You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/01/22 01:56:31 UTC
[07/50] [abbrv] directory-kerberos git commit: Many changes with
newname
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpClient.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpClient.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpClient.java
new file mode 100644
index 0000000..f460b60
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpClient.java
@@ -0,0 +1,149 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.udp;
+
+import junit.framework.Assert;
+import org.apache.kerby.event.Event;
+import org.apache.kerby.event.EventHandler;
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.event.EventWaiter;
+import org.apache.kerby.transport.Connector;
+import org.apache.kerby.transport.MessageHandler;
+import org.apache.kerby.transport.Transport;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.udp.UdpConnector;
+import org.apache.kerby.transport.event.TransportEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.DatagramSocket;
+import java.net.InetSocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.DatagramChannel;
+import java.nio.channels.SelectionKey;
+import java.nio.channels.Selector;
+import java.util.Iterator;
+import java.util.Set;
+
+public class TestUdpClient extends TestUdpBase {
+
+ private EventHub eventHub;
+ private EventWaiter eventWaiter;
+
+ @Before
+ public void setUp() throws IOException {
+ setUpServer();
+ setUpClient();
+ }
+
+ private void setUpServer() {
+ new Thread(new Runnable() {
+ @Override
+ public void run() {
+ try {
+ doRunServer();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ }).start();
+ }
+
+ private void doRunServer() throws IOException {
+ DatagramChannel serverSocketChannel;
+ Selector selector = Selector.open();
+ serverSocketChannel = DatagramChannel.open();
+ serverSocketChannel.configureBlocking(false);
+ DatagramSocket serverSocket = serverSocketChannel.socket();
+ serverSocket.bind(new InetSocketAddress(serverPort));
+ serverSocketChannel.register(selector, SelectionKey.OP_READ);
+
+ while (true) {
+ if (selector.selectNow() > 0) {
+ Set<SelectionKey> selectionKeys = selector.selectedKeys();
+ Iterator<SelectionKey> iterator = selectionKeys.iterator();
+ while (iterator.hasNext()) {
+ SelectionKey selectionKey = iterator.next();
+ iterator.remove();
+ if (selectionKey.isReadable()) {
+ ByteBuffer recvBuffer = ByteBuffer.allocate(65536);
+ InetSocketAddress fromAddress = (InetSocketAddress) serverSocketChannel.receive(recvBuffer);
+ if (fromAddress != null) {
+ recvBuffer.flip();
+ serverSocketChannel.send(recvBuffer, fromAddress);
+ }
+ }
+ }
+
+ try {
+ Thread.sleep(1000);
+ } catch (InterruptedException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+ }
+
+ private void setUpClient() throws IOException {
+ eventHub = new EventHub();
+
+ EventHandler messageHandler = new MessageHandler() {
+ @Override
+ protected void handleMessage(MessageEvent msgEvent) {
+ if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
+ ByteBuffer buffer = msgEvent.getMessage();
+ clientRecvedMessage = recvBuffer2String(buffer);
+ System.out.println("Recved clientRecvedMessage: " + clientRecvedMessage);
+ Boolean result = TEST_MESSAGE.equals(clientRecvedMessage);
+ dispatch(new Event(TestEventType.FINISHED, result));
+ }
+ }
+ };
+ eventHub.register(messageHandler);
+
+ Connector connector = new UdpConnector();
+ eventHub.register(connector);
+
+ eventWaiter = eventHub.waitEvent(
+ TestEventType.FINISHED,
+ TransportEventType.NEW_TRANSPORT);
+
+ eventHub.start();
+ connector.connect(serverHost, serverPort);
+ }
+
+ @Test
+ public void testUdpTransport() {
+ Event event = eventWaiter.waitEvent(TransportEventType.NEW_TRANSPORT);
+ Transport transport = ((TransportEvent) event).getTransport();
+ transport.sendMessage(ByteBuffer.wrap(TEST_MESSAGE.getBytes()));
+
+ event = eventWaiter.waitEvent(TestEventType.FINISHED);
+ Assert.assertTrue((Boolean) event.getEventData());
+ }
+
+ @After
+ public void cleanup() {
+ eventHub.stop();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpServer.java
----------------------------------------------------------------------
diff --git a/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpServer.java b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpServer.java
new file mode 100644
index 0000000..1402d9e
--- /dev/null
+++ b/lib/kerby-event/src/test/java/org/apache/kerby/event/udp/TestUdpServer.java
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.event.udp;
+
+import junit.framework.Assert;
+import org.apache.kerby.event.EventHandler;
+import org.apache.kerby.event.EventHub;
+import org.apache.kerby.transport.Acceptor;
+import org.apache.kerby.transport.MessageHandler;
+import org.apache.kerby.transport.event.MessageEvent;
+import org.apache.kerby.transport.event.TransportEventType;
+import org.apache.kerby.transport.udp.UdpAcceptor;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.net.SocketAddress;
+import java.nio.ByteBuffer;
+import java.nio.channels.DatagramChannel;
+
+public class TestUdpServer extends TestUdpBase {
+
+ private EventHub eventHub;
+
+ @Before
+ public void setUp() throws IOException {
+ setUpServer();
+ }
+
+ private void setUpServer() throws IOException {
+ eventHub = new EventHub();
+
+ EventHandler messageHandler = new MessageHandler() {
+ @Override
+ protected void handleMessage(MessageEvent msgEvent) {
+ if (msgEvent.getEventType() == TransportEventType.INBOUND_MESSAGE) {
+ msgEvent.getTransport().sendMessage(msgEvent.getMessage());
+ }
+ }
+ };
+ eventHub.register(messageHandler);
+
+ Acceptor acceptor = new UdpAcceptor();
+ eventHub.register(acceptor);
+
+ eventHub.start();
+ acceptor.listen(serverHost, serverPort);
+ }
+
+ @Test
+ public void testUdpTransport() throws IOException, InterruptedException {
+ Thread.sleep(10);
+
+ DatagramChannel socketChannel = DatagramChannel.open();
+ socketChannel.configureBlocking(true);
+ SocketAddress sa = new InetSocketAddress(serverHost, serverPort);
+ socketChannel.send(ByteBuffer.wrap(TEST_MESSAGE.getBytes()), sa);
+ ByteBuffer byteBuffer = ByteBuffer.allocate(65536);
+ socketChannel.receive(byteBuffer);
+ byteBuffer.flip();
+ clientRecvedMessage = recvBuffer2String(byteBuffer);
+
+ Assert.assertEquals(TEST_MESSAGE, clientRecvedMessage);
+ }
+
+ @After
+ public void cleanup() {
+ eventHub.stop();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/pom.xml
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/pom.xml b/lib/kerby-pkix/pom.xml
new file mode 100644
index 0000000..01aa22d
--- /dev/null
+++ b/lib/kerby-pkix/pom.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>lib</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-pkix</artifactId>
+
+ <name>Kerby PKIX</name>
+ <description>Kerby PKIX utilities</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>not-yet-commons-ssl</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+
+</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/src/main/java/org/apache/kerby/pki/Pkix.java
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/java/org/apache/kerby/pki/Pkix.java b/lib/kerby-pkix/src/main/java/org/apache/kerby/pki/Pkix.java
new file mode 100644
index 0000000..e74d74f
--- /dev/null
+++ b/lib/kerby-pkix/src/main/java/org/apache/kerby/pki/Pkix.java
@@ -0,0 +1,87 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.pki;
+
+import org.apache.commons.ssl.PKCS8Key;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.KeyFactory;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+public class Pkix {
+
+ public static List<Certificate> getCerts(String certFile) throws IOException, CertificateException {
+ InputStream is = new FileInputStream(new File(certFile));
+ return getCerts(is);
+ }
+
+ public static List<Certificate> getCerts(InputStream inputStream) throws IOException, CertificateException {
+ CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
+ Collection<? extends Certificate> certs =
+ (Collection<? extends Certificate>) certFactory.generateCertificates(inputStream);
+
+ return new ArrayList<Certificate>(certs);
+ }
+
+ public static PrivateKey getPrivateKey(String keyFile, String password) throws IOException, GeneralSecurityException {
+ InputStream in = new FileInputStream("/path/to/pkcs8_private_key.der");
+ return getPrivateKey(in, password);
+ }
+
+ public static PrivateKey getPrivateKey(InputStream inputStream, String password) throws GeneralSecurityException, IOException {
+ if (password == null) password = "";
+ // If the provided InputStream is encrypted, we need a password to decrypt
+ // it. If the InputStream is not encrypted, then the password is ignored
+ // (can be null). The InputStream can be DER (raw ASN.1) or PEM (base64).
+ PKCS8Key pkcs8 = new PKCS8Key(inputStream, password.toCharArray());
+
+ // If an unencrypted PKCS8 key was provided, then this actually returns
+ // exactly what was originally passed inputStream (with no changes). If an OpenSSL
+ // key was provided, it gets reformatted as PKCS #8 first, and so these
+ // bytes will still be PKCS #8, not OpenSSL.
+ byte[] decrypted = pkcs8.getDecryptedBytes();
+ PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(decrypted);
+
+ // A Java PrivateKey object is born.
+ PrivateKey pk = null;
+ if (pkcs8.isDSA()) {
+ pk = KeyFactory.getInstance("DSA").generatePrivate(spec);
+ }
+ else if (pkcs8.isRSA()) {
+ pk = KeyFactory.getInstance("RSA").generatePrivate(spec);
+ }
+
+ // For lazier types:
+ pk = pkcs8.getPrivateKey();
+
+ return pk;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/src/main/resources/cacert.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/cacert.pem b/lib/kerby-pkix/src/main/resources/cacert.pem
new file mode 100644
index 0000000..6b91561
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/cacert.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID6zCCAtOgAwIBAgIJAMrZoeDxTzwWMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzEzMjdaFw0yNDA1MTAxMzEzMjdaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMCznJJ02ZUjCPvAwnBmfPs0akb5QRc/NKu8kCtAPWzgHS2JPTQfJhkDbTAD
+eIlg8IeJpOdrYnzdaBCzgxqjSkls+vxjYotOU0Zbrpy2bj0lRDqdYbNsiuConKgT
+MeuDEd/4ZI0X9NWLAi06Iv1F4mHXf36c6uqiUWTtXiofogrFUoTRwACKR2qeC95X
+Py+FDmpS9lz0mo0vDWjetLQC2IBngjjPFdR16n87QDIWfRBkk66rn7rEA6Li66b/
+cToajMSA/n+2Ud1mntSY4RdDdd0TBtAq9RrXtUOfzGaE7S6t+FtYyEprvT4FdOTU
+uyYgSNaI9ANVP1zhQ9LACKuudOECAwEAAaNQME4wHQYDVR0OBBYEFD91SVOejfwx
+u33+5N0TdYbHJbgAMB8GA1UdIwQYMBaAFD91SVOejfwxu33+5N0TdYbHJbgAMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADsONtUqGNBPBXnRowcJwv+Y
+F1Vea+4dkBwYbhkiO6H5XMKr+waOnOD2eAvgP4aeYg/a0xOzzETRD9wi1Z1P1ZMy
+d/NzHQjj4egPENwDv1PH2voZgsXXzXIqUMOtz9t12TuJUrSA2SBW1tz/evckHhNY
+fHg4ThvTIgwEdV/yvrOEBLV9dXG5IhhF+NW1MegTGkt4SpOoH1pi3o9VekVRnix9
+xrIdaC4Ee6vQaR603HwDS9Y+a1c2KU7QoLX8Vaa904cQ+rxhGsTAkocnZXeo6Hl5
+V8BlDYXxeP86fzcWi04ll2BmEEw/RimHEOLpGqxTVHJ5p5BVSCHP8aCD0VJheaU=
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/src/main/resources/cakey.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/cakey.pem b/lib/kerby-pkix/src/main/resources/cakey.pem
new file mode 100644
index 0000000..66dc806
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/cakey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAwLOcknTZlSMI+8DCcGZ8+zRqRvlBFz80q7yQK0A9bOAdLYk9
+NB8mGQNtMAN4iWDwh4mk52tifN1oELODGqNKSWz6/GNii05TRluunLZuPSVEOp1h
+s2yK4KicqBMx64MR3/hkjRf01YsCLToi/UXiYdd/fpzq6qJRZO1eKh+iCsVShNHA
+AIpHap4L3lc/L4UOalL2XPSajS8NaN60tALYgGeCOM8V1HXqfztAMhZ9EGSTrquf
+usQDouLrpv9xOhqMxID+f7ZR3Wae1JjhF0N13RMG0Cr1Gte1Q5/MZoTtLq34W1jI
+Smu9PgV05NS7JiBI1oj0A1U/XOFD0sAIq6504QIDAQABAoIBAHqFeMax3unxBbQ0
+Aiy/LTX3RJ9tuZITUOTklnG5fZStBkA+oxhxuaJryE+f1VLbvPMgdCXj5BHqIFGG
+IZSdQA1hak9wzWYvXck9X88qOvtLp47xI/6Vw9NFwZ0n3zST+JiD8UK4eaYQpUim
+Tzrj5SU6hEi3crHOlJvsRFPaGwhnA9wycoOo4o22XBj3C8Hwzi4vWcKXH/RCSwZQ
+zFuYbe77Pn9Sv5q5zdglkmm7wngoVt/aKQke/Vk+Eincx1V12b05DNLjugo6FWQh
+0f2MmHpvqNSHs9USC5+y2lKQ1JNHh7mnpPCXkZEH4V7q+3mKVzl9tXzj9Gul20pw
+tneD6WUCgYEA9QUrQoWHKeVMjeukHjDJa2KjRLMmg9YRQyVABH9+nQTp1jYUjMRA
+GUoUx91gG6gjjJD/xvor/U0Fh3vKtZE93c+avrcaYDwf3q/L4gh+3b87lVDfzjrp
+L+MPTpEzWiyyLfr/kLA0TgUjnrj9bav5uDps8mJpNf8s9ZP1/QDhF5sCgYEAyVZA
+pHSIyBI2GT0+92JXvYDK/ZfV5m4RGHaG/PMDoU4IbGbjHVyzzsyzDUgvOASXwfF8
+YzwX7Tf95RZw12P/Jepxt0vqBJPKUCsMLUrmANQvN1Pz8+Vk6UADLM7kNc06MqB9
+/U3GKCFZZuedEhbgXnEV9gzelhILImJGZMxG0zMCgYApymnofLHjGXMHOcvSQmv4
+XuiODShikB59n1rd6YkE6xOfL7YtlEOCjLoipMWBshnuHcUigQUDvSFWTGz0rwMo
+VAKGyOA8zcR5zO4vbVeGJtnYy+SAXlfrjQTNV8K0fK8fXJI+cW9aZ1H9/ntrO0vq
+ejye0t4zEYTvlf782iuKRQKBgQCnTQ7mGRfX+JoPmv8JniR+idkjpNnPYsK96y/8
+XQs1LJx/R3eN3IxlWV+nt8XU7KwWMs5Dv5m6Ov61MFKQCL3qCch4oZJSP2Sr/Tlf
+IY/CPI8HkLF0h7e0wsZgo4Kq2mBz1T0cEVaJ3jxl8Cxq7at/jsTK8qK7XT73UWZh
+OAXaVQKBgDmg2QTX7c0/dbDMOuw18g3xfE/oqU+VWT784wtvpcdjHR+KAVLWHG8l
+oc/bm8Bs0o0f5dfH7uUvWdP6JMvbgYZBgIMqw+iH8P2lFCLzIRf0me/l+r0Oi64U
+5jp9K+7Ggc7S0SSnCLmBLMN5lXQZbhzks1La7DZmFeAz8rOEnlUB
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/src/main/resources/extensions.kdc
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/extensions.kdc b/lib/kerby-pkix/src/main/resources/extensions.kdc
new file mode 100644
index 0000000..8052f71
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/extensions.kdc
@@ -0,0 +1,36 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+[kdc_cert]
+basicConstraints=CA:FALSE
+keyUsage=nonRepudiation,digitalSignature,keyEncipherment,keyAgreement
+extendedKeyUsage=1.3.6.1.5.2.3.5
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+issuerAltName=issuer:copy
+subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name
+
+[kdc_princ_name]
+realm=EXP:0,GeneralString:${ENV::REALM}
+principal_name=EXP:1,SEQUENCE:kdc_principal_seq
+
+[kdc_principal_seq]
+name_type=EXP:0,INTEGER:1
+name_string=EXP:1,SEQUENCE:kdc_principals
+
+[kdc_principals]
+princ1=GeneralString:krbtgt
+princ2=GeneralString:${ENV::REALM}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/src/main/resources/kdccert.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/kdccert.pem b/lib/kerby-pkix/src/main/resources/kdccert.pem
new file mode 100644
index 0000000..67e538c
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/kdccert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
+fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
+quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
+nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
+EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
+JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
+DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
+Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
+HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
+ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
+AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
+YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
+txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
+R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
+FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
+5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/src/main/resources/kdckey.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/kdckey.pem b/lib/kerby-pkix/src/main/resources/kdckey.pem
new file mode 100644
index 0000000..c9e75e2
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/kdckey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
+8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
+2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
+GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
+fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
+DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
+QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
+6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
+bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
+5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
+8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
+XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
+kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
+Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
+P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
+KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
+qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
+7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
+UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
+n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
+5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
+AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
+KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
+9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
+7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/src/main/resources/usercert.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/usercert.pem b/lib/kerby-pkix/src/main/resources/usercert.pem
new file mode 100644
index 0000000..67e538c
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/usercert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
+fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
+quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
+nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
+EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
+JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
+DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
+Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
+HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
+ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
+AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
+YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
+txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
+R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
+FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
+5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/src/main/resources/userkey.pem
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/main/resources/userkey.pem b/lib/kerby-pkix/src/main/resources/userkey.pem
new file mode 100644
index 0000000..c9e75e2
--- /dev/null
+++ b/lib/kerby-pkix/src/main/resources/userkey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
+8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
+2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
+GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
+fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
+DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
+QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
+6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
+bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
+5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
+8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
+XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
+kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
+Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
+P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
+KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
+qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
+7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
+UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
+n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
+5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
+AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
+KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
+9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
+7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-pkix/src/test/java/org/apache/kerby/pki/PkixTest.java
----------------------------------------------------------------------
diff --git a/lib/kerby-pkix/src/test/java/org/apache/kerby/pki/PkixTest.java b/lib/kerby-pkix/src/test/java/org/apache/kerby/pki/PkixTest.java
new file mode 100644
index 0000000..f827247
--- /dev/null
+++ b/lib/kerby-pkix/src/test/java/org/apache/kerby/pki/PkixTest.java
@@ -0,0 +1,60 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.pki;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.security.GeneralSecurityException;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.util.List;
+
+/**
+ openssl genrsa -out cakey.pem 2048
+ openssl req -key cakey.pem -new -x509 -out cacert.pem -days 3650
+ vi extensions.kdc
+ openssl genrsa -out kdckey.pem 2048
+ openssl req -new -out kdc.req -key kdckey.pem
+ env REALM=SH.INTEL.COM openssl x509 -req -in kdc.req -CAkey cakey.pem \
+ -CA cacert.pem -out kdc.pem -days 365 -extfile extensions.kdc -extensions kdc_cert -CAcreateserial
+ */
+public class PkixTest {
+
+ @Test
+ public void loadCert() throws CertificateException, IOException {
+ InputStream res = getClass().getResourceAsStream("/usercert.pem");
+ List<Certificate> certs = Pkix.getCerts(res);
+ Certificate userCert = certs.iterator().next();
+
+ Assert.assertNotNull(userCert);
+ }
+
+ @Test
+ public void loadKey() throws GeneralSecurityException, IOException {
+ InputStream res = getClass().getResourceAsStream("/userkey.pem");
+ PrivateKey key = Pkix.getPrivateKey(res, null);
+
+ Assert.assertNotNull(key);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-token/pom.xml
----------------------------------------------------------------------
diff --git a/lib/kerby-token/pom.xml b/lib/kerby-token/pom.xml
new file mode 100644
index 0000000..60a8dfd
--- /dev/null
+++ b/lib/kerby-token/pom.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>lib</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-token</artifactId>
+ <name>Kerby-token Project</name>
+ <version>1.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
+
+ <dependencies>
+ <dependency>
+ <groupId>com.nimbusds</groupId>
+ <artifactId>nimbus-jose-jwt</artifactId>
+ <version>3.2</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-asn1</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ </dependencies>
+
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-token/src/main/java/org/apache/kerby/token/AuthzDataEntry.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/AuthzDataEntry.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/AuthzDataEntry.java
new file mode 100644
index 0000000..d4bfedb
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/AuthzDataEntry.java
@@ -0,0 +1,52 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import org.apache.kerby.asn1.type.Asn1FieldInfo;
+import org.apache.kerby.asn1.type.Asn1Integer;
+import org.apache.kerby.asn1.type.Asn1OctetString;
+import org.apache.kerby.asn1.type.Asn1SequenceType;
+
+/**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+public class AuthzDataEntry extends Asn1SequenceType {
+ static int AD_TYPE = 0;
+ static int AD_DATA = 1;
+
+ public AuthzDataEntry() {
+ super(new Asn1FieldInfo[] {
+ new Asn1FieldInfo(AD_TYPE, Asn1Integer.class),
+ new Asn1FieldInfo(AD_DATA, Asn1OctetString.class)
+ });
+ }
+
+ public int getAuthzType() {
+ Integer value = getFieldAsInteger(AD_TYPE);
+ return value;
+ }
+
+ public byte[] getAuthzData() {
+ return getFieldAsOctets(AD_DATA);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-token/src/main/java/org/apache/kerby/token/KerbToken.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/KerbToken.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/KerbToken.java
new file mode 100644
index 0000000..be4a127
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/KerbToken.java
@@ -0,0 +1,47 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import java.util.Map;
+
+public class KerbToken {
+
+ private Map<String, Object> attributes;
+
+ public KerbToken(Map<String, Object> attributes) {
+ this.attributes = attributes;
+ }
+
+ public Map<String, Object> getAttributes() {
+ return attributes;
+ }
+
+ public String getPrincipal() {
+ return (String) attributes.get("sub");
+ }
+
+ public String[] getGroups() {
+ String grp = (String) attributes.get("group");
+ if (grp != null) {
+ return new String[] { grp };
+ }
+ return new String[0];
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenCache.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenCache.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenCache.java
new file mode 100644
index 0000000..51e3593
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenCache.java
@@ -0,0 +1,82 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import java.io.*;
+
+public class TokenCache {
+ private static final String DEFAULT_TOKEN_CACHE_PATH = ".tokenauth";
+ private static final String TOKEN_CACHE_FILE = ".tokenauth.token";
+
+ public static String readToken(String tokenCacheFile) {
+ File cacheFile = null;
+
+ if (tokenCacheFile != null && ! tokenCacheFile.isEmpty()) {
+ cacheFile = new File(tokenCacheFile);
+ if (!cacheFile.exists()) {
+ throw new RuntimeException("Invalid token cache specified: " + tokenCacheFile);
+ };
+ } else {
+ cacheFile = getDefaultTokenCache();
+ if (!cacheFile.exists()) {
+ throw new RuntimeException("No token cache available by default");
+ };
+ }
+
+ String token = null;
+ try {
+ BufferedReader reader = new BufferedReader(new FileReader(cacheFile));
+ String line = reader.readLine();
+ reader.close();
+ if (line != null) {
+ token = line;
+ }
+ } catch (IOException ex) {
+ //NOP
+ }
+
+ return token;
+ }
+
+ public static void writeToken(String token) {
+ File cacheFile = getDefaultTokenCache();
+
+ try {
+ Writer writer = new FileWriter(cacheFile);
+ writer.write(token.toString());
+ writer.close();
+ // sets read-write permissions to owner only
+ cacheFile.setReadable(false, false);
+ cacheFile.setReadable(true, true);
+ cacheFile.setWritable(true, true);
+ }
+ catch (IOException ioe) {
+ // if case of any error we just delete the cache, if user-only
+ // write permissions are not properly set a security exception
+ // is thrown and the file will be deleted.
+ cacheFile.delete();
+ }
+ }
+
+ public static File getDefaultTokenCache() {
+ String homeDir = System.getProperty("user.home", DEFAULT_TOKEN_CACHE_PATH);
+ return new File(homeDir, TOKEN_CACHE_FILE);
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenExtractor.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenExtractor.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenExtractor.java
new file mode 100644
index 0000000..8e43384
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenExtractor.java
@@ -0,0 +1,101 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import com.sun.security.jgss.AuthorizationDataEntry;
+import com.sun.security.jgss.ExtendedGSSContext;
+import com.sun.security.jgss.InquireType;
+import org.apache.kerby.asn1.type.Asn1SequenceOf;
+import org.ietf.jgss.GSSContext;
+import org.ietf.jgss.GSSException;
+
+import java.io.IOException;
+import java.util.List;
+
+public class TokenExtractor {
+ static final int JWT_AUTHZ_DATA_TYPE = 81;
+ public static final int AD_IF_RELEVANT_TYPE = 1;
+
+ /**
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+ ad-type [0] Int32,
+ ad-data [1] OCTET STRING
+ }
+ */
+ public static class AuthorizationData extends Asn1SequenceOf<AuthzDataEntry> {
+
+ }
+
+ public static KerbToken checkAuthzData(GSSContext context) throws GSSException, IOException {
+ System.out.println("Looking for token from authorization data in GSSContext");
+
+ Object authzData = null;
+ if (context instanceof ExtendedGSSContext) {
+ ExtendedGSSContext ex = (ExtendedGSSContext)context;
+ authzData = ex.inquireSecContext(
+ InquireType.KRB5_GET_AUTHZ_DATA);
+ }
+
+ if (authzData != null) {
+ AuthorizationDataEntry[] authzEntries = (AuthorizationDataEntry[]) authzData;
+ KerbToken resultToken = null;
+ for (int i = 0; i < authzEntries.length; ++i) {
+ resultToken = getAuthzToken(authzEntries[i]);
+ if (resultToken != null) {
+ return resultToken;
+ }
+ }
+ }
+ return null;
+ }
+
+ public static KerbToken getAuthzToken(AuthorizationDataEntry authzDataEntry) throws IOException {
+ if (authzDataEntry.getType() == AD_IF_RELEVANT_TYPE) {
+ String token = getToken(authzDataEntry);
+ if (token == null) {
+ return null;
+ }
+
+ try {
+ return TokenTool.fromJwtToken(token);
+ } catch (Exception e) {
+ // noop when not jwt token
+ }
+ }
+
+ return null;
+ }
+
+ public static String getToken(AuthorizationDataEntry authzDataEntry) throws IOException {
+ List<AuthzDataEntry> entries = decode(authzDataEntry);
+ for (AuthzDataEntry entry : entries) {
+ if (entry.getAuthzType() == JWT_AUTHZ_DATA_TYPE) {
+ return new String(entry.getAuthzData());
+ }
+ }
+ return null;
+ }
+
+ public static List<AuthzDataEntry> decode(AuthorizationDataEntry authzDataEntry) throws IOException {
+ AuthorizationData authzData = new AuthorizationData();
+ authzData.decode(authzDataEntry.getData());
+ return authzData.getElements();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenTool.java
----------------------------------------------------------------------
diff --git a/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenTool.java b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenTool.java
new file mode 100644
index 0000000..2de1973
--- /dev/null
+++ b/lib/kerby-token/src/main/java/org/apache/kerby/token/TokenTool.java
@@ -0,0 +1,124 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.token;
+
+import com.nimbusds.jose.PlainHeader;
+import com.nimbusds.jwt.JWT;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.PlainJWT;
+
+import java.text.ParseException;
+import java.util.*;
+
+public class TokenTool {
+
+ public static JWT issueToken(String principal, String group, String role) {
+ // must have for kerb-token
+ String krbPrincipal = principal + "@SH.INTEL.COM";
+
+ PlainHeader header = new PlainHeader();
+ //header.setCustomParameter("krbPrincipal", krbPrincipal);
+
+ JWTClaimsSet jwtClaims = new JWTClaimsSet();
+
+ String iss = "token-service";
+ jwtClaims.setIssuer(iss);
+
+ String sub = principal;
+ jwtClaims.setSubject(sub);
+
+ // must have for kerb-token
+ jwtClaims.setSubject(krbPrincipal);
+
+ jwtClaims.setClaim("group", group);
+ if (role != null) {
+ jwtClaims.setClaim("role", role);
+ }
+
+ List<String> aud = new ArrayList<String>();
+ aud.add("krb5kdc-with-token-extension");
+ jwtClaims.setAudience(aud);
+
+ // Set expiration in 60 minutes
+ final Date NOW = new Date(new Date().getTime() / 1000 * 1000);
+ Date exp = new Date(NOW.getTime() + 1000 * 60 * 60);
+ jwtClaims.setExpirationTime(exp);
+
+ Date nbf = NOW;
+ jwtClaims.setNotBeforeTime(nbf);
+
+ Date iat = NOW;
+ jwtClaims.setIssueTime(iat);
+
+ String jti = UUID.randomUUID().toString();
+ jwtClaims.setJWTID(jti);
+
+ PlainJWT jwt = new PlainJWT(header, jwtClaims);
+ return jwt;
+ }
+
+ public static JWT decodeToken(String token) throws ParseException {
+ PlainJWT jwt = PlainJWT.parse(token);
+
+ return jwt;
+ }
+
+ public static KerbToken fromJwtToken(String token) throws ParseException {
+ Map<String, Object> attrs = decodeAndExtractTokenAttributes(token);
+ return new KerbToken(attrs);
+ }
+
+ public static Map<String, Object> decodeAndExtractTokenAttributes(String token) throws ParseException {
+ PlainJWT jwt = PlainJWT.parse(token);
+
+ Map<String, Object> attrs = new HashMap<String, Object>();
+ attrs.putAll(jwt.getJWTClaimsSet().getAllClaims());
+ //attrs.putAll(jwt.getHeader().getCustomParameters());
+
+ return attrs;
+ }
+
+ public static void main(String[] args) throws ParseException {
+ String principal, group, role = null;
+
+ if (args.length != 2 && args.length != 3) {
+ System.out.println("This is a simple token issuing tool just for kerb-token PoC usage\n");
+ System.out.println("tokeninit <username> <group> [role]\n");
+ System.exit(1);
+ }
+ principal = args[0];
+ group = args[1];
+ if (args.length > 2) {
+ role = args[2];
+ }
+
+ JWT jwt = issueToken(principal, group, role);
+ String token = jwt.serialize();
+
+ TokenCache.writeToken(token);
+ System.out.println("Issued token: " + token);
+
+ /*
+ JWT jwt2 = decodeToken(token);
+ String krbPrincipal = (String) jwt2.getHeader().getCustomParameter("krbPrincipal");
+ System.out.println("Decoded token with krbprincipal: " + krbPrincipal);
+ */
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-util/pom.xml
----------------------------------------------------------------------
diff --git a/lib/kerby-util/pom.xml b/lib/kerby-util/pom.xml
new file mode 100644
index 0000000..b3ccb27
--- /dev/null
+++ b/lib/kerby-util/pom.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>lib</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-util</artifactId>
+
+ <name>Kerby Util</name>
+ <description>Kerby common util, without any 3rd party dependency</description>
+
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/kerby-util/src/main/java/org/apache/kerby/util/HexUtil.java
----------------------------------------------------------------------
diff --git a/lib/kerby-util/src/main/java/org/apache/kerby/util/HexUtil.java b/lib/kerby-util/src/main/java/org/apache/kerby/util/HexUtil.java
new file mode 100644
index 0000000..1e6ec50
--- /dev/null
+++ b/lib/kerby-util/src/main/java/org/apache/kerby/util/HexUtil.java
@@ -0,0 +1,58 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.util;
+
+public class HexUtil {
+
+ final static String HEX_CHARS_STR = "0123456789ABCDEF";
+ final static char[] HEX_CHARS = HEX_CHARS_STR.toCharArray();
+
+ /**
+ * Convert bytes into format as:
+ * 02020080
+ */
+ public static String bytesToHex(byte[] bytes) {
+ int len = bytes.length * 2;
+ char[] hexChars = new char[len];
+ for ( int j = 0; j < bytes.length; j++ ) {
+ int v = bytes[j] & 0xFF;
+ hexChars[j * 2] = HEX_CHARS[v >>> 4];
+ hexChars[j * 2 + 1] = HEX_CHARS[v & 0x0F];
+ }
+
+ return new String(hexChars);
+ }
+
+ /**
+ * Convert hex string like follows into byte array
+ * 02020080
+ */
+ public static byte[] hex2bytes(String hexString) {
+ hexString = hexString.toUpperCase();
+ int len = hexString.length() / 2;
+ byte[] bytes = new byte[len];
+ char[] hexChars = hexString.toCharArray();
+ for (int i = 0, j = 0; i < len; ++i) {
+ bytes[i] = (byte) ((HEX_CHARS_STR.indexOf(hexChars[j++]) << 4) + HEX_CHARS_STR.indexOf(hexChars[j++]));
+ }
+
+ return bytes;
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/lib/pom.xml
----------------------------------------------------------------------
diff --git a/lib/pom.xml b/lib/pom.xml
index 06fdc64..149d45e 100644
--- a/lib/pom.xml
+++ b/lib/pom.xml
@@ -16,8 +16,8 @@
<modelVersion>4.0.0</modelVersion>
<parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-all</artifactId>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
@@ -27,11 +27,11 @@
<packaging>pom</packaging>
<modules>
- <module>haox-config</module>
- <module>haox-event</module>
- <module>haox-pkix</module>
- <module>haox-token</module>
- <module>haox-util</module>
+ <module>kerby-config</module>
+ <module>kerby-event</module>
+ <module>kerby-pkix</module>
+ <module>kerby-token</module>
+ <module>kerby-util</module>
</modules>
<dependencies>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 1f8b3ca..c89e94e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -15,21 +15,14 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
- <parent>
- <groupId>org.apache</groupId>
- <artifactId>apache</artifactId>
- <version>16</version>
- <relativePath />
- </parent>
-
- <groupId>org.haox</groupId>
- <artifactId>haox-all</artifactId>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>pom</packaging>
- <name>Haox Project</name>
- <description>Haox, just for the way</description>
- <url>http://www.haox.org</url>
+ <name>Apache Kerby Project</name>
+ <description>Apache Kerby project</description>
+ <url>http://www.kerby.org</url>
<inceptionYear>2014</inceptionYear>
<properties>
@@ -45,10 +38,10 @@
<modules>
<module>3rdparty</module>
<module>lib</module>
- <module>haox-asn1</module>
- <module>haox-kerb</module>
- <module>kdc-server</module>
- <module>tools</module>
+ <module>kerby-asn1</module>
+ <module>kerby-kerb</module>
+ <module>kerby-kdc</module>
+ <module>tool</module>
<module>kdc-backend</module>
<module>benchmark</module>
</modules>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/tool/pom.xml
----------------------------------------------------------------------
diff --git a/tool/pom.xml b/tool/pom.xml
new file mode 100644
index 0000000..6862b35
--- /dev/null
+++ b/tool/pom.xml
@@ -0,0 +1,45 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>tool</artifactId>
+ <name>Tool</name>
+ <description>Kerby KDC and client tools</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-client</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-token</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/tool/src/main/java/org/apache/kerberos/tool/Kinit.java
----------------------------------------------------------------------
diff --git a/tool/src/main/java/org/apache/kerberos/tool/Kinit.java b/tool/src/main/java/org/apache/kerberos/tool/Kinit.java
new file mode 100644
index 0000000..7362c4f
--- /dev/null
+++ b/tool/src/main/java/org/apache/kerberos/tool/Kinit.java
@@ -0,0 +1,42 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.tool;
+
+import org.apache.kerby.kerberos.kerb.client.KrbClient;
+
+/**
+ * kinit like tool
+ */
+public class Kinit {
+
+ public static void main(String[] args) throws Exception {
+ if (args.length < 2 || args.length > 3) {
+ System.err.println(
+ "Usage: " + Kinit.class.getSimpleName() +
+ " <kdcHost> <kdcPort>");
+ return;
+ }
+
+ final String host = args[0];
+ final Integer port = Integer.parseInt(args[1]);
+ KrbClient krbClnt = new KrbClient(host, port.shortValue());
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/tools/pom.xml
----------------------------------------------------------------------
diff --git a/tools/pom.xml b/tools/pom.xml
deleted file mode 100644
index dd7a25b..0000000
--- a/tools/pom.xml
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License. See accompanying LICENSE file.
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.haox</groupId>
- <artifactId>haox-all</artifactId>
- <version>1.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>tools</artifactId>
- <name>Tools</name>
- <description>Haox KDC Tools</description>
-
- <dependencies>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-config</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>kerb-client</artifactId>
- <version>${project.version}</version>
- </dependency>
- <dependency>
- <groupId>org.haox</groupId>
- <artifactId>haox-token</artifactId>
- <version>${project.version}</version>
- </dependency>
- </dependencies>
-</project>
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/7d9261af/tools/src/main/java/org/apache/kerberos/tool/Kinit.java
----------------------------------------------------------------------
diff --git a/tools/src/main/java/org/apache/kerberos/tool/Kinit.java b/tools/src/main/java/org/apache/kerberos/tool/Kinit.java
deleted file mode 100644
index 891b84a..0000000
--- a/tools/src/main/java/org/apache/kerberos/tool/Kinit.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerberos.tool;
-
-import org.apache.kerberos.kerb.client.KrbClient;
-
-/**
- * kinit like tool
- */
-public class Kinit {
-
- public static void main(String[] args) throws Exception {
- if (args.length < 2 || args.length > 3) {
- System.err.println(
- "Usage: " + Kinit.class.getSimpleName() +
- " <kdcHost> <kdcPort>");
- return;
- }
-
- final String host = args[0];
- final Integer port = Integer.parseInt(args[1]);
- KrbClient krbClnt = new KrbClient(host, port.shortValue());
- }
-
-}