, kinit should be invoked ahead. Here we try to get the</span>
<span class="source-line-no">219</span><span id="line-219"> * Kerberos credential from the ticket cache.</span>
<span class="source-line-no">220</span><span id="line-220"> */</span>
<span class="source-line-no">221</span><span id="line-221"> LoginContext context;</span>
<span class="source-line-no">222</span><span id="line-222"></span>
<span class="source-line-no">223</span><span id="line-223"> if (keyTab != null) {</span>
<span class="source-line-no">224</span><span id="line-224"> // To authenticate the HttpDoAsClient using principal and keyTab</span>
<span class="source-line-no">225</span><span id="line-225"> Set&lt;Principal&gt; principals = new HashSet&lt;&gt;();</span>
<span class="source-line-no">226</span><span id="line-226"> principals.add(new KerberosPrincipal(principal));</span>
<span class="source-line-no">227</span><span id="line-227"> Subject subject = new Subject(false, principals, new HashSet&lt;&gt;(), new HashSet&lt;&gt;());</span>
<span class="source-line-no">228</span><span id="line-228"></span>
<span class="source-line-no">229</span><span id="line-229"> context = new LoginContext("", subject, null, new KerberosConfiguration(principal, keyTab));</span>
<span class="source-line-no">230</span><span id="line-230"> } else {</span>
<span class="source-line-no">231</span><span id="line-231"> /*</span>
<span class="source-line-no">232</span><span id="line-232"> * To authenticate the HttpDoAsClient, kinit should be invoked ahead. Here we try to get the</span>
<span class="source-line-no">233</span><span id="line-233"> * Kerberos credential from the ticket cache.</span>
<span class="source-line-no">234</span><span id="line-234"> */</span>
<span class="source-line-no">235</span><span id="line-235"> context = new LoginContext("", new Subject(), null, new KerberosConfiguration());</span>
<span class="source-line-no">236</span><span id="line-236"> }</span>
<span class="source-line-no">237</span><span id="line-237"> context.login();</span>
<span class="source-line-no">238</span><span id="line-238"> return context.getSubject();</span>
<span class="source-line-no">239</span><span id="line-239"> }</span>
<span class="source-line-no">240</span><span id="line-240"></span>
<span class="source-line-no">241</span><span id="line-241"> private static class KerberosConfiguration extends Configuration {</span>
<span class="source-line-no">242</span><span id="line-242"> private String principal;</span>
<span class="source-line-no">243</span><span id="line-243"> private String keyTab;</span>
<span class="source-line-no">244</span><span id="line-244"></span>
<span class="source-line-no">245</span><span id="line-245"> public KerberosConfiguration() {</span>
<span class="source-line-no">246</span><span id="line-246"> // Empty constructor will have no principal or keyTab values</span>
<span class="source-line-no">247</span><span id="line-247"> }</span>
<span class="source-line-no">248</span><span id="line-248"></span>
<span class="source-line-no">249</span><span id="line-249"> public KerberosConfiguration(String principal, String keyTab) {</span>
<span class="source-line-no">250</span><span id="line-250"> this.principal = principal;</span>
<span class="source-line-no">251</span><span id="line-251"> this.keyTab = keyTab;</span>
<span class="source-line-no">252</span><span id="line-252"> }</span>
<span class="source-line-no">253</span><span id="line-253"></span>
<span class="source-line-no">254</span><span id="line-254"> @Override</span>
<span class="source-line-no">255</span><span id="line-255"> public AppConfigurationEntry[] getAppConfigurationEntry(String name) {</span>
<span class="source-line-no">256</span><span id="line-256"> Map&lt;String, String&gt; options = new HashMap&lt;&gt;();</span>
<span class="source-line-no">257</span><span id="line-257"> if (principal != null &amp;&amp; keyTab != null) {</span>
<span class="source-line-no">258</span><span id="line-258"> options.put("principal", principal);</span>
<span class="source-line-no">259</span><span id="line-259"> options.put("keyTab", keyTab);</span>
<span class="source-line-no">260</span><span id="line-260"> options.put("useKeyTab", "true");</span>
<span class="source-line-no">261</span><span id="line-261"> options.put("storeKey", "true");</span>
<span class="source-line-no">262</span><span id="line-262"> } else {</span>
<span class="source-line-no">263</span><span id="line-263"> options.put("useKeyTab", "false");</span>
<span class="source-line-no">264</span><span id="line-264"> options.put("storeKey", "false");</span>
<span class="source-line-no">265</span><span id="line-265"> }</span>
<span class="source-line-no">266</span><span id="line-266"> options.put("doNotPrompt", "true");</span>
<span class="source-line-no">267</span><span id="line-267"> options.put("useTicketCache", "true");</span>
<span class="source-line-no">268</span><span id="line-268"> options.put("renewTGT", "true");</span>
<span class="source-line-no">269</span><span id="line-269"> options.put("refreshKrb5Config", "true");</span>
<span class="source-line-no">270</span><span id="line-270"> options.put("isInitiator", "true");</span>
<span class="source-line-no">271</span><span id="line-271"> String ticketCache = System.getenv("KRB5CCNAME");</span>
<span class="source-line-no">272</span><span id="line-272"> if (ticketCache != null) {</span>
<span class="source-line-no">273</span><span id="line-273"> options.put("ticketCache", ticketCache);</span>
<span class="source-line-no">274</span><span id="line-274"> }</span>
<span class="source-line-no">275</span><span id="line-275"> options.put("debug", "true");</span>
<span class="source-line-no">276</span><span id="line-276"></span>
<span class="source-line-no">277</span><span id="line-277"> return new AppConfigurationEntry[] {</span>
<span class="source-line-no">278</span><span id="line-278"> new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule",</span>
<span class="source-line-no">279</span><span id="line-279"> AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options) };</span>
<span class="source-line-no">280</span><span id="line-280"> }</span>
<span class="source-line-no">281</span><span id="line-281"> }</span>
<span class="source-line-no">282</span><span id="line-282">}</span>
</pre>
</div>
</main>
</body>
</html>