development/ghidra
development/ghidra
1
0
Fork 0
mirror of https://github.com/NationalSecurityAgency/ghidra synced 2024-09-19 18:21:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

GT-3187 GT-3186 - tweak GhidraServer startup option processing and html

Browse source 
Make the -jaas option work the same as the other startup options that
can handle the path value as either part of the same arg value or as the
next arg value.

Fix html oopsie.
This commit is contained in:
dev747368 2019-09-26 11:49:08 -04:00
parent c0bcdf7e5e
commit 70c377886a
2 changed files with 19 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
Ghidra/Features/GhidraServer/src/main/java/ghidra/server/remote/GhidraServer.java
View file

@ -634,15 +634,25 @@ public class GhidraServer extends UnicastRemoteObject implements GhidraServerHan
System.out.println("Default password expiration has been disbaled.");
}
}
else if (s.equals("-jaas")) {
int nextArgIndex = i + 1;
if (!(nextArgIndex < args.length - 1)) {
// length - 1 -> don't count mandatory repo path, which is always last arg
else if (s.startsWith("-jaas")) {
if (s.length() == 5) {
int nextArgIndex = i + 1;
if (!(nextArgIndex < args.length - 1)) {
// length - 1 -> don't count mandatory repo path, which is always last arg
displayUsage("Missing -jaas config file path argument");
System.exit(-1);
}
jaasConfigFileStr = args[nextArgIndex];
i++;
}
else {
jaasConfigFileStr = s.substring(5);
}
jaasConfigFileStr = jaasConfigFileStr.trim();
if (jaasConfigFileStr.isEmpty()) {
displayUsage("Missing -jaas config file path argument");
System.exit(-1);
}
jaasConfigFileStr = args[nextArgIndex];
i++;
}
else if (s.equals("-autoProvision")) {
autoProvision = true;

6
Ghidra/RuntimeScripts/Common/server/svrREADME.html
View file

@ -258,7 +258,7 @@ The Ghidra Server has been designed to support many possible user authenticatio
<br>
<LI><u>JAAS - Java Authentication and Authorization Service (<typewriter>-a4</typewriter>)</u> -
user authentication is delegated to the JAAS subsystem. The -jaas &lt;config_file&gt; argument
is required to specify the JAAS config file. The JAAS config file supplied (<i>server/jaas.conf</i>i>)
is required to specify the JAAS config file. The JAAS config file supplied (<i>server/jaas.conf</i>)
contains various example configurations which may be used to establish an 'auth' configuration
section. None of the example configurations use the 'auth' name so they will be ignored by default.
<p>
@ -274,14 +274,14 @@ The Ghidra Server has been designed to support many possible user authenticatio
</li>
<li><u>net.sf.jpam.jaas.JpamLoginModule</u> - (Linux/Unix server only) allows authentication against
the local PAM configuration. You will need to download JPAM from SourceForce and install the
libraries in the necessary locations. See the example in the <i>jaas.conf</i>i> file.
libraries in the necessary locations. See the example in the <i>jaas.conf</i> file.
</li>
<li><u>ghidra.server.security.loginmodule.ExternalProgramLoginModule</u> - spawns an external
program for each authentication request, and uses the external program's exit code as the indicator
of successful authentication.
<p>
There is an example (and non-useful) implementation of an external authenticator provided with
the Ghidra instalation called <i>server/jaas_external_program.example.sh</i>i>.
the Ghidra instalation called <i>server/jaas_external_program.example.sh</i>.
<p>
This login module strives to be compatible with Apache's mod_authnz_external API, and you should
be able to use any mod_authnz_external authenticator with Ghidra.