4102N/A * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * (C) Copyright IBM Corp. 1999 All Rights Reserved. 0N/A * Copyright 1997 The Open Group Research Institute. All rights reserved. 0N/A * Kinit tool for obtaining Kerberos v5 tickets. 0N/A * @author Yanni Zhang 0N/A * The main method is used to accept user command line input for ticket 0N/A * Usage: kinit [-A] [-f] [-p] [-c cachename] [[-k [-t keytab_file_name]] 0N/A * [principal] [password] 0N/A * <li> -A do not include addresses 0N/A * <li> -f forwardable 0N/A * <li> -c cache name (i.e., FILE://c:\temp\mykrb5cc) 0N/A * <li> -k use keytab 0N/A * <li> -t keytab file name 0N/A * <li> principal the principal name (i.e., duke@java.sun.com) 0N/A * <li> password the principal's Kerberos password 0N/A * Use java sun.security.krb5.tools.Kinit -help to bring up help menu. 0N/A * We currently support only file-based credentials cache to 0N/A * store the tickets obtained from the KDC. 0N/A * By default, for all Unix platforms a cache file named 0N/A * /tmp/krb5cc_<uid> will be generated. The <uid> is the 0N/A * numeric user identifier. 0N/A * For all other platforms, a cache file named 0N/A * <USER_HOME>/krb5cc_<USER_NAME> would be generated. 0N/A * <USER_HOME> is obtained from <code>java.lang.System</code> 0N/A * property <i>user.home</i>. 0N/A * <USER_NAME> is obtained from <code>java.lang.System</code> 0N/A * property <i>user.name</i>. 0N/A * If <USER_HOME> is null the cache file would be stored in 0N/A * the current directory that the program is running from. 0N/A * <USER_NAME> is operating system's login username. 0N/A * It could be different from user's principal name. 0N/A * For instance, on Windows NT, it could be 0N/A * c:\winnt\profiles\duke\krb5cc_duke, in 0N/A * which duke is the <USER_NAME>, and c:\winnt\profile\duke is the 0N/A * A single user could have multiple principal names, 0N/A * but the primary principal of the credentials cache could only be one, 0N/A * which means one cache file could only store tickets for one 0N/A * specific user principal. If the user switches 0N/A * the principal name at the next Kinit, the cache file generated for the 0N/A * new ticket would overwrite the old cache file by default. 0N/A * To avoid overwriting, you need to specify 0N/A * a different cache file name when you request a 0N/A * You can specify the location of the cache file by using the -c option 0N/A * Constructs a new Kinit object. 0N/A * @param args array of ticket request options. 0N/A * Avaiable options are: -f, -p, -c, principal, password. 0N/A * @exception IOException if an I/O error occurs. 0N/A * @exception RealmException if the Realm could not be instantiated. 0N/A * @exception KrbException if error occurs during Kerberos operation. 0N/A (
" Can not obtain principal name");
0N/A (
"Principal name must be specified.");
0N/A // we always create a new cache and store the ticket we get 0N/A // Assume we're running interactively 0N/A // clear the password