You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by ha...@apache.org on 2015/03/13 09:54:09 UTC
directory-kerberos git commit: DIRKRB-172 Working on a standalone KDC
server
Repository: directory-kerberos
Updated Branches:
refs/heads/master 72fa96ff5 -> 1abc0cd9a
DIRKRB-172 Working on a standalone KDC server
Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/1abc0cd9
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/1abc0cd9
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/1abc0cd9
Branch: refs/heads/master
Commit: 1abc0cd9aaac2589215dac6ac23148e1381b3f06
Parents: 72fa96f
Author: hazel <li...@foxmail.com>
Authored: Fri Mar 13 16:53:58 2015 +0800
Committer: hazel <li...@foxmail.com>
Committed: Fri Mar 13 16:53:58 2015 +0800
----------------------------------------------------------------------
kdc-tool/kinit/kinit-dist/bin/kinit.sh | 2 +-
.../org/apache/kerby/kerberos/tool/Kinit.java | 8 ++-
kerby-kdc/kerby-kdc-dist/bin/kerbykdc.sh | 4 +-
.../kerberos/kdc/server/KerbyKdcServer.java | 52 +++++++++++++++++++-
4 files changed, 59 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/1abc0cd9/kdc-tool/kinit/kinit-dist/bin/kinit.sh
----------------------------------------------------------------------
diff --git a/kdc-tool/kinit/kinit-dist/bin/kinit.sh b/kdc-tool/kinit/kinit-dist/bin/kinit.sh
index ebbb466..ac0754a 100644
--- a/kdc-tool/kinit/kinit-dist/bin/kinit.sh
+++ b/kdc-tool/kinit/kinit-dist/bin/kinit.sh
@@ -16,4 +16,4 @@
# specific language governing permissions and limitations
# under the License.
confdir=/etc/kerby/krb/conf
-java -jar ../kinit/kinit-1.0-SNAPSHOT-jar-with-dependencies.jar confdir $@
\ No newline at end of file
+java -jar ../kinit/kinit-1.0-SNAPSHOT-jar-with-dependencies.jar ${confdir} $@
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/1abc0cd9/kdc-tool/kinit/src/main/java/org/apache/kerby/kerberos/tool/Kinit.java
----------------------------------------------------------------------
diff --git a/kdc-tool/kinit/src/main/java/org/apache/kerby/kerberos/tool/Kinit.java b/kdc-tool/kinit/src/main/java/org/apache/kerby/kerberos/tool/Kinit.java
index ce0cbc0..e4c0d7c 100644
--- a/kdc-tool/kinit/src/main/java/org/apache/kerby/kerberos/tool/Kinit.java
+++ b/kdc-tool/kinit/src/main/java/org/apache/kerby/kerberos/tool/Kinit.java
@@ -113,9 +113,13 @@ public class Kinit {
KrbConfig krbConfig = new KrbConfig();
Conf conf = krbConfig.getConf();
- File confDir = new File(confDirString);
- File[] files = confDir.listFiles();
try {
+ File confDir = new File(confDirString);
+ File[] files = confDir.listFiles();
+ if (files == null) {
+ throw new IOException("There are no file in configuration directory: " + confDirString);
+ }
+
for (File file : files) {
conf.addIniConfig(file);
}
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/1abc0cd9/kerby-kdc/kerby-kdc-dist/bin/kerbykdc.sh
----------------------------------------------------------------------
diff --git a/kerby-kdc/kerby-kdc-dist/bin/kerbykdc.sh b/kerby-kdc/kerby-kdc-dist/bin/kerbykdc.sh
index ce39497..d90669c 100644
--- a/kerby-kdc/kerby-kdc-dist/bin/kerbykdc.sh
+++ b/kerby-kdc/kerby-kdc-dist/bin/kerbykdc.sh
@@ -15,6 +15,4 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-confdir=/etc/kerby/conf
-workingdir=/usr/kerby/kdc/
-java -jar ../kerby-kdc/kerby-kdc-1.0-SNAPSHOT-jar-with-dependencies.jar -start ${confdir} ${workingdir}
\ No newline at end of file
+java -jar ../kerby-kdc/kerby-kdc-1.0-SNAPSHOT-jar-with-dependencies.jar $@
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/1abc0cd9/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/KerbyKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/KerbyKdcServer.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/KerbyKdcServer.java
index 003dd36..c562fbd 100644
--- a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/KerbyKdcServer.java
+++ b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/KerbyKdcServer.java
@@ -22,11 +22,19 @@ package org.apache.kerby.kerberos.kdc.server;
import org.apache.kerby.config.Conf;
import org.apache.kerby.config.Config;
import org.apache.kerby.kerberos.kdc.identitybackend.LdapIdentityBackend;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
import org.apache.kerby.kerberos.kerb.identity.IdentityService;
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.identity.backend.InMemoryIdentityBackend;
import org.apache.kerby.kerberos.kerb.server.KdcServer;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.common.EncryptionType;
import java.io.File;
import java.io.IOException;
+import java.util.List;
+import java.util.UUID;
/**
* The mentioned Kerby KDC server implementation
@@ -55,6 +63,10 @@ public class KerbyKdcServer extends KdcServer {
File confDir = new File(confDirString);
File[] files = confDir.listFiles();
+ if (files == null) {
+ throw new IOException("There are no file in configuration directory");
+ }
+
for (File file : files) {
conf.addIniConfig(file);
}
@@ -83,8 +95,13 @@ public class KerbyKdcServer extends KdcServer {
server.init(confDir, workDir);
} catch (IOException e) {
System.err.println("Something wrong with configuration files or work files");
+ e.printStackTrace();
return;
}
+ //TODO add a default principal for test
+ server.createPrincipal("test", "123456");
+ server.createPrincipals("krbtgt", "test-service/localhost");
+
server.start();
System.out.println(KerbyKdcServer.class.getSimpleName() + " started.");
} else if (args[0].equals("-stop")) {
@@ -98,7 +115,40 @@ public class KerbyKdcServer extends KdcServer {
protected void initIdentityService() {
Config config = getKdcConfig().getBackendConfig();
- IdentityService identityService = new LdapIdentityBackend(config);
+
+ //FIXME
+ InMemoryIdentityBackend identityService = new InMemoryIdentityBackend();
+// IdentityService identityService = new LdapIdentityBackend(config);
setIdentityService(identityService);
}
+
+
+ //create default principal for test
+ private synchronized void createPrincipal(String principal, String password) {
+ KrbIdentity identity = new KrbIdentity(fixPrincipal(principal));
+ List<EncryptionType> encTypes = getKdcConfig().getEncryptionTypes();
+ List<EncryptionKey> encKeys = null;
+ try {
+ encKeys = EncryptionUtil.generateKeys(fixPrincipal(principal), password, encTypes);
+ } catch (KrbException e) {
+ throw new RuntimeException("Failed to generate encryption keys", e);
+ }
+ identity.addKeys(encKeys);
+ getIdentityService().addIdentity(identity);
+ }
+
+ private void createPrincipals(String ... principals) {
+ String passwd;
+ for (String principal : principals) {
+ passwd = UUID.randomUUID().toString();
+ createPrincipal(fixPrincipal(principal), passwd);
+ }
+ }
+
+ private String fixPrincipal(String principal) {
+ if (! principal.contains("@")) {
+ principal += "@" + getKdcRealm();
+ }
+ return principal;
+ }
}
\ No newline at end of file