Skip to content

Commit

Permalink
[Kerberos] Add missing javadocs (#32469)
Browse files Browse the repository at this point in the history
This commit adds missing javadocs and fixes few where
the build failed when using JDK 11 for compilation.

Closes#32461
  • Loading branch information
bizybot authored and danielmitterdorfer committed Jul 31, 2018
1 parent 913fe5c commit 4638b7c
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 16 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ public void tearDownMiniKdc() throws IOException, PrivilegedActionException {
* @param dir Directory where the key tab would be created.
* @param princNames principal names to be created
* @return {@link Path} to key tab file.
* @throws Exception
* @throws Exception thrown if principal or keytab could not be created
*/
protected Path createPrincipalKeyTab(final Path dir, final String... princNames) throws Exception {
final Path path = dir.resolve(randomAlphaOfLength(10) + ".keytab");
Expand All @@ -146,7 +146,7 @@ protected Path createPrincipalKeyTab(final Path dir, final String... princNames)
*
* @param principalName Principal name
* @param password Password
* @throws Exception
* @throws Exception thrown if principal could not be created
*/
protected void createPrincipal(final String principalName, final char[] password) throws Exception {
simpleKdcLdapServer.createPrincipal(principalName, new String(password));
Expand All @@ -168,8 +168,8 @@ protected String principalName(final String user) {
* @param subject {@link Subject}
* @param action {@link PrivilegedExceptionAction} action for performing inside
* Subject.doAs
* @return <T> Type of value as returned by PrivilegedAction
* @throws PrivilegedActionException
* @return T Type of value as returned by PrivilegedAction
* @throws PrivilegedActionException when privileged action threw exception
*/
static <T> T doAsWrapper(final Subject subject, final PrivilegedExceptionAction<T> action) throws PrivilegedActionException {
return AccessController.doPrivileged((PrivilegedExceptionAction<T>) () -> Subject.doAs(subject, action));
Expand All @@ -181,7 +181,7 @@ static <T> T doAsWrapper(final Subject subject, final PrivilegedExceptionAction<
* @param keytabPath {@link Path} to keytab file.
* @param content Content for keytab
* @return key tab path
* @throws IOException
* @throws IOException if I/O error occurs while writing keytab file
*/
public static Path writeKeyTab(final Path keytabPath, final String content) throws IOException {
try (BufferedWriter bufferedWriter = Files.newBufferedWriter(keytabPath, StandardCharsets.US_ASCII)) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ public class SimpleKdcLdapServer {
* @param orgName Org name for base dn
* @param domainName domain name for base dn
* @param ldiff for ldap directory.
* @throws Exception
* @throws Exception when KDC or Ldap server initialization fails
*/
public SimpleKdcLdapServer(final Path workDir, final String orgName, final String domainName, final Path ldiff) throws Exception {
this.workDir = workDir;
Expand Down Expand Up @@ -194,7 +194,7 @@ public synchronized void createPrincipal(final Path keytabFile, final String...
/**
* Stop Simple Kdc Server
*
* @throws PrivilegedActionException
* @throws PrivilegedActionException when privileged action threw exception
*/
public synchronized void stop() throws PrivilegedActionException {
AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@
import org.elasticsearch.common.SuppressForbidden;
import org.elasticsearch.common.logging.ESLoggerFactory;
import org.elasticsearch.common.settings.SecureString;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.xpack.security.authc.kerberos.KerberosTicketValidator;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
Expand Down Expand Up @@ -67,8 +66,8 @@ class SpnegoClient implements AutoCloseable {
* @param password password for client
* @param servicePrincipalName Service principal name with whom this client
* interacts with.
* @throws PrivilegedActionException
* @throws GSSException
* @throws PrivilegedActionException when privileged action threw exception
* @throws GSSException thrown when GSS API error occurs
*/
SpnegoClient(final String userPrincipalName, final SecureString password, final String servicePrincipalName)
throws PrivilegedActionException, GSSException {
Expand Down Expand Up @@ -99,7 +98,7 @@ class SpnegoClient implements AutoCloseable {
* base64 encoded token to be sent to server.
*
* @return Base64 encoded token
* @throws PrivilegedActionException
* @throws PrivilegedActionException when privileged action threw exception
*/
String getBase64EncodedTokenForSpnegoHeader() throws PrivilegedActionException {
final byte[] outToken = KerberosTestCase.doAsWrapper(loginContext.getSubject(),
Expand All @@ -114,7 +113,7 @@ String getBase64EncodedTokenForSpnegoHeader() throws PrivilegedActionException {
* gss negotiation
* @return Base64 encoded token to be sent to server. May return {@code null} if
* nothing to be sent.
* @throws PrivilegedActionException
* @throws PrivilegedActionException when privileged action threw exception
*/
String handleResponse(final String base64Token) throws PrivilegedActionException {
if (gssContext.isEstablished()) {
Expand Down Expand Up @@ -160,10 +159,9 @@ boolean isEstablished() {
*
* @param principal Principal name
* @param password {@link SecureString}
* @param settings {@link Settings}
* @return authenticated {@link LoginContext} instance. Note: This needs to be
* closed {@link LoginContext#logout()} after usage.
* @throws LoginException
* @throws LoginException thrown if problem with login configuration or when login fails
*/
private static LoginContext loginUsingPassword(final String principal, final SecureString password) throws LoginException {
final Set<Principal> principals = Collections.singleton(new KerberosPrincipal(principal));
Expand All @@ -182,8 +180,8 @@ private static LoginContext loginUsingPassword(final String principal, final Sec
* Instead of an additional file setting as we do not want the options to be
* customizable we are constructing it in memory.
* <p>
* As we are uing this instead of jaas.conf, this requires refresh of
* {@link Configuration} and reqires appropriate security permissions to do so.
* As we are using this instead of jaas.conf, this requires refresh of
* {@link Configuration} and requires appropriate security permissions to do so.
*/
static class PasswordJaasConf extends Configuration {
private final String principal;
Expand Down

0 comments on commit 4638b7c

Please sign in to comment.