You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ka...@apache.org on 2015/07/02 10:15:41 UTC
[1/5] directory-kerby git commit: o removed some setters on principal
o set the default expiration time to NEVER
Repository: directory-kerby
Updated Branches:
refs/heads/master 5bb643cea -> d534db856
o removed some setters on principal
o set the default expiration time to NEVER
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/d2aa0255
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/d2aa0255
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/d2aa0255
Branch: refs/heads/master
Commit: d2aa02550395c41707e94b73d0e6a51a440f90c9
Parents: 5bb643c
Author: Kiran Ayyagari <ka...@apache.org>
Authored: Thu Jul 2 15:53:01 2015 +0800
Committer: Kiran Ayyagari <ka...@apache.org>
Committed: Thu Jul 2 15:53:01 2015 +0800
----------------------------------------------------------------------
.../kerby/kerberos/kerb/identity/KrbIdentity.java | 12 ++----------
1 file changed, 2 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/d2aa0255/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
index e7b1bd1..53f9a6b 100644
--- a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
@@ -50,8 +50,8 @@ public class KrbIdentity {
/** flag to indicate if this identity was locked */
private boolean locked;
- /** the expiration time of the identity */
- private KerberosTime expireTime = new KerberosTime(253402300799900L);
+ /** the expiration time of the identity, default set to never expire */
+ private KerberosTime expireTime = KerberosTime.NEVER;
/** the creation time of the identity */
private KerberosTime createdTime = KerberosTime.now();
@@ -68,18 +68,10 @@ public class KrbIdentity {
return principal.getName();
}
- public void setPrincipalName(String newPrincipalName) {
- principal = new PrincipalName(newPrincipalName);
- }
-
public PrincipalName getPrincipal() {
return principal;
}
- public void setPrincipal(PrincipalName principal) {
- this.principal = principal;
- }
-
public KerberosTime getExpireTime() {
return expireTime;
}
[4/5] directory-kerby git commit: added a convenient method to call
all the testXXX() methods
Posted by ka...@apache.org.
added a convenient method to call all the testXXX() methods
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/c6e13097
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/c6e13097
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/c6e13097
Branch: refs/heads/master
Commit: c6e130975d5cdb631f4cb13e6dc4dbfec83071d2
Parents: 4464d11
Author: Kiran Ayyagari <ka...@apache.org>
Authored: Thu Jul 2 16:13:32 2015 +0800
Committer: Kiran Ayyagari <ka...@apache.org>
Committed: Thu Jul 2 16:13:32 2015 +0800
----------------------------------------------------------------------
.../kerberos/kerb/identity/backend/BackendTest.java | 12 ++++++++++++
1 file changed, 12 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c6e13097/kerby-kerb/kerb-identity-test/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/BackendTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity-test/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/BackendTest.java b/kerby-kerb/kerb-identity-test/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/BackendTest.java
index 8960060..8361eac 100644
--- a/kerby-kerb/kerb-identity-test/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/BackendTest.java
+++ b/kerby-kerb/kerb-identity-test/src/test/java/org/apache/kerby/kerberos/kerb/identity/backend/BackendTest.java
@@ -44,6 +44,18 @@ public abstract class BackendTest {
EncryptionType.DES3_CBC_SHA1_KD
};
+ /**
+ * A convenient method to run all tests on the given backend
+ * @param backend an instance of the backend to be tested
+ */
+ public void testAll(IdentityBackend backend) {
+ testStore(backend);
+ testGet(backend);
+ testUpdate(backend);
+ testDelete(backend);
+ testGetIdentities(backend);
+ }
+
protected void testGet(IdentityBackend backend) {
KrbIdentity kid = createOneIdentity(TEST_PRINCIPAL);
backend.addIdentity(kid);
[3/5] directory-kerby git commit: o fixed lessThan() method o removed
a null check (it is not needed) o added javadoc (copied them from ApacheDS's
KerberosTime)
Posted by ka...@apache.org.
o fixed lessThan() method
o removed a null check (it is not needed)
o added javadoc (copied them from ApacheDS's KerberosTime)
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/4464d112
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/4464d112
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/4464d112
Branch: refs/heads/master
Commit: 4464d1124935f44127e7a3b31e77b60d85904b0d
Parents: 3d37ad2
Author: Kiran Ayyagari <ka...@apache.org>
Authored: Thu Jul 2 16:11:46 2015 +0800
Committer: Kiran Ayyagari <ka...@apache.org>
Committed: Thu Jul 2 16:11:46 2015 +0800
----------------------------------------------------------------------
.../kerby/kerberos/kerb/spec/KerberosTime.java | 30 +++++++++++++-------
1 file changed, 20 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/4464d112/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosTime.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosTime.java b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosTime.java
index db105fe..2a39ec8 100644
--- a/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosTime.java
+++ b/kerby-kerb/kerb-core/src/main/java/org/apache/kerby/kerberos/kerb/spec/KerberosTime.java
@@ -1,4 +1,4 @@
-/**
+/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
@@ -19,24 +19,37 @@
*/
package org.apache.kerby.kerberos.kerb.spec;
-import org.apache.kerby.asn1.type.Asn1GeneralizedTime;
-
import java.util.Date;
+import org.apache.kerby.asn1.type.Asn1GeneralizedTime;
+
/**
- KerberosTime ::= GeneralizedTime -- with no fractional seconds
+ * A specialization of the ASN.1 GeneralTime. The Kerberos time contains date and
+ * time up to the seconds, but with no fractional seconds. It's also always
+ * expressed as UTC timeZone, thus the 'Z' at the end of its string representation.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
*/
public class KerberosTime extends Asn1GeneralizedTime {
+
+ /** Constant for the {@link KerberosTime} "infinity." */
public static final KerberosTime NEVER = new KerberosTime(Long.MAX_VALUE);
+ /** The number of milliseconds in a minute. */
public static final int MINUTE = 60000;
+ /** The number of milliseconds in a day. */
public static final int DAY = MINUTE * 1440;
+ /** The number of milliseconds in a week. */
public static final int WEEK = MINUTE * 10080;
+ /**
+ * Creates a new instance of a KerberosTime object with the current time
+ */
public KerberosTime() {
- super(0L);
+ // divide current time by 1000 to drop the ms then multiply by 1000 to convert to ms
+ super((System.currentTimeMillis() / 1000L) * 1000L);
}
/**
@@ -50,10 +63,7 @@ public class KerberosTime extends Asn1GeneralizedTime {
* Return time in milliseconds
*/
public long getTime() {
- if (getValue() != null) {
- return getValue().getTime();
- }
- return 0L;
+ return getValue().getTime();
}
/**
@@ -78,7 +88,7 @@ public class KerberosTime extends Asn1GeneralizedTime {
* @param time in milliseconds
*/
public boolean lessThan(long time) {
- return getValue().getTime() <= time;
+ return getValue().getTime() < time;
}
/**
[2/5] directory-kerby git commit: re-instated the removed setters
(kadmin needs them)
Posted by ka...@apache.org.
re-instated the removed setters (kadmin needs them)
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/3d37ad26
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/3d37ad26
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/3d37ad26
Branch: refs/heads/master
Commit: 3d37ad2631d969110eeb05f62e1d3d437011115a
Parents: d2aa025
Author: Kiran Ayyagari <ka...@apache.org>
Authored: Thu Jul 2 16:10:02 2015 +0800
Committer: Kiran Ayyagari <ka...@apache.org>
Committed: Thu Jul 2 16:10:02 2015 +0800
----------------------------------------------------------------------
.../org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java | 8 ++++++++
1 file changed, 8 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/3d37ad26/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
index 53f9a6b..b36a015 100644
--- a/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
+++ b/kerby-kerb/kerb-identity/src/main/java/org/apache/kerby/kerberos/kerb/identity/KrbIdentity.java
@@ -68,10 +68,18 @@ public class KrbIdentity {
return principal.getName();
}
+ public void setPrincipalName(String newPrincipalName) {
+ principal = new PrincipalName(newPrincipalName);
+ }
+
public PrincipalName getPrincipal() {
return principal;
}
+ public void setPrincipal(PrincipalName principal) {
+ this.principal = principal;
+ }
+
public KerberosTime getExpireTime() {
return expireTime;
}
[5/5] directory-kerby git commit: implementation and tests
Posted by ka...@apache.org.
implementation and tests
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/d534db85
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/d534db85
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/d534db85
Branch: refs/heads/master
Commit: d534db856a2f403407462a2da7f5bd1e7bdc0113
Parents: c6e1309
Author: Kiran Ayyagari <ka...@apache.org>
Authored: Thu Jul 2 16:14:47 2015 +0800
Committer: Kiran Ayyagari <ka...@apache.org>
Committed: Thu Jul 2 16:14:47 2015 +0800
----------------------------------------------------------------------
.../org/apache/kerby/KrbIdentitySerializer.java | 121 +++++++++++++++++--
.../java/org/apache/kerby/MavibotBackend.java | 117 ++++++++++++++++--
.../apache/kerby/KrbIdentitySerializerTest.java | 106 ++++++++++++++++
.../org/apache/kerby/MavibotBackendTest.java | 89 ++++++++++++++
4 files changed, 419 insertions(+), 14 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/d534db85/kerby-backend/mavibot/src/main/java/org/apache/kerby/KrbIdentitySerializer.java
----------------------------------------------------------------------
diff --git a/kerby-backend/mavibot/src/main/java/org/apache/kerby/KrbIdentitySerializer.java b/kerby-backend/mavibot/src/main/java/org/apache/kerby/KrbIdentitySerializer.java
index b8a494a..0452ccd 100644
--- a/kerby-backend/mavibot/src/main/java/org/apache/kerby/KrbIdentitySerializer.java
+++ b/kerby-backend/mavibot/src/main/java/org/apache/kerby/KrbIdentitySerializer.java
@@ -19,16 +19,24 @@
*/
package org.apache.kerby;
+import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.Comparator;
+import java.util.Map;
import org.apache.directory.mavibot.btree.serializer.BufferHandler;
import org.apache.directory.mavibot.btree.serializer.ElementSerializer;
+import org.apache.directory.mavibot.btree.serializer.IntSerializer;
+import org.apache.directory.mavibot.btree.serializer.LongSerializer;
+import org.apache.directory.mavibot.btree.serializer.StringSerializer;
import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.base.EncryptionType;
/**
- * Serializer class for KrbIdentity.
+ * Serializer for KrbIdentity.
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
*/
@@ -40,29 +48,128 @@ public class KrbIdentitySerializer implements ElementSerializer<KrbIdentity> {
private KrbIdentityComparator comparator = KrbIdentityComparator.INSTANCE;
@Override
- public byte[] serialize(KrbIdentity key) {
- return null;
+ public byte[] serialize(KrbIdentity entry) {
+
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+
+ try {
+ //out.write(IntSerializer.serialize(0)); // placeholder for length prefix
+
+ // the principalName
+ out.write(StringSerializer.INSTANCE.serialize(entry.getPrincipalName()));
+
+ // key version
+ out.write(IntSerializer.serialize(entry.getKeyVersion()));
+
+ out.write(IntSerializer.serialize(entry.getKdcFlags()));
+
+ // mask for disabled and lock flags
+ byte mask = 0;
+
+ if(entry.isDisabled()) {
+ mask |= 1 << 1;
+ }
+
+ if(entry.isLocked()) {
+ mask |= 1 << 2;
+ }
+
+ out.write(mask);
+
+ // creation time
+ out.write(LongSerializer.serialize(entry.getCreatedTime().getTime()));
+
+ // expiration time
+ out.write(LongSerializer.serialize(entry.getExpireTime().getTime()));
+
+ Map<EncryptionType, EncryptionKey> keys = entry.getKeys();
+ // num keys
+ out.write(IntSerializer.serialize(keys.size()));
+
+ for(EncryptionKey ek : keys.values()) {
+ int type = ek.getKeyType().getValue();
+ out.write(IntSerializer.serialize(type));
+ byte[] data = ek.getKeyData();
+ out.write(IntSerializer.serialize(data.length));
+ out.write(data);
+ }
+
+ byte[] data = out.toByteArray();
+ //int length = data.length - 4; // remove the prefix bytes
+
+ // put the actual length
+ //IntSerializer.serialize(data, 0, length);
+
+ return data;
+ }
+ catch(Exception e) {
+ throw new IllegalStateException("Failed to serialize the identity " + entry);
+ }
}
@Override
public KrbIdentity deserialize(BufferHandler bufferHandler)
throws IOException {
- return null;
+ return fromBytes(bufferHandler.getBuffer());
}
@Override
public KrbIdentity deserialize(ByteBuffer buffer) throws IOException {
- return null;
+ KrbIdentity id = null;
+
+ String principal = StringSerializer.INSTANCE.deserialize(buffer);
+
+ id = new KrbIdentity(principal);
+
+ int kvno = IntSerializer.INSTANCE.deserialize(buffer);
+ id.setKeyVersion(kvno);
+
+ int flags = IntSerializer.INSTANCE.deserialize(buffer);
+ id.setKdcFlags(flags);
+
+ byte mask = buffer.get();
+
+ if((mask & 2) != 0) {
+ id.setDisabled(true);
+ }
+
+ if((mask & 4) != 0) {
+ id.setLocked(true);
+ }
+
+ long creationTime = LongSerializer.INSTANCE.deserialize(buffer);
+ id.setCreatedTime(new KerberosTime(creationTime));
+
+ long exprTime = LongSerializer.INSTANCE.deserialize(buffer);
+ id.setExpireTime(new KerberosTime(exprTime));
+
+ int numKeys = IntSerializer.INSTANCE.deserialize(buffer);
+
+ for(int i=0; i<numKeys; i++) {
+ int keyType = IntSerializer.INSTANCE.deserialize(buffer);
+ int keyLen = IntSerializer.INSTANCE.deserialize(buffer);
+
+ byte[] keyData = new byte[keyLen];
+ buffer.get(keyData);
+
+ EncryptionKey ek = new EncryptionKey(keyType, keyData);
+
+ id.addKey(ek);
+ }
+
+ return id;
}
@Override
public KrbIdentity fromBytes(byte[] buffer) throws IOException {
- return null;
+ ByteBuffer buf = ByteBuffer.wrap(buffer);
+ return deserialize(buf);
}
@Override
public KrbIdentity fromBytes(byte[] buffer, int pos) throws IOException {
- return null;
+ ByteBuffer buf = ByteBuffer.wrap(buffer, pos, buffer.length - pos);
+ return deserialize(buf);
}
@Override
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/d534db85/kerby-backend/mavibot/src/main/java/org/apache/kerby/MavibotBackend.java
----------------------------------------------------------------------
diff --git a/kerby-backend/mavibot/src/main/java/org/apache/kerby/MavibotBackend.java b/kerby-backend/mavibot/src/main/java/org/apache/kerby/MavibotBackend.java
index 50aef65..c000b38 100644
--- a/kerby-backend/mavibot/src/main/java/org/apache/kerby/MavibotBackend.java
+++ b/kerby-backend/mavibot/src/main/java/org/apache/kerby/MavibotBackend.java
@@ -19,13 +19,26 @@
*/
package org.apache.kerby;
-import org.apache.directory.mavibot.btree.*;
+import java.io.File;
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.management.openmbean.KeyAlreadyExistsException;
+
+import org.apache.directory.mavibot.btree.BTree;
+import org.apache.directory.mavibot.btree.BTreeFactory;
+import org.apache.directory.mavibot.btree.BTreeTypeEnum;
+import org.apache.directory.mavibot.btree.KeyCursor;
+import org.apache.directory.mavibot.btree.PersistedBTreeConfiguration;
+import org.apache.directory.mavibot.btree.RecordManager;
+import org.apache.directory.mavibot.btree.Tuple;
+import org.apache.directory.mavibot.btree.exception.KeyNotFoundException;
import org.apache.directory.mavibot.btree.serializer.StringSerializer;
import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
import org.apache.kerby.kerberos.kerb.identity.backend.AbstractIdentityBackend;
-
-import java.io.File;
-import java.util.List;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
* A backend based on Apache Mavibot(an MVCC BTree library).
@@ -45,6 +58,8 @@ public class MavibotBackend extends AbstractIdentityBackend {
/** name of the database file */
private static final String DATABASE_NAME = "kerby-data.db";
+ private static final Logger LOG = LoggerFactory.getLogger(MavibotBackend.class);
+
/**
* Creates a new instance of MavibotBackend.
*
@@ -56,6 +71,8 @@ public class MavibotBackend extends AbstractIdentityBackend {
public MavibotBackend(File location) throws Exception {
String dbPath = location.getAbsolutePath();
+ LOG.info("Initializing the mavibot backend");
+
if (!location.exists()) {
location.mkdirs();
}
@@ -88,7 +105,27 @@ public class MavibotBackend extends AbstractIdentityBackend {
*/
@Override
public List<String> getIdentities(int start, int limit) {
- return null;
+
+ List<String> keys = new ArrayList<String>();
+
+ KeyCursor<String> cursor = null;
+
+ try {
+ cursor = database.browseKeys();
+ while(cursor.hasNext()) {
+ keys.add(cursor.next());
+ }
+ }
+ catch(Exception e) {
+ LOG.debug("Errors occurred while fetching the principals", e);
+ }
+ finally {
+ if(cursor != null) {
+ cursor.close();
+ }
+ }
+
+ return keys;
}
/**
@@ -96,6 +133,18 @@ public class MavibotBackend extends AbstractIdentityBackend {
*/
@Override
protected KrbIdentity doGetIdentity(String principalName) {
+
+ try {
+ return database.get(principalName);
+ }
+ catch(KeyNotFoundException e) {
+ LOG.debug("Identity {} doesn't exist", principalName);
+ }
+ catch(IOException e) {
+ LOG.warn("Failed to get the identity {}", principalName);
+ throw new RuntimeException(e);
+ }
+
return null;
}
@@ -104,7 +153,20 @@ public class MavibotBackend extends AbstractIdentityBackend {
*/
@Override
protected KrbIdentity doAddIdentity(KrbIdentity identity) {
- return null;
+
+ String p = identity.getPrincipalName();
+ try {
+ return database.insert(p, identity);
+ }
+ catch(KeyAlreadyExistsException e) {
+ LOG.debug("Identity {} already exists", p);
+ LOG.debug("", e);
+ return null;
+ }
+ catch(IOException e) {
+ LOG.warn("Failed to add the identity {}", p);
+ throw new RuntimeException(e);
+ }
}
/**
@@ -112,7 +174,27 @@ public class MavibotBackend extends AbstractIdentityBackend {
*/
@Override
protected KrbIdentity doUpdateIdentity(KrbIdentity identity) {
- return null;
+
+ String p = identity.getPrincipalName();
+ try {
+ if(!database.hasKey(p)) {
+ LOG.debug("No identity found with the principal {}", p);
+ return null;
+ }
+
+ database.delete(p);
+
+ return database.insert(p, identity);
+ }
+ catch(KeyAlreadyExistsException e) {
+ LOG.debug("Identity {} already exists", p);
+ LOG.debug("", e);
+ return null;
+ }
+ catch(Exception e) {
+ LOG.warn("Failed to update the identity {}", p);
+ throw new RuntimeException(e);
+ }
}
/**
@@ -121,5 +203,26 @@ public class MavibotBackend extends AbstractIdentityBackend {
@Override
protected void doDeleteIdentity(String principalName) {
+ try {
+ Tuple<String, KrbIdentity> t = database.delete(principalName);
+ if (t == null) {
+ LOG.debug("Identity {} doesn't exist", principalName);
+ }
+ }
+ catch(IOException e) {
+ LOG.warn("Failed to delete the identity {}", principalName);
+ throw new RuntimeException(e);
+ }
+ }
+
+ @Override
+ public void stop() {
+ try {
+ LOG.debug("Closing the database");
+ rm.close();
+ }
+ catch(Exception e) {
+ LOG.warn("Failed to close the database", e);
+ }
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/d534db85/kerby-backend/mavibot/src/test/java/org/apache/kerby/KrbIdentitySerializerTest.java
----------------------------------------------------------------------
diff --git a/kerby-backend/mavibot/src/test/java/org/apache/kerby/KrbIdentitySerializerTest.java b/kerby-backend/mavibot/src/test/java/org/apache/kerby/KrbIdentitySerializerTest.java
new file mode 100644
index 0000000..227957a
--- /dev/null
+++ b/kerby-backend/mavibot/src/test/java/org/apache/kerby/KrbIdentitySerializerTest.java
@@ -0,0 +1,106 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import java.util.Map;
+
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.base.EncryptionType;
+import org.junit.Test;
+
+/**
+ * Tests for KrbIdentity serializer.
+ *
+ * @author <a href="mailto:kerby@directory.apache.org">Apache Kerby Project</a>
+ */
+public class KrbIdentitySerializerTest {
+
+ private KrbIdentitySerializer serializer = KrbIdentitySerializer.INSTANCE;
+
+ @Test
+ public void testSerialization() throws Exception {
+ KrbIdentity entry = new KrbIdentity("hnelson@EXAMPLE.COM");
+ entry.setCreatedTime(new KerberosTime(System.currentTimeMillis()));
+ entry.setDisabled(true);
+ entry.setKeyVersion(1);
+ entry.setLocked(true);
+
+ byte[] junk = new byte[11];
+ Arrays.fill(junk, (byte)1);
+ EncryptionKey key1 = new EncryptionKey(EncryptionType.AES128_CTS, junk);
+ entry.addKey(key1);
+
+ EncryptionKey key2 = new EncryptionKey(EncryptionType.AES128_CTS_HMAC_SHA1_96, junk);
+ entry.addKey(key2);
+
+ byte[] serialized = serializer.serialize(entry);
+
+ KrbIdentity deserialized = serializer.fromBytes(serialized);
+ verifyEquality(entry, deserialized);
+
+ deserialized = serializer.fromBytes(serialized, 0);
+ verifyEquality(entry, deserialized);
+
+ deserialized = serializer.deserialize(ByteBuffer.wrap(serialized));
+ verifyEquality(entry, deserialized);
+
+ try {
+ deserialized = serializer.fromBytes(serialized, 1);
+ fail("shouldn't deserialize");
+ }
+ catch(Exception e) {
+ // expected
+ }
+ }
+
+
+ private void verifyEquality(KrbIdentity expected, KrbIdentity actual) {
+ assertNotNull(actual);
+ assertEquals(expected.getPrincipalName(), actual.getPrincipalName());
+ assertEquals(expected.getCreatedTime().getTime(), actual.getCreatedTime().getTime());
+ assertEquals(expected.getExpireTime().getTime(), actual.getExpireTime().getTime());
+ assertEquals(expected.isDisabled(), actual.isDisabled());
+ assertEquals(expected.isLocked(), actual.isLocked());
+ assertEquals(expected.getKeyVersion(), actual.getKeyVersion());
+ assertEquals(expected.getKdcFlags(), actual.getKdcFlags());
+ assertEquals(expected.getKeys().size(), actual.getKeys().size());
+
+ Map<EncryptionType, EncryptionKey> exKeys = expected.getKeys();
+ Map<EncryptionType, EncryptionKey> acKeys = actual.getKeys();
+ for(EncryptionType et : exKeys.keySet() ) {
+ EncryptionKey exKey = exKeys.get(et);
+ EncryptionKey acKey = acKeys.get(et);
+
+ assertEquals(exKey.getKvno(), acKey.getKvno());
+ assertEquals(exKey.getKeyType(), acKey.getKeyType());
+ boolean equal = Arrays.equals(exKey.getKeyData(), acKey.getKeyData());
+ assertTrue(equal);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/d534db85/kerby-backend/mavibot/src/test/java/org/apache/kerby/MavibotBackendTest.java
----------------------------------------------------------------------
diff --git a/kerby-backend/mavibot/src/test/java/org/apache/kerby/MavibotBackendTest.java b/kerby-backend/mavibot/src/test/java/org/apache/kerby/MavibotBackendTest.java
new file mode 100644
index 0000000..f21600c
--- /dev/null
+++ b/kerby-backend/mavibot/src/test/java/org/apache/kerby/MavibotBackendTest.java
@@ -0,0 +1,89 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.Assert.assertTrue;
+
+import java.io.File;
+import java.util.List;
+
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.identity.backend.BackendTest;
+import org.apache.kerby.kerberos.kerb.identity.backend.IdentityBackend;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+
+/**
+ * Tests for MavibotBackend.
+ *
+ * @author <a href="mailto:kerby@directory.apache.org">Apache Kerby Project</a>
+ */
+public class MavibotBackendTest extends BackendTest {
+
+ private MavibotBackend backend;
+
+ private TemporaryFolder tmpFolder = new TemporaryFolder();
+
+ @Before
+ public void setup() throws Exception {
+ tmpFolder.create();
+
+ File dbFile = tmpFolder.newFile();
+ backend = new MavibotBackend(dbFile);
+ backend.initialize();
+ }
+
+ @After
+ public void clean() {
+ backend.stop();
+ tmpFolder.delete();
+ }
+
+ @Test
+ public void testBackend() {
+ super.testAll(backend);
+ }
+
+ // overriding this cause MavibotBackend doesn't support range search
+ public void testGetIdentities(IdentityBackend backend) {
+ KrbIdentity[] identities = createManyIdentities();
+
+ for (KrbIdentity identity : identities) {
+ backend.addIdentity(identity);
+ }
+
+ // clear the identity cache.
+ backend.release();
+
+ List<String> principals = backend.getIdentities(0, 0);
+ assertThat(principals).hasSize(identities.length);
+
+ for(KrbIdentity entry : identities) {
+ assertTrue(principals.contains(entry.getPrincipalName()));
+ }
+
+ for (KrbIdentity identity : identities) {
+ backend.deleteIdentity(identity.getPrincipalName());
+ }
+ }
+}