Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Logic to add config for loginContext #2591

Closed
wants to merge 8 commits into from
Closed

Logic to add config for loginContext #2591

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
a398694
Logic to add config for loginContext
muskan124947 Jan 23, 2025
5691df0
Test change
muskan124947 Jan 24, 2025
ad2a067
Updated jaas config
muskan124947 Jan 28, 2025
f3b4418
Updated jaas config context
muskan124947 Jan 28, 2025
5e9355b
Merge branch 'main' into muskanTestLoginModule2
muskan124947 Jan 28, 2025
c92be4a
context name update
muskan124947 Jan 28, 2025
a466021
Updated Jaas config for test
muskan124947 Jan 29, 2025
d599a94
Test
muskan124947 Jan 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 1 addition & 7 deletions src/main/java/com/microsoft/sqlserver/jdbc/KerbAuthentication.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,6 @@
private boolean useDefaultNativeGSSCredential = false;
private GSSContext peerContext = null;

static {
// Overrides the default JAAS configuration loader.
// This one will forward to the default one in all cases but the default configuration is empty.
Configuration.setConfiguration(new JaasConfiguration(Configuration.getConfiguration()));
}

/**
* Initializes the Kerberos client security context
*
Expand Down Expand Up @@ -114,7 +108,7 @@

if (null == currentSubject) {
if (useDefaultJaas) {
lc = new LoginContext(configName, null, callback, new JaasConfiguration(null));
lc = new LoginContext(configName, null, callback, new JaasConfiguration(Configuration.getConfiguration()));

Check warning on line 111 in src/main/java/com/microsoft/sqlserver/jdbc/KerbAuthentication.java

View check run for this annotation

Codecov / codecov/patch

src/main/java/com/microsoft/sqlserver/jdbc/KerbAuthentication.java#L111 

Added line #L111 was not covered by tests
} else {
lc = new LoginContext(configName, callback);
}
Expand Down
46 changes: 42 additions & 4 deletions src/test/java/com/microsoft/sqlserver/jdbc/KerberosTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@
import java.util.HashMap;
import java.util.Map;


@Tag(Constants.kerberos)
@RunWith(JUnitPlatform.class)
public class KerberosTest extends AbstractTest {
Expand All @@ -26,9 +25,43 @@ public class KerberosTest extends AbstractTest {

@BeforeAll
public static void setupTests() throws Exception {
setJaasConfiguration();
setConnection();
}

private static void setJaasConfiguration() {
AppConfigurationEntry[] entries;
if (Util.isIBM()) {
Map<String, String> confDetailsWithoutPassword = new HashMap<>();
confDetailsWithoutPassword.put("useDefaultCcache", "true");
Map<String, String> confDetailsWithPassword = new HashMap<>();
final String ibmLoginModule = "com.ibm.security.auth.module.Krb5LoginModule";
entries = new AppConfigurationEntry[] {
new AppConfigurationEntry(ibmLoginModule, AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT,
confDetailsWithoutPassword),
new AppConfigurationEntry(ibmLoginModule, AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT,
confDetailsWithPassword)};
} else {
Map<String, String> options = new HashMap<>();
options.put("useTicketCache", "true");
options.put("renewTGT", "true");
options.put("doNotPrompt", "false"); // Allow prompting for credentials if necessary

entries = new AppConfigurationEntry[] {
new AppConfigurationEntry("com.sun.security.auth.module.Krb5LoginModule",
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options)};
}
Configuration.setConfiguration(new Configuration() {
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
if ("SQLJDBCDriver".equals(name)) {
return entries;
}
return null;
}
});
}

@Test
public void testUseDefaultJaasConfigConnectionStringPropertyTrue() throws Exception {
String connectionStringUseDefaultJaasConfig = connectionStringKerberos + ";useDefaultJaasConfig=true;";
Expand Down Expand Up @@ -96,11 +129,16 @@ private static void createKerberosConnection(String connectionString) throws Exc
* Overwrites the default JAAS config. Call before making a connection.
*/
private static void overwriteJaasConfig() {
AppConfigurationEntry kafkaClientConfigurationEntry = new AppConfigurationEntry(
Map<String, String> options = new HashMap<>();
options.put("useTicketCache", "true");
options.put("renewTGT", "true");
options.put("doNotPrompt", "false"); // Allow prompting for credentials if necessary

AppConfigurationEntry kerberosConfigurationEntry = new AppConfigurationEntry(
"com.sun.security.auth.module.Krb5LoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
new HashMap<>());
options);
Map<String, AppConfigurationEntry[]> configurationEntries = new HashMap<>();
configurationEntries.put("CLIENT_CONTEXT_NAME", new AppConfigurationEntry[] {kafkaClientConfigurationEntry});
configurationEntries.put("SQLJDBCDriver", new AppConfigurationEntry[] {kerberosConfigurationEntry});
Configuration.setConfiguration(new InternalConfiguration(configurationEntries));
}

Expand Down