Fix jdk8 javadoc errors
- Fixes #14 - Fixing javadoc formatting - Some polish
This commit is contained in:
@@ -31,6 +31,7 @@ public class GlobalSunJaasKerberosConfig implements BeanPostProcessor, Initializ
|
||||
|
||||
private String krbConfLocation;
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
if (debug) {
|
||||
System.setProperty("sun.security.krb5.debug", "true");
|
||||
@@ -43,6 +44,8 @@ public class GlobalSunJaasKerberosConfig implements BeanPostProcessor, Initializ
|
||||
|
||||
/**
|
||||
* Enable debug logs from the Sun Kerberos Implementation. Default is false.
|
||||
*
|
||||
* @param debug true if debug should be enabled
|
||||
*/
|
||||
public void setDebug(boolean debug) {
|
||||
this.debug = debug;
|
||||
@@ -51,7 +54,7 @@ public class GlobalSunJaasKerberosConfig implements BeanPostProcessor, Initializ
|
||||
/**
|
||||
* Kerberos config file location can be specified here.
|
||||
*
|
||||
* @param krbConfLocation
|
||||
* @param krbConfLocation the path to krb config file
|
||||
*/
|
||||
public void setKrbConfLocation(String krbConfLocation) {
|
||||
this.krbConfLocation = krbConfLocation;
|
||||
@@ -61,10 +64,12 @@ public class GlobalSunJaasKerberosConfig implements BeanPostProcessor, Initializ
|
||||
// is created before any other bean is created, because the system properties needed to be set very early
|
||||
// in the startup-phase, but after the BeanFactoryPostProcessing.
|
||||
|
||||
@Override
|
||||
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
|
||||
return bean;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
|
||||
return bean;
|
||||
}
|
||||
|
||||
@@ -33,10 +33,10 @@ import org.springframework.security.extensions.kerberos.KerberosTicketValidator.
|
||||
import org.springframework.security.extensions.kerberos.web.SpnegoAuthenticationProcessingFilter;
|
||||
|
||||
/**
|
||||
* Holds the Kerberos/SPNEGO token for requesting a kerberized service and is
|
||||
* also the output of <code>KerberosServiceAuthenticationProvider</code>.<br>
|
||||
* Will mostly be created in <code>SpnegoAuthenticationProcessingFilter</code>
|
||||
* and authenticated in <code>KerberosServiceAuthenticationProvider</code>.
|
||||
* <p>Holds the Kerberos/SPNEGO token for requesting a kerberized service and is
|
||||
* also the output of <code>KerberosServiceAuthenticationProvider</code>.</p>
|
||||
* <p>Will mostly be created in <code>SpnegoAuthenticationProcessingFilter</code>
|
||||
* and authenticated in <code>KerberosServiceAuthenticationProvider</code>.</p>
|
||||
*
|
||||
* This token cannot be re-authenticated, as you will get a Kerberos Reply
|
||||
* error.
|
||||
@@ -78,7 +78,7 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
|
||||
|
||||
/**
|
||||
* Creates an unauthenticated instance which should then be authenticated by
|
||||
* <code>KerberosServiceAuthenticationProvider/code>.
|
||||
* <code>KerberosServiceAuthenticationProvider</code>.
|
||||
*
|
||||
* @param token Kerberos/SPNEGO token
|
||||
* @see KerberosServiceAuthenticationProvider
|
||||
@@ -130,6 +130,7 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
|
||||
|
||||
/**
|
||||
* Returns the Kerberos token
|
||||
* @return the token data
|
||||
*/
|
||||
public byte[] getToken() {
|
||||
return this.token;
|
||||
@@ -176,7 +177,7 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
|
||||
* @param offset data offset
|
||||
* @param length data length
|
||||
* @return the decrypted message
|
||||
* @throws PrivilegedActionException
|
||||
* @throws PrivilegedActionException if jaas throws and error
|
||||
*/
|
||||
public byte[] decrypt(final byte[] data, final int offset, final int length) throws PrivilegedActionException {
|
||||
return Subject.doAs(getTicketValidation().subject(), new PrivilegedExceptionAction<byte[]>() {
|
||||
@@ -190,9 +191,9 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
|
||||
/**
|
||||
* Unwraps an encrypted message using the gss context
|
||||
*
|
||||
* @param data
|
||||
* @param data the data
|
||||
* @return the decrypted message
|
||||
* @throws PrivilegedActionException
|
||||
* @throws PrivilegedActionException if jaas throws and error
|
||||
*/
|
||||
public byte[] decrypt(final byte[] data) throws PrivilegedActionException {
|
||||
return decrypt(data, 0, data.length);
|
||||
@@ -201,11 +202,11 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
|
||||
/**
|
||||
* Wraps an message using the gss context
|
||||
*
|
||||
* @param data
|
||||
* @param offset
|
||||
* @param length
|
||||
* @param data the data
|
||||
* @param offset data offset
|
||||
* @param length data length
|
||||
* @return the encrypted message
|
||||
* @throws PrivilegedActionException
|
||||
* @throws PrivilegedActionException if jaas throws and error
|
||||
*/
|
||||
public byte[] encrypt(final byte[] data, final int offset, final int length) throws PrivilegedActionException {
|
||||
return Subject.doAs(getTicketValidation().subject(), new PrivilegedExceptionAction<byte[]>() {
|
||||
@@ -219,9 +220,9 @@ public class KerberosServiceRequestToken extends AbstractAuthenticationToken {
|
||||
/**
|
||||
* Wraps an message using the gss context
|
||||
*
|
||||
* @param data
|
||||
* @param data the data
|
||||
* @return the encrypted message
|
||||
* @throws PrivilegedActionException
|
||||
* @throws PrivilegedActionException if jaas throws and error
|
||||
*/
|
||||
public byte[] encrypt(final byte[] data) throws PrivilegedActionException {
|
||||
return encrypt(data, 0, data.length);
|
||||
|
||||
@@ -105,12 +105,12 @@ public class SunJaasKerberosTicketValidator implements KerberosTicketValidator,
|
||||
}
|
||||
|
||||
/**
|
||||
* The location of the keytab. You can use the normale Spring Resource
|
||||
* <p>The location of the keytab. You can use the normale Spring Resource
|
||||
* prefixes like <code>file:</code> or <code>classpath:</code>, but as the
|
||||
* file is later on read by JAAS, we cannot guarantee that <code>classpath</code>
|
||||
* works in every environment, esp. not in Java EE application servers. You
|
||||
* should use <code>file:</code> there.<br />
|
||||
* <br />
|
||||
* should use <code>file:</code> there.
|
||||
*
|
||||
* This file also needs special protection, which is another reason to
|
||||
* not include it in the classpath but rather use <code>file:/etc/http.keytab</code>
|
||||
* for example.
|
||||
|
||||
@@ -46,9 +46,7 @@ import org.springframework.web.filter.GenericFilterBean;
|
||||
* and creates a {@link KerberosServiceRequestToken} out if it. It will then
|
||||
* call the {@link AuthenticationManager}.
|
||||
*
|
||||
* <p>
|
||||
* A typical Spring Security configuration might look like this:
|
||||
* </p>
|
||||
* <p>A typical Spring Security configuration might look like this:</p>
|
||||
*
|
||||
* <pre>
|
||||
* <beans xmlns="http://www.springframework.org/schema/beans"
|
||||
@@ -94,10 +92,10 @@ import org.springframework.web.filter.GenericFilterBean;
|
||||
* </beans>
|
||||
* </pre>
|
||||
*
|
||||
* If you get a "GSSException: Channel binding mismatch (Mechanism
|
||||
* <p>If you get a "GSSException: Channel binding mismatch (Mechanism
|
||||
* level:ChannelBinding not provided!) have a look at this <a
|
||||
* href="http://bugs.sun.com/view_bug.do?bug_id=6851973">bug</a>.<br />
|
||||
* A workaround unti this is fixed in the JVM is to change
|
||||
* href="http://bugs.sun.com/view_bug.do?bug_id=6851973">bug</a>.</p>
|
||||
* <p>A workaround unti this is fixed in the JVM is to change</p>
|
||||
* HKEY_LOCAL_MACHINE\System
|
||||
* \CurrentControlSet\Control\LSA\SuppressExtendedProtection to 0x02
|
||||
*
|
||||
@@ -186,9 +184,9 @@ public class SpnegoAuthenticationProcessingFilter extends GenericFilterBean {
|
||||
}
|
||||
|
||||
/**
|
||||
* This handler is called after a successful authentication. One can add
|
||||
* additional authentication behavior by setting this.<br />
|
||||
* Default is null, which means nothing additional happens
|
||||
* <p>This handler is called after a successful authentication. One can add
|
||||
* additional authentication behavior by setting this.</p>
|
||||
* <p>Default is null, which means nothing additional happens</p>
|
||||
*
|
||||
* @param successHandler the authentication success handler
|
||||
*/
|
||||
@@ -197,12 +195,12 @@ public class SpnegoAuthenticationProcessingFilter extends GenericFilterBean {
|
||||
}
|
||||
|
||||
/**
|
||||
* This handler is called after a failure authentication. In most cases you
|
||||
* <p>This handler is called after a failure authentication. In most cases you
|
||||
* only get Kerberos/SPNEGO failures with a wrong server or network
|
||||
* configurations and not during runtime. If the client encounters an error,
|
||||
* he will just stop the communication with server and therefore this
|
||||
* handler will not be called in this case.<br />
|
||||
* Default is null, which means that the Filter returns the HTTP 500 code
|
||||
* handler will not be called in this case.</p>
|
||||
* <p>Default is null, which means that the Filter returns the HTTP 500 code</p>
|
||||
*
|
||||
* @param failureHandler the authentication failure handler
|
||||
*/
|
||||
|
||||
@@ -74,22 +74,20 @@ import java.util.Set;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* Mini KDC based on Apache Directory Server that can be embedded in testcases
|
||||
* or used from command line as a standalone KDC.
|
||||
* <p/>
|
||||
* <p>Mini KDC based on Apache Directory Server that can be embedded in testcases
|
||||
* or used from command line as a standalone KDC.</p>
|
||||
* <b>From within testcases:</b>
|
||||
* <p/>
|
||||
* MiniKdc sets 2 System properties when started and un-sets them when stopped:
|
||||
* <p>MiniKdc sets 2 System properties when started and un-sets them when stopped:</p>
|
||||
* <ul>
|
||||
* <li>java.security.krb5.conf: set to the MiniKDC real/host/port</li>
|
||||
* <li>sun.security.krb5.debug: set to the debug value provided in the
|
||||
* configuration</li>
|
||||
* </ul>
|
||||
* Because of this, multiple MiniKdc instances cannot be started in parallel.
|
||||
* <p>Because of this, multiple MiniKdc instances cannot be started in parallel.
|
||||
* For example, running testcases in parallel that start a KDC each. To
|
||||
* accomplish this a single MiniKdc should be used for all testcases running in
|
||||
* parallel.
|
||||
* <p/>
|
||||
* parallel.</p>
|
||||
*
|
||||
* MiniKdc default configuration values are:
|
||||
* <ul>
|
||||
* <li>org.name=EXAMPLE (used to create the REALM)</li>
|
||||
@@ -103,7 +101,6 @@ import java.util.UUID;
|
||||
* <li>debug=false</li>
|
||||
* </ul>
|
||||
* The generated krb5.conf forces TCP connections.
|
||||
* <p/>
|
||||
*
|
||||
* @author Original Hadoop MiniKdc Authors
|
||||
* @author Janne Valkealahti
|
||||
@@ -208,10 +205,9 @@ public class MiniKdc {
|
||||
}
|
||||
|
||||
/**
|
||||
* Convenience method that returns MiniKdc default configuration.
|
||||
* <p/>
|
||||
* The returned configuration is a copy, it can be customized before using
|
||||
* it to create a MiniKdc.
|
||||
* <p>Convenience method that returns MiniKdc default configuration.</p>
|
||||
* <p>The returned configuration is a copy, it can be customized before using
|
||||
* it to create a MiniKdc.</p>
|
||||
*
|
||||
* @return a MiniKdc default configuration.
|
||||
*/
|
||||
@@ -466,8 +462,6 @@ public class MiniKdc {
|
||||
|
||||
/**
|
||||
* Stops the MiniKdc
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
public synchronized void stop() {
|
||||
if (kdc != null) {
|
||||
|
||||
Reference in New Issue
Block a user