Repository: knox Updated Branches: refs/heads/master 94ec60ca5 -> aba0f0b13
KNOX-519 - Prompt user to provide password, rather providing as an argument to knoxcli cmd (J.Andreina via lmccay) Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/aba0f0b1 Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/aba0f0b1 Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/aba0f0b1 Branch: refs/heads/master Commit: aba0f0b133aaa331b86e329866ea959753967ca9 Parents: 94ec60c Author: Larry McCay <lmc...@hortonworks.com> Authored: Tue Jan 26 16:41:12 2016 -0500 Committer: Larry McCay <lmc...@hortonworks.com> Committed: Tue Jan 26 16:41:12 2016 -0500 ---------------------------------------------------------------------- .../org/apache/hadoop/gateway/util/KnoxCLI.java | 42 ++++++++++++++++---- 1 file changed, 34 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/aba0f0b1/gateway-server/src/main/java/org/apache/hadoop/gateway/util/KnoxCLI.java ---------------------------------------------------------------------- diff --git a/gateway-server/src/main/java/org/apache/hadoop/gateway/util/KnoxCLI.java b/gateway-server/src/main/java/org/apache/hadoop/gateway/util/KnoxCLI.java index 037d3df..780f944 100644 --- a/gateway-server/src/main/java/org/apache/hadoop/gateway/util/KnoxCLI.java +++ b/gateway-server/src/main/java/org/apache/hadoop/gateway/util/KnoxCLI.java @@ -540,12 +540,12 @@ public class KnoxCLI extends Configured implements Tool { public static final String USAGE = "create-alias aliasname [--cluster clustername] " + "[ (--value v) | (--generate) ]"; - public static final String DESC = "The create-alias command will create an alias\n" + - "and secret pair within the credential store for the\n" + - "indicated --cluster otherwise within the gateway\n" + - "credential store. The actual secret may be specified via\n" + - "the --value option or --generate will create a random secret\n" + - "for you."; + public static final String DESC = "The create-alias command will create an alias\n" + + "and secret pair within the credential store for the\n" + + "indicated --cluster otherwise within the gateway\n" + + "credential store. The actual secret may be specified via\n" + + "the --value option or --generate (will create a random secret\n" + + "for you) or user will be prompt to provide password."; private String name = null; @@ -575,8 +575,9 @@ public class KnoxCLI extends Configured implements Tool { out.println(name + " has been successfully generated."); } else { - throw new IllegalArgumentException("No value has been set. " + - "Consider setting --generate or --value."); + value = new String(promptUserForPassword()); + as.addAliasForCluster(cluster, name, value); + out.println(name + " has been successfully created."); } } } @@ -589,6 +590,31 @@ public class KnoxCLI extends Configured implements Tool { return USAGE + ":\n\n" + DESC; } + protected char[] promptUserForPassword() { + char[] password = null; + Console c = System.console(); + if (c == null) { + System.err + .println("No console to fetch password from user.Consider setting via --generate or --value."); + System.exit(1); + } + + boolean noMatch; + do { + char[] newPassword1 = c.readPassword("Enter password: "); + char[] newPassword2 = c.readPassword("Enter password again: "); + noMatch = !Arrays.equals(newPassword1, newPassword2); + if (noMatch) { + c.format("Passwords don't match. Try again.%n"); + } else { + password = Arrays.copyOf(newPassword1, newPassword1.length); + } + Arrays.fill(newPassword1, ' '); + Arrays.fill(newPassword2, ' '); + } while (noMatch); + return password; + } + } /**