From: Matthew Buckett <matthew.buckett@oucs.ox.ac.uk>
Date: Mon, 23 Mar 2009 17:59:29 +0000 (+0000)
Subject: Don't require as much configuration.
X-Git-Url: http://git-repo.oucs.ox.ac.uk/cgi-bin/gitweb.cgi?p=repos%2Flocal-version%2Fsakai%2Fproviders.git;a=commitdiff_plain;h=d7e4c3a9db48b207d69584e2ed8aff29d2f730e5

Don't require as much configuration.
If something is wrong at startup blow up, rather than just logging it and carrying on.
---

diff --git a/kerberos/src/java/org/sakaiproject/component/kerberos/user/KerberosUserDirectoryProvider.java b/kerberos/src/java/org/sakaiproject/component/kerberos/user/KerberosUserDirectoryProvider.java
index 4cd9e37..93f4278 100644
--- a/kerberos/src/java/org/sakaiproject/component/kerberos/user/KerberosUserDirectoryProvider.java
+++ b/kerberos/src/java/org/sakaiproject/component/kerberos/user/KerberosUserDirectoryProvider.java
@@ -65,7 +65,7 @@ public class KerberosUserDirectoryProvider implements UserDirectoryProvider
 	 *********************************************************************************************************************************************************************************************************************************************************/
 
 	/** Configuration: Domain */
-	protected String m_domain = "domain.tld";
+	protected String m_domain = null;
 
 	/**
 	 * Configuration: Domain Name (for E-Mail Addresses)
@@ -129,73 +129,69 @@ public class KerberosUserDirectoryProvider implements UserDirectoryProvider
 	 */
 	public void init()
 	{
-		try
+		// Full paths only from the file
+		String kerberoskrb5conf = ServerConfigurationService.getString("provider.kerberos.krb5.conf", null);
+		String kerberosauthloginconfig = ServerConfigurationService.getString("provider.kerberos.auth.login.config", "sakai-jaas.conf");
+		boolean kerberosshowconfig = ServerConfigurationService.getBoolean("provider.kerberos.showconfig", false);
+		String sakaihomepath = System.getProperty("sakai.home");
+
+		// if locations are configured in sakai.properties, use them in place of the current system locations
+		// if the location specified exists and is readable, use full absolute path
+		// otherwise, try file path relative to sakai.home
+		// if files are readable use the, otherwise print warning and use system defaults
+		if (kerberoskrb5conf != null)
 		{
-
-			// Full paths only from the file
-			String kerberoskrb5conf = ServerConfigurationService.getString("provider.kerberos.krb5.conf", null);
-			String kerberosauthloginconfig = ServerConfigurationService.getString("provider.kerberos.auth.login.config", null);
-			boolean kerberosshowconfig = ServerConfigurationService.getBoolean("provider.kerberos.showconfig", false);
-			String sakaihomepath = System.getProperty("sakai.home");
-
-			// if locations are configured in sakai.properties, use them in place of the current system locations
-			// if the location specified exists and is readable, use full absolute path
-			// otherwise, try file path relative to sakai.home
-			// if files are readable use the, otherwise print warning and use system defaults
-			if (kerberoskrb5conf != null)
+			if (new File(kerberoskrb5conf).canRead())
 			{
-				if (new File(kerberoskrb5conf).canRead())
-				{
-					System.setProperty("java.security.krb5.conf", kerberoskrb5conf);
-				}
-				else if (new File(sakaihomepath + kerberoskrb5conf).canRead())
-				{
-					System.setProperty("java.security.krb5.conf", sakaihomepath + kerberoskrb5conf);
-				}
-				else
-				{
-					M_log.warn(this + ".init(): Cannot set krb5conf location");
-					kerberoskrb5conf = null;
-				}
+				System.setProperty("java.security.krb5.conf", kerberoskrb5conf);
 			}
-
-			if (kerberosauthloginconfig != null)
+			else if (new File(sakaihomepath, kerberoskrb5conf).canRead())
 			{
-
-				if (new File(kerberosauthloginconfig).canRead())
-				{
-					System.setProperty("java.security.auth.login.config", kerberosauthloginconfig);
-				}
-				else if (new File(sakaihomepath + kerberosauthloginconfig).canRead())
-				{
-					System.setProperty("java.security.auth.login.config", sakaihomepath + kerberosauthloginconfig);
-				}
-				else
-				{
-					M_log.warn(this + ".init(): Cannot set kerberosauthloginconfig location");
-					kerberosauthloginconfig = null;
-				}
+				System.setProperty("java.security.krb5.conf", sakaihomepath + kerberoskrb5conf);
+			}
+			else
+			{
+				M_log.info(this + ".init(): Using default rules for krb5.conf location.");
+				kerberoskrb5conf = null;
 			}
+		}
 
-			M_log.info(this + ".init()" + " Domain=" + m_domain + " LoginContext=" + m_logincontext + " RequireLocalAccount="
-					+ m_requirelocalaccount + " KnownUserMsg=" + m_knownusermsg );
+		if (kerberosauthloginconfig != null)
+		{
 
-			// show the whole config if set
-			// system locations will read NULL if not set (system defaults will be used)
-			if (kerberosshowconfig)
+			if (new File(kerberosauthloginconfig).canRead())
+			{
+				System.setProperty("java.security.auth.login.config", kerberosauthloginconfig);
+			}
+			else if (new File(sakaihomepath, kerberosauthloginconfig).canRead())
 			{
-				M_log.info(this + ".init()" + " SakaiHome=" + sakaihomepath + " SakaiPropertyKrb5Conf=" + kerberoskrb5conf
-						+ " SakaiPropertyAuthLoginConfig=" + kerberosauthloginconfig + " SystemPropertyKrb5Conf="
-						+ System.getProperty("java.security.krb5.conf") + " SystemPropertyAuthLoginConfig="
-						+ System.getProperty("java.security.auth.login.config"));
+				System.setProperty("java.security.auth.login.config", sakaihomepath + kerberosauthloginconfig);
 			}
+			else
+			{
+				M_log.info(this + ".init(): Cannot set kerberosauthloginconfig location");
+				kerberosauthloginconfig = null;
+			}
+		}
+
+		M_log.info(this + ".init()" + " Domain=" + m_domain + " LoginContext=" + m_logincontext + " RequireLocalAccount="
+				+ m_requirelocalaccount + " KnownUserMsg=" + m_knownusermsg );
 
+		// show the whole config if set
+		// system locations will read NULL if not set (system defaults will be used)
+		if (kerberosshowconfig)
+		{
+			M_log.info(this + ".init()" + " SakaiHome=" + sakaihomepath + " SakaiPropertyKrb5Conf=" + kerberoskrb5conf
+					+ " SakaiPropertyAuthLoginConfig=" + kerberosauthloginconfig + " SystemPropertyKrb5Conf="
+					+ System.getProperty("java.security.krb5.conf") + " SystemPropertyAuthLoginConfig="
+					+ System.getProperty("java.security.auth.login.config"));
 		}
-		catch (Throwable t)
+		if (!m_requirelocalaccount && m_domain == null)
 		{
-			M_log.warn(this + ".init(): ", t);
+			throw new IllegalStateException("If you don't require local accounts you must set the domain for email addresses.");
 		}
 
+
 	} // init
 
 	/**
@@ -256,6 +252,7 @@ public class KerberosUserDirectoryProvider implements UserDirectoryProvider
 	 */
 	public boolean findUserByEmail(UserEdit edit, String email)
 	{
+		if (m_requirelocalaccount) return false;
 		// lets not get messed up with spaces or cases
 		String test = email.toLowerCase().trim();