mirror of
https://github.com/NationalSecurityAgency/ghidra
synced 2024-09-19 18:21:26 +00:00
GT-3187 GT-3186 - tweak GhidraServer startup option processing and html
Make the -jaas option work the same as the other startup options that can handle the path value as either part of the same arg value or as the next arg value. Fix html oopsie.
This commit is contained in:
parent
c0bcdf7e5e
commit
70c377886a
|
@ -634,15 +634,25 @@ public class GhidraServer extends UnicastRemoteObject implements GhidraServerHan
|
|||
System.out.println("Default password expiration has been disbaled.");
|
||||
}
|
||||
}
|
||||
else if (s.equals("-jaas")) {
|
||||
int nextArgIndex = i + 1;
|
||||
if (!(nextArgIndex < args.length - 1)) {
|
||||
// length - 1 -> don't count mandatory repo path, which is always last arg
|
||||
else if (s.startsWith("-jaas")) {
|
||||
if (s.length() == 5) {
|
||||
int nextArgIndex = i + 1;
|
||||
if (!(nextArgIndex < args.length - 1)) {
|
||||
// length - 1 -> don't count mandatory repo path, which is always last arg
|
||||
displayUsage("Missing -jaas config file path argument");
|
||||
System.exit(-1);
|
||||
}
|
||||
jaasConfigFileStr = args[nextArgIndex];
|
||||
i++;
|
||||
}
|
||||
else {
|
||||
jaasConfigFileStr = s.substring(5);
|
||||
}
|
||||
jaasConfigFileStr = jaasConfigFileStr.trim();
|
||||
if (jaasConfigFileStr.isEmpty()) {
|
||||
displayUsage("Missing -jaas config file path argument");
|
||||
System.exit(-1);
|
||||
}
|
||||
jaasConfigFileStr = args[nextArgIndex];
|
||||
i++;
|
||||
}
|
||||
else if (s.equals("-autoProvision")) {
|
||||
autoProvision = true;
|
||||
|
|
|
@ -258,7 +258,7 @@ The Ghidra Server has been designed to support many possible user authenticatio
|
|||
<br>
|
||||
<LI><u>JAAS - Java Authentication and Authorization Service (<typewriter>-a4</typewriter>)</u> -
|
||||
user authentication is delegated to the JAAS subsystem. The -jaas <config_file> argument
|
||||
is required to specify the JAAS config file. The JAAS config file supplied (<i>server/jaas.conf</i>i>)
|
||||
is required to specify the JAAS config file. The JAAS config file supplied (<i>server/jaas.conf</i>)
|
||||
contains various example configurations which may be used to establish an 'auth' configuration
|
||||
section. None of the example configurations use the 'auth' name so they will be ignored by default.
|
||||
<p>
|
||||
|
@ -274,14 +274,14 @@ The Ghidra Server has been designed to support many possible user authenticatio
|
|||
</li>
|
||||
<li><u>net.sf.jpam.jaas.JpamLoginModule</u> - (Linux/Unix server only) allows authentication against
|
||||
the local PAM configuration. You will need to download JPAM from SourceForce and install the
|
||||
libraries in the necessary locations. See the example in the <i>jaas.conf</i>i> file.
|
||||
libraries in the necessary locations. See the example in the <i>jaas.conf</i> file.
|
||||
</li>
|
||||
<li><u>ghidra.server.security.loginmodule.ExternalProgramLoginModule</u> - spawns an external
|
||||
program for each authentication request, and uses the external program's exit code as the indicator
|
||||
of successful authentication.
|
||||
<p>
|
||||
There is an example (and non-useful) implementation of an external authenticator provided with
|
||||
the Ghidra instalation called <i>server/jaas_external_program.example.sh</i>i>.
|
||||
the Ghidra instalation called <i>server/jaas_external_program.example.sh</i>.
|
||||
<p>
|
||||
This login module strives to be compatible with Apache's mod_authnz_external API, and you should
|
||||
be able to use any mod_authnz_external authenticator with Ghidra.
|
||||
|
|
Loading…
Reference in a new issue