No Tgt Found Will Try Again Kafka Kerberos
Best Java code snippets using javax.security.auth.kerberos.KerberosTicket (Showing superlative 20 results out of 333)
Refine search
individual synchronized KerberosTicket getTGT() { Set<KerberosTicket> tickets = subject. getPrivateCredentials (KerberosTicket. class ); for (KerberosTicket ticket : tickets) { KerberosPrincipal server = ticket. getServer (); if (server.getName().equals( "krbtgt/" + server.getRealm() + "@" + server.getRealm())) { LOG.debug( "Found tgt " + ticket + "." ); return ticket; } } render zippo; }
if (tgt == null) { nextRefresh = now + MIN_TIME_BEFORE_RELOGIN; nextRefreshDate = new Date (nextRefresh); LOG.warn( "No TGT found: will effort once more at " + nextRefreshDate); } else { nextRefresh = getRefreshTime(tgt); long expiry = tgt. getEndTime (). getTime (); Date expiryDate = new Date (expiry); if ((isUsingTicketCache) && (tgt. getEndTime (). equals (tgt. getRenewTill ()))) { LOG.error( "The TGT cannot be renewed beyond the next death engagement: " + expiryDate + "." + "This process will not be able to authenticate new SASL connections after that " + if (tgt != cypher && now > tgt. getEndTime (). getTime ()) { if ((now - tgt. getEndTime (). getTime ()) < ( 10 * MIN_TIME_BEFORE_RELOGIN)) { Date until = new Date (now + MIN_TIME_BEFORE_RELOGIN); LOG.info( "TGT already expired but giving additional 10 minutes past TGT expiry, refresh sleeping until: " +
static long getRefreshTime(KerberosTicket ticket) { long start = ticket. getStartTime (). getTime (); long end = ticket. getEndTime (). getTime (); return start + ( long ) ((end - start) * TICKET_RENEW_WINDOW); }
private long getRefreshTime(KerberosTicket tgt) { long start = tgt. getStartTime (). getTime (); long expires = tgt. getEndTime (). getTime (); LOG.info( "TGT valid starting at: " + tgt. getStartTime (). toString ()); LOG.info( "TGT expires: " + tgt. getEndTime (). toString ()); long proposedRefresh = start + ( long ) ((expires - start) * (TICKET_RENEW_WINDOW + (TICKET_RENEW_JITTER * rng.nextDouble()))); if (proposedRefresh > expires) { return System.currentTimeMillis(); } else { return proposedRefresh; } }
private KerberosTicket getTGT() { Set<KerberosTicket> tickets = bailiwick. getPrivateCredentials (KerberosTicket. class ); for (KerberosTicket ticket : tickets) { KerberosPrincipal server = ticket. getServer (); if (server.getName().equals( "krbtgt/" + server.getRealm() + "@" + server.getRealm())) { log.debug( "Establish TGT with client principal '{}' and server primary '{}'." , ticket. getClient ().getName(), ticket. getServer ().getName()); return ticket; } } return null; }
loginContext = super .login(); subject area = loginContext.getSubject(); isKrbTicket = !subject. getPrivateCredentials (KerberosTicket. grade ).isEmpty(); if (tgt == null) { nextRefresh = at present + minTimeBeforeRelogin; nextRefreshDate = new Engagement (nextRefresh); log.warn( "[Principal={}]: No TGT found: volition try again at {}" , principal, nextRefreshDate); } else { nextRefresh = getRefreshTime(tgt); long death = tgt. getEndTime (). getTime (); Date expiryDate = new Date (expiry); if (isUsingTicketCache && tgt. getRenewTill () != zippo && tgt. getRenewTill (). getTime () < expiry) { log.warn( "The TGT cannot be renewed beyond the next expiry engagement: {}." + "This process will not exist able to cosign new SASL connections after that " +
private long getRefreshTime( final KerberosTicket tgt) { long start = tgt. getStartTime (). getTime (); long end = tgt. getEndTime (). getTime (); if (LOGGER.isTraceEnabled()) { final SimpleDateFormat dateFormat = new SimpleDateFormat(DATE_FORMAT); final String startDate = dateFormat.format( new Engagement (get-go)); final String endDate = dateFormat.format( new Appointment (cease)); LOGGER.trace( "TGT valid starting at: " + startDate); LOGGER.trace( "TGT expires at: " + endDate); } return start + ( long ) ((end - start) * TICKET_RENEW_WINDOW); }
Set<KerberosTicket> tickets = subject. getPrivateCredentials (KerberosTicket. class ); KerberosTicket activeTicket = null; for (KerberosTicket ticket : tickets) { if (isTGSPrincipal(ticket. getServer ())) { activeTicket = ticket; suspension ; if (shouldRenew(activeTicket. getStartTime (). getTime (), activeTicket. getEndTime (). getTime (), now)) { RENEWAL_LOG.debug( "The electric current ticket should exist renewed now" ); renew();
private Long getMsecsUntilExpiration() { KerberosTicket tgt = getTGT( this .credentials); if (tgt == null) { render zip; } long terminate = tgt. getEndTime (). getTime (); return cease - Arrangement.currentTimeMillis(); }
concluding long now = Fourth dimension.now(); if (tgt. isDestroyed ()) { LOG.fault( "TGT is destroyed. Aborting renew thread for {}." , getUserName()); tgtEndTime = tgt. getEndTime (). getTime (); } catch (NullPointerException npe) { LOG.error( "NPE thrown while getting KerberosTicket endTime. "
String clientName = kerberosTicket. getClient ().getName(); PrincipalName clientPrincipal = new PrincipalName(clientName); SecretKey secretKey = kerberosTicket. getSessionKey (); int keyType = kerberosTicket. getSessionKeyType (); EncryptionKey central = new EncryptionKey(keyType, secretKey.getEncoded()); encKdcRepPart.setKey(key); Date authTimeDate = kerberosTicket. getAuthTime (); if (authTimeDate != nix) { encKdcRepPart.setAuthTime( new KerberosTime(authTimeDate. getTime ())); Date startTimeDate = kerberosTicket. getStartTime (); if (startTimeDate != nothing) { encKdcRepPart.setStartTime( new KerberosTime(startTimeDate. getTime ())); KerberosTime endTime = new KerberosTime(kerberosTicket. getEndTime (). getTime ()); encKdcRepPart.setEndTime(endTime); InetAddress[] clientAddresses = kerberosTicket. getClientAddresses (); HostAddresses hostAddresses = zilch; if (clientAddresses != zippo) { boolean [] tf = kerberosTicket. getFlags (); TicketFlags ticketFlags = getTicketFlags(tf); encKdcRepPart.setFlags(ticketFlags); Engagement renewTillDate = kerberosTicket. getRenewTill (); KerberosTime renewTill = renewTillDate == zippo ? nothing : new KerberosTime(renewTillDate. getTime ());
Set<Principal> clientPrincipals = clientSubject. getPrincipals (); if (clientPrincipals.isEmpty()) { throw new WSSecurityException( KerberosContext krbCtx = null; effort { krbCtx = (KerberosContext) Field of study. doAs (clientSubject, activeness); } else { KerberosTicket serviceTicket = getKerberosTicket(clientSubject, tgt); secretKey = serviceTicket. getSessionKey ();
individual void populateSubjectWithTGT(Discipline subject, Map<String, Cord> credentials) { KerberosTicket tgt = getTGT(credentials); if (tgt != zero) { Set up<Object> creds = bailiwick. getPrivateCredentials (); synchronized (creds) { Iterator<Object> iterator = creds.iterator(); while (iterator.hasNext()) { Object o = iterator.next(); if (o instanceof KerberosTicket) { KerberosTicket t = (KerberosTicket) o; iterator.remove(); effort { t. destroy (); } grab (DestroyFailedException eastward) { LOG.warn( "Failed to destory ticket " , east); } } } creds.add together(tgt); } field of study. getPrincipals ().add(tgt. getClient ()); kerbTicket.set up(tgt); } else { LOG.info( "No TGT found in credentials" ); } }
private void populateSubjectWithTGT(Bailiwick subject, Map<Cord, String> credentials) { KerberosTicket tgt = getTGT(credentials); if (tgt != cipher) { clearCredentials(bailiwick, tgt); subject. getPrincipals ().add(tgt. getClient ()); kerbTicket.set(tgt); } else { LOG.info( "No TGT plant in credentials" ); } }
public boolean logout() throws LoginException { if (bailiwick != null && !subject. isReadOnly () && kerbTicket != null) { field of study. getPrincipals ().remove(kerbTicket. getClient ()); AutoTGT.clearCredentials(subject, null); } kerbTicket = zilch; return true ; }
Cardinal searchSessionKey(Subject area bailiwick) throws GSSException{ MIEName src = new MIEName(gssContext.getSrcName().consign()); MIEName targ = new MIEName(gssContext.getTargName().export()); Iterator iter = bailiwick. getPrivateCredentials (KerberosTicket. class ).iterator(); while (iter.hasNext()) { KerberosTicket ticket = (KerberosTicket) iter.next(); MIEName client = new MIEName(gssContext.getMech(), ticket. getClient ().getName()); MIEName server = new MIEName(gssContext.getMech(), ticket. getServer ().getName()); if (src.equals(customer)&&targ.equals(server)){ return ticket. getSessionKey (); } } return null; } public void dispose() throws GSSException {
individual void fixKerberosTicketOrder() { Set<Object> creds = getSubject(). getPrivateCredentials (); synchronized (creds) { for (Iterator<Object> iter = creds.iterator(); iter.hasNext();) { Object cred = iter.side by side(); if (cred instanceof KerberosTicket) { KerberosTicket ticket = (KerberosTicket) cred; if (!ticket. getServer ().getName().startsWith( "krbtgt" )) { LOG.warn( "The showtime kerberos ticket is not TGT" + "(the server principal is {}), remove and destroy it." , ticket. getServer ()); iter.remove(); attempt { ticket. destroy (); } catch (DestroyFailedException e) { LOG.warn( "destroy ticket failed" , e); } } else { return ; } } } } LOG.warn( "Warning, no kerberos ticket found while attempting to renew" + " ticket" ); }
Discipline. doAsPrivileged (loginSubject, new KerberosClientSetupAction(servicePrincipal, credDeleg), null); Gear up<Object> setPubCred = loginSubject. getPublicCredentials (); Iterator<Object> iter1 = setPubCred.iterator(); GSSContext gssContext=cypher; Set<Object> setPrivCred = loginSubject. getPrivateCredentials (); Iterator<Object> iter2 = setPrivCred.iterator(); while (iter2.hasNext()){ KerberosTicket kerbTicket = (KerberosTicket)privObject; try { if (kerbTicket. getServer ().getName().equals(gssContext.getTargName().toString())){ SecretKey sKey = kerbTicket. getSessionKey (); byte [] secret = sKey.getEncoded(); krbContext.setSecretKey(hole-and-corner);
@VisibleForTesting void fixKerberosTicketOrder() { Set<Object> creds = getSubject(). getPrivateCredentials (); synchronized (creds) { for (Iterator<Object> iter = creds.iterator(); iter.hasNext();) { Object cred = iter.adjacent(); if (cred instanceof KerberosTicket) { KerberosTicket ticket = (KerberosTicket) cred; if (ticket. isDestroyed () || ticket. getServer () == null) { LOG.warn( "Ticket is already destroyed, remove it." ); iter.remove(); } else if (!ticket. getServer ().getName().startsWith( "krbtgt" )) { LOG.warn( "The offset kerberos ticket is not TGT" + "(the server chief is {}), remove and destroy it." , ticket. getServer ()); iter.remove(); endeavor { ticket. destroy (); } catch (DestroyFailedException east) { LOG.warn( "destroy ticket failed" , e); } } else { return ; } } } } LOG.warn( "Warning, no kerberos ticket establish while attempting to renew ticket" ); }
Source: https://www.tabnine.com/code/java/classes/javax.security.auth.kerberos.KerberosTicket
0 Response to "No Tgt Found Will Try Again Kafka Kerberos"
Post a Comment