001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020package org.apache.directory.kerberos.client; 021 022 023import java.io.File; 024 025import org.apache.directory.kerberos.credentials.cache.Credentials; 026import org.apache.directory.kerberos.credentials.cache.CredentialsCache; 027import org.apache.directory.shared.kerberos.codec.types.PrincipalNameType; 028import org.apache.directory.shared.kerberos.components.PrincipalName; 029 030 031/** 032 * Authenticates to the Kerberos server and gets the initial Ticket Granting Ticket, 033 * then cache the tgt in credentials cache, as MIT kinit does. 034 * 035 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 036 */ 037public class Kinit 038{ 039 private KdcConnection kdc; 040 private File credCacheFile; 041 042 043 public Kinit( KdcConnection kdc ) 044 { 045 this.kdc = kdc; 046 } 047 048 049 public void setCredCacheFile( File credCacheFile ) 050 { 051 this.credCacheFile = credCacheFile; 052 } 053 054 055 public File getCredCacheFile() 056 { 057 return this.credCacheFile; 058 } 059 060 061 /** 062 * Authenticates to the Kerberos server and gets the initial Ticket Granting Ticket, 063 * then cache the tgt in credentials cache, as MIT kinit does. 064 * 065 * @param principal the client's principal 066 * @param password password of the client 067 * @throws Exception If we had an issue while getting the TGT, or creating the PrincipalName, or 068 * storing the credentials 069 */ 070 public void kinit( String principal, String password ) throws Exception 071 { 072 if ( principal == null || password == null || credCacheFile == null ) 073 { 074 throw new IllegalArgumentException( "Invalid principal, password, or credentials cache file" ); 075 } 076 077 TgTicket tgt = kdc.getTgt( principal, password ); 078 079 CredentialsCache credCache = new CredentialsCache(); 080 081 PrincipalName princ = new PrincipalName( principal, PrincipalNameType.KRB_NT_PRINCIPAL ); 082 princ.setRealm( tgt.getRealm() ); 083 credCache.setPrimaryPrincipalName( princ ); 084 085 Credentials cred = new Credentials( tgt ); 086 credCache.addCredentials( cred ); 087 088 CredentialsCache.store( credCacheFile, credCache ); 089 } 090}