import java.io.*; import java.util.*; import java.awt.*; import java.awt.event.*; import java.util.Date; import java.lang.Integer; import javax.servlet.*; import javax.servlet.http.*; public class KerberosServices extends HttpServlet { private String UserName; private String Display; private String Kerb_services; private String host; private String Rsh_option; private String cmd; private String Kerb_directory; private String action; boolean Kerberos_ticket = false; public void doPost(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { // first, set the "content type" header of the response res.setContentType("text/html"); //Get the response's PrintWriter to return text to the client. PrintWriter toClient = res.getWriter(); UserName = req.getParameter("UserContext"); Display = req.getParameter("DISPLAY"); Kerb_services = req.getParameter("Services"); host = req.getParameter("HOST"); Rsh_option = req.getParameter("rsh_options"); Kerb_directory = "/project/webflow/users/cyoun/Kerberos/krb5-1.0.6/bin/"; if(Rsh_option.equals("Webflow server")) Rsh_option = "/npac/home/webflow/WebFlow_Server"; if(UserName.equals("webflow")) { kerberos_ticket_checking(); kerberos_ticket_have_it_or_not(); if (Kerberos_ticket) { kerberosResultDelete(); makingandexecutingScript(); toClient.println(""); toClient.println(""); toClient.println(""); toClient.println("Try the Kerberized another services......"); toClient.println(" Restart "); toClient.println(""); toClient.println(""); toClient.println(""); toClient.close(); } else { kerberosResultDelete(); toClient.println(""); toClient.println(""); toClient.println(""); toClient.println("Please get a kerberos ticket......"); toClient.println(" Generating Kerberos Ticket "); toClient.println(""); toClient.println(""); toClient.println(""); toClient.close(); } } else { toClient.println(""); toClient.println(""); toClient.println(""); toClient.println("Try it again......"); toClient.println("

"); toClient.println("You are not eligible to use the Kerberos services."); toClient.println(" Restart "); toClient.println("

"); toClient.println(""); toClient.println(""); toClient.close(); } } public void kerberos_ticket_checking() { cmd = " "+Kerb_directory+"klist > /npac/home/webflow/WEBFLOW/JIGSAW/Jigsaw/WWW/servlets/kerberosresult"; String Kerberosscript = "/npac/home/webflow/WEBFLOW/JIGSAW/Jigsaw/WWW/servlets/kerberosscript"; String FileContents = new String("#!/bin/sh -f\n"); FileContents += cmd+"\n"; int scriptsize = FileContents.length(); byte[] scriptbuf = new byte[scriptsize]; FileContents.getBytes(0, scriptsize, scriptbuf, 0); File to_file = new File(Kerberosscript); FileOutputStream to = null; try{ to = new FileOutputStream(to_file); to.write(scriptbuf, 0, scriptsize); } catch(IOException exc){;} finally{ if(to != null) try{ to.close(); } catch(IOException exc) {;} } try{ Process KerberosEnv = Runtime.getRuntime().exec("chmod 777 "+Kerberosscript); KerberosEnv.waitFor(); Process KerberosExec = Runtime.getRuntime().exec(Kerberosscript); KerberosExec.waitFor(); } catch (Exception ex) { System.err.println("Error: " + ex.toString()); } } public void kerberos_ticket_have_it_or_not() { File f = new File("/npac/home/webflow/WEBFLOW/JIGSAW/Jigsaw/WWW/servlets/kerberosresult"); int size = (int) f.length(); int bytes_read = 0; String tem_data; try{ FileInputStream in = new FileInputStream(f); byte[] data = new byte[size]; while(bytes_read < size) bytes_read += in.read(data, bytes_read, size-bytes_read); tem_data = new String(data); int indexNum = tem_data.indexOf("Default principal: "); if (indexNum == -1) Kerberos_ticket = false; else { action = tem_data.substring(indexNum+19); if (action.startsWith(UserName)) { int indexDate = tem_data.indexOf("krbtgt"); String ExpireDate = tem_data.substring(indexDate-19, indexDate-1); String ExpireDateMonth = ExpireDate.substring(0,2); String ExpireDateDate = ExpireDate.substring(3,5); String ExpireDateYear = ExpireDate.substring(6,8); String ExpireDateHour = ExpireDate.substring(9,11); String ExpireDateMin = ExpireDate.substring(12,14); String ExpireDateSec = ExpireDate.substring(15,17); int Emonth = Integer.parseInt(ExpireDateMonth); int Edate = Integer.parseInt(ExpireDateDate); int Eyear = Integer.parseInt(ExpireDateYear); int Ehour = Integer.parseInt(ExpireDateHour); int Emin = Integer.parseInt(ExpireDateMin); int Esec = Integer.parseInt(ExpireDateSec); if( Eyear == (new Date()).getYear()){ if( Emonth == ((new Date()).getMonth()+1)) { if( Edate == (new Date()).getDate()) { if(Ehour == (new Date()).getHours()) { if(Emin == (new Date()).getMinutes()){ if(Esec == (new Date()).getSeconds()) Kerberos_ticket = true; else if(Esec > (new Date()).getSeconds()) Kerberos_ticket = true; else Kerberos_ticket = false; } /* Emin -- then */ else if(Emin > (new Date()).getMinutes()) Kerberos_ticket = true; else Kerberos_ticket = false; } /* Ehour -- then */ else if(Ehour > (new Date()).getHours()) Kerberos_ticket = true; else Kerberos_ticket = false; } /* Edate -- then */ else if(Edate > (new Date()).getDate()) Kerberos_ticket = true; else Kerberos_ticket = false; } /* Emonth -- then */ else if( Emonth > ((new Date()).getMonth()+1)) Kerberos_ticket = true; else Kerberos_ticket = false; } /* Eyear -- then */ else if( Eyear > (new Date()).getYear()) Kerberos_ticket = true; else Kerberos_ticket = false; } else Kerberos_ticket = false; } } catch (IOException e) { System.err.println("Error: " + e.toString()); } } public void kerberosResultDelete() { String Kerberosresult = "/npac/home/webflow/WEBFLOW/JIGSAW/Jigsaw/WWW/servlets/kerberosresult"; String Kerberosscript = "/npac/home/webflow/WEBFLOW/JIGSAW/Jigsaw/WWW/servlets/kerberosscript"; try{ Process KerberosDelete = Runtime.getRuntime().exec("rm -r "+Kerberosresult); KerberosDelete.waitFor(); Process KerberosSDelete = Runtime.getRuntime().exec("rm -r "+Kerberosscript); KerberosSDelete.waitFor(); } catch (Exception ex1) { //System.err.println("Error: " + ex1.toString()); } } public void makingandexecutingScript() { if(Kerb_services.equals("rlogin")) cmd = "xterm -sb -d "+Display+" -title "+UserName+" -e "+Kerb_directory+"rlogin "+host+" -x"; else if(Kerb_services.equals("telnet")) cmd = "xterm -sb -d "+Display+" -title "+UserName+" -e "+Kerb_directory+"ktelnet -a -x "+host+" 3000"; else if(Kerb_services.equals("ftp")) cmd = "xterm -sb -d "+Display+" -title "+UserName+" -e "+Kerb_directory+"kftp "+host+" 3001"; else if(Kerb_services.equals("rsh")) cmd = "xterm -sb -d "+Display+" -title "+UserName+" -e "+Kerb_directory+"rsh "+host+" -l "+UserName+" -x "+Rsh_option; else System.err.println("There is no such services in Kerberos"); try{ Process KerberosExec = Runtime.getRuntime().exec(cmd); // KerberosExec.waitFor(); } catch (Exception ex) { System.err.println("Error in executing Kerberos services :"+ex); } } public String getServletInfo() { return "Checking access as Kerberos Security Servlet"; } }