Automatically prompt for username/password if Kerberos ticket is invalid

10 years ago · 2cea70caec
parent e32d9c1767
commit 2cea70caec
4 changed files with 52 additions and 3 deletions
--- a/clients/tde/debian/control
+++ b/clients/tde/debian/control
@ -3,7 +3,7 @@ Section: tde
 Priority: optional
 Maintainer: Timothy Pearson <kb9vqf@pearsoncomputing.net>
 Standards-Version: 3.8.4
-Build-Depends: debhelper (>= 5.0), cdbs, tdelibs14-trinity-dev, libtqtrla-dev, libtdekrb-trinity-dev, xutils, chrpath, gettext, quilt (>= 0.40), automake, autoconf, libtool, libltdl-dev
+Build-Depends: debhelper (>= 5.0), cdbs, tdelibs14-trinity-dev, libtqtrla-dev, libtdekrb-trinity-dev, libtdeldap-trinity-dev, xutils, chrpath, gettext, quilt (>= 0.40), automake, autoconf, libtool, libltdl-dev
 Homepage: http://ulab.trinitydesktop.org/

 Package: remote-laboratory-client-trinity
--- a/clients/tde/src/app/Makefile.am
+++ b/clients/tde/src/app/Makefile.am
@ -8,4 +8,4 @@ KDE_ICON = remote_laboratory_client
 bin_PROGRAMS = remote_laboratory_client
 remote_laboratory_client_SOURCES = main.cpp remotemdi.cpp
 remote_laboratory_client_LDADD = ./views/libinstrumentview.la ../dialogs/libselectserverdlg.la $(LIB_TDEPARTS) $(LIB_TDEUI)
-remote_laboratory_client_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_TDEIO) -ltdetexteditor -ltdemdi -ltdekrbsocket -ltqtrla
+remote_laboratory_client_LDFLAGS = $(all_libraries) $(KDE_RPATH) $(LIB_QT) -lDCOP $(LIB_TDECORE) $(LIB_TDEUI) -ltdefx $(LIB_TDEIO) -ltdetexteditor -ltdemdi -ltdekrbsocket -ltqtrla -ltdeldap
--- a/clients/tde/src/app/remotemdi.cpp
+++ b/clients/tde/src/app/remotemdi.cpp
@ -8,6 +8,8 @@
 #include <cassert>
 using namespace std;

+#include <pwd.h>
+
 #include <tdeapplication.h>
 #include <tdelocale.h>
 #include <kdebug.h>
@ -25,6 +27,7 @@ using namespace std;
 #include <tdeactionclasses.h>
 #include <kedittoolbar.h>
 #include <kkeydialog.h>
+#include <libtdeldap.h>

 #include "views/instrumentview.h"
 #include "dialogs/selectserverdlg.h"
@ -185,6 +188,37 @@ void RemoteMDI::startModule() {
 	}
 }

+int RemoteMDI::getNewTicket() {
+	int ret = -1;
+
+	LDAPCredentials credentials;
+	KerberosTicketInfoList ticketList = LDAPManager::getKerberosTicketList();
+	if (ticketList.count() > 0) {
+		TQStringList princParts = TQStringList::split("@", ticketList[0].cachePrincipal);
+		credentials.username = princParts[0];
+		credentials.realm = princParts[1];
+	}
+	else {
+		struct passwd* pwd = getpwuid(geteuid());
+		if (pwd) {
+			credentials.username = TQString(pwd->pw_name);
+		}
+	}
+	int result = LDAPManager::getKerberosPassword(credentials, i18n("Please provide Kerberos credentials"), false, this);
+	if (result == KDialog::Accepted) {
+		TQString errorstring;
+		TQString service;
+		if (LDAPManager::obtainKerberosTicket(credentials, service, &errorstring) != 0) {
+			KMessageBox::error(this, i18n("<qt>Failed to obtain ticket<p>%1</qt>").arg(errorstring), i18n("Failed to obtain Kerberos ticket"));
+		}
+		else {
+			ret = 0;
+		}
+	}
+
+	return ret;
+}
+
 void RemoteMDI::finishConnectingToServer() {
 	if (!m_rsvSvrSocket) {
 		connToServerState = -1;
@ -206,6 +240,7 @@ void RemoteMDI::finishConnectingToServer() {
 						connToServerConnecting = false;
 						disconnectFromServer();
 						KMessageBox::error(this, i18n("<qt>Unable to establish connection to remote server</qt>"), i18n("Connection Failed"));
+						return;
 					}
 				}
 				else {
@ -220,6 +255,7 @@ void RemoteMDI::finishConnectingToServer() {
 						connToServerConnecting = false;
 						disconnectFromServer();
 						KMessageBox::error(this, i18n("<qt>Unable to establish connection to remote server</qt>"), i18n("Connection Failed"));
+						return;
 					}
 				}
 				break;
@ -232,7 +268,17 @@ void RemoteMDI::finishConnectingToServer() {
 						connToServerState = -1;
 						connToServerConnecting = false;
 						disconnectFromServer();
-						KMessageBox::error(this, i18n("<qt>Unable to establish Kerberos protocol with remote server<p>Please verify that you currently hold a valid Kerberos ticket</qt>"), i18n("Connection Failed"));
+
+						// Try to get a valid ticket
+						if (getNewTicket() == 0) {
+							// Retry connection if no obvious errors were detected
+							TQTimer::singleShot(0, this, SLOT(connectToServer()));
+							return;
+						}
+						else {
+							KMessageBox::error(this, i18n("<qt>Unable to establish Kerberos protocol with remote server<p>Please verify that you currently hold a valid Kerberos ticket</qt>"), i18n("Connection Failed"));
+							return;
+						}
 					}
 					else {
 						connect(m_rsvSvrSocket, SIGNAL(readyRead()), m_rsvSvrSocket, SLOT(processPendingData()));
--- a/clients/tde/src/app/remotemdi.h
+++ b/clients/tde/src/app/remotemdi.h
@ -75,6 +75,9 @@ class RemoteMDI : public KMdiMainFrm
 		virtual bool queryClose();
 		virtual void resizeEvent(TQResizeEvent *);

+	private:
+		int getNewTicket();
+
 	private:
 		TQString m_mainStatusBarMessage;
 		TQMap<const TQObject*, TQString> m_windowStatusBarMapping;