Java Kadmin
Jonathan Javier Cordoba Gonzalez
jcordoba at uniandes.edu.co
Tue Nov 13 16:09:46 EST 2007
Thanks a lot,
I tried to separate the command, and everything seem ok.
But I had a problem with the command "addprinc", since the java exec pass to
it like a single string (the command was interpreted like "addprinc
lola at SAKURA.COM" and not like "addprinc").
So, my solution was to create a script with parameter separated by spaces
and call it from Java... lovely.
Thanks a lot
Jonathan Córdoba
Certified Ethical Hacker (CEH)
GIAC Certified Forensics Analyst (GCFA)
CompTIA Security+ Certified Professional
Ing. Seguridad Universidad de los Andes
Dirección de Tecnologías de Información (D.T.I.)
Bogotá - Colombia
-----Original Message-----
From: Ken Raeburn [mailto:raeburn at MIT.EDU]
Sent: Martes, 13 de Noviembre de 2007 01:32 p.m.
To: Jonathan Javier Cordoba Gonzalez
Cc: kerberos at mit.edu
Subject: Re: Java Kadmin
On Nov 13, 2007, at 13:09, Jonathan Javier Cordoba Gonzalez wrote:
> Well I’m try to do a interface that admin the user database on
> java. My
> first solution was call kadmin.local from java through
>
> Runtime.getRuntime().exec("kadmin.local –q \"addprinc –pw lola
> lola at SAKURA.COM\"")
>
> Well there seems ok, but when I execute on a linux box the process
> on Java
> tries to connect with the user w at SAKURA.COM... (funny isn’t it?)
> and kadmin
> doesn’t found on KDC.
Sounds like exec isn't parsing the string the way a shell would, and
kadmin.local sees a separate "-pw" argument and takes that as an
indication that the principal name is "w". According to http://
java.sun.com/j2se/1.4.2/docs/api/java/lang/Runtime.html#exec
(java.lang.String) the string is parsed using a StringTokenizer that
doesn't understand quoted strings in the input.
Probably you want to use the exec(String[]) method instead, and
construct the argument array yourself, either as an array directly,
or by more shell-like tokenization.
Ken
More information about the Kerberos
mailing list