You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/03/21 13:11:45 UTC
[3/3] directory-kerby git commit: Introduced kerby-kdc-test module
for integration tests
Introduced kerby-kdc-test module for integration tests
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/c59056a8
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/c59056a8
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/c59056a8
Branch: refs/heads/master
Commit: c59056a8e1587ff1da2dcc5ed6fe8f3b763376c7
Parents: 8074931
Author: Drankye <dr...@gmail.com>
Authored: Sat Mar 21 20:11:14 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Sat Mar 21 20:11:14 2015 +0800
----------------------------------------------------------------------
kerby-dist/kdc-dist/bin/start-kdc.sh | 2 +-
kerby-kdc-test/pom.xml | 76 ++++++++++++
kerby-kdc-test/src/main/resources/cacert.pem | 23 ++++
kerby-kdc-test/src/main/resources/cakey.pem | 27 +++++
.../src/main/resources/extensions.kdc | 36 ++++++
kerby-kdc-test/src/main/resources/kdc-krb5.conf | 25 ++++
kerby-kdc-test/src/main/resources/kdc.ldiff | 46 +++++++
kerby-kdc-test/src/main/resources/kdccert.pem | 26 ++++
kerby-kdc-test/src/main/resources/kdckey.pem | 27 +++++
kerby-kdc-test/src/main/resources/usercert.pem | 26 ++++
kerby-kdc-test/src/main/resources/userkey.pem | 27 +++++
.../kerby/kerberos/kdc/JsonBackendKdcTest.java | 55 +++++++++
.../org/apache/kerby/kerberos/kdc/KdcTest.java | 87 +++++++++++++
.../kerby/kerberos/kdc/WithCertKdcTest.java | 101 ++++++++++++++++
.../kerby/kerberos/kdc/WithTokenKdcTest.java | 73 +++++++++++
.../kerby/kerberos/kdc/KerbyKdcServer.java | 102 ++++++++++++++++
.../kerberos/kdc/server/KerbyKdcServer.java | 102 ----------------
.../kerby/kerberos/kdc/server/KdcTest.java | 1 +
kerby-kerb/kerb-kdc-test/pom.xml | 11 +-
.../kerby/kerberos/kerb/server/KdcTestBase.java | 121 +++++++++++++++++++
.../kerberos/kerb/server/TestKdcServer.java | 117 ++++++++++++++++++
.../kerb-kdc-test/src/main/resources/cacert.pem | 23 ----
.../kerb-kdc-test/src/main/resources/cakey.pem | 27 -----
.../src/main/resources/extensions.kdc | 36 ------
.../src/main/resources/kdc-krb5.conf | 25 ----
.../kerb-kdc-test/src/main/resources/kdc.ldiff | 46 -------
.../src/main/resources/kdccert.pem | 26 ----
.../kerb-kdc-test/src/main/resources/kdckey.pem | 27 -----
.../src/main/resources/usercert.pem | 26 ----
.../src/main/resources/userkey.pem | 27 -----
.../kerb/server/JsonBackendKdcTest.java | 53 --------
.../kerby/kerberos/kerb/server/KdcTestBase.java | 121 -------------------
.../kerberos/kerb/server/TestKdcServer.java | 117 ------------------
.../kerberos/kerb/server/WithCertKdcTest.java | 98 ---------------
.../kerberos/kerb/server/WithTokenKdcTest.java | 57 ---------
pom.xml | 1 +
36 files changed, 1006 insertions(+), 815 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-dist/kdc-dist/bin/start-kdc.sh
----------------------------------------------------------------------
diff --git a/kerby-dist/kdc-dist/bin/start-kdc.sh b/kerby-dist/kdc-dist/bin/start-kdc.sh
index b094677..cc48060 100644
--- a/kerby-dist/kdc-dist/bin/start-kdc.sh
+++ b/kerby-dist/kdc-dist/bin/start-kdc.sh
@@ -1,2 +1,2 @@
#!/bin/bash
-java -Xdebug -Xrunjdwp:transport=dt_socket,address=1044,server=y,suspend=n -cp ../lib/kerb-server-1.0-SNAPSHOT-jar-with-dependencies.jar:../lib/Json-identity-backend-1.0-SNAPSHOT.jar:../lib/ldap-identity-backend-1.0-SNAPSHOT.jar:../lib/zookeeper-backend-1.0-SNAPSHOT.jar:../lib/kerby-kdc-1.0-SNAPSHOT.jar org.apache.kerby.kerberos.kdc.server.KerbyKdcServer $@
+java -Xdebug -Xrunjdwp:transport=dt_socket,address=1044,server=y,suspend=n -cp ../lib/kerb-server-1.0-SNAPSHOT-jar-with-dependencies.jar:../lib/Json-identity-backend-1.0-SNAPSHOT.jar:../lib/ldap-identity-backend-1.0-SNAPSHOT.jar:../lib/zookeeper-backend-1.0-SNAPSHOT.jar:../lib/kerby-kdc-1.0-SNAPSHOT.jar org.apache.kerby.kerberos.kdc.KerbyKdcServer $@
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/pom.xml b/kerby-kdc-test/pom.xml
new file mode 100644
index 0000000..d5a96a5
--- /dev/null
+++ b/kerby-kdc-test/pom.xml
@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License. See accompanying LICENSE file.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-all</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>kerby-kdc-test</artifactId>
+
+ <name>Kerby Kdc Test</name>
+ <description>Kerby Kdc Test</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerby-config</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-core</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-util</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-server</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-client</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>kerb-kdc-test</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>Json-identity-backend</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>token-provider</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.kerby</groupId>
+ <artifactId>pki-provider</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/main/resources/cacert.pem
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/main/resources/cacert.pem b/kerby-kdc-test/src/main/resources/cacert.pem
new file mode 100644
index 0000000..6b91561
--- /dev/null
+++ b/kerby-kdc-test/src/main/resources/cacert.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID6zCCAtOgAwIBAgIJAMrZoeDxTzwWMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzEzMjdaFw0yNDA1MTAxMzEzMjdaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMCznJJ02ZUjCPvAwnBmfPs0akb5QRc/NKu8kCtAPWzgHS2JPTQfJhkDbTAD
+eIlg8IeJpOdrYnzdaBCzgxqjSkls+vxjYotOU0Zbrpy2bj0lRDqdYbNsiuConKgT
+MeuDEd/4ZI0X9NWLAi06Iv1F4mHXf36c6uqiUWTtXiofogrFUoTRwACKR2qeC95X
+Py+FDmpS9lz0mo0vDWjetLQC2IBngjjPFdR16n87QDIWfRBkk66rn7rEA6Li66b/
+cToajMSA/n+2Ud1mntSY4RdDdd0TBtAq9RrXtUOfzGaE7S6t+FtYyEprvT4FdOTU
+uyYgSNaI9ANVP1zhQ9LACKuudOECAwEAAaNQME4wHQYDVR0OBBYEFD91SVOejfwx
+u33+5N0TdYbHJbgAMB8GA1UdIwQYMBaAFD91SVOejfwxu33+5N0TdYbHJbgAMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADsONtUqGNBPBXnRowcJwv+Y
+F1Vea+4dkBwYbhkiO6H5XMKr+waOnOD2eAvgP4aeYg/a0xOzzETRD9wi1Z1P1ZMy
+d/NzHQjj4egPENwDv1PH2voZgsXXzXIqUMOtz9t12TuJUrSA2SBW1tz/evckHhNY
+fHg4ThvTIgwEdV/yvrOEBLV9dXG5IhhF+NW1MegTGkt4SpOoH1pi3o9VekVRnix9
+xrIdaC4Ee6vQaR603HwDS9Y+a1c2KU7QoLX8Vaa904cQ+rxhGsTAkocnZXeo6Hl5
+V8BlDYXxeP86fzcWi04ll2BmEEw/RimHEOLpGqxTVHJ5p5BVSCHP8aCD0VJheaU=
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/main/resources/cakey.pem
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/main/resources/cakey.pem b/kerby-kdc-test/src/main/resources/cakey.pem
new file mode 100644
index 0000000..66dc806
--- /dev/null
+++ b/kerby-kdc-test/src/main/resources/cakey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAwLOcknTZlSMI+8DCcGZ8+zRqRvlBFz80q7yQK0A9bOAdLYk9
+NB8mGQNtMAN4iWDwh4mk52tifN1oELODGqNKSWz6/GNii05TRluunLZuPSVEOp1h
+s2yK4KicqBMx64MR3/hkjRf01YsCLToi/UXiYdd/fpzq6qJRZO1eKh+iCsVShNHA
+AIpHap4L3lc/L4UOalL2XPSajS8NaN60tALYgGeCOM8V1HXqfztAMhZ9EGSTrquf
+usQDouLrpv9xOhqMxID+f7ZR3Wae1JjhF0N13RMG0Cr1Gte1Q5/MZoTtLq34W1jI
+Smu9PgV05NS7JiBI1oj0A1U/XOFD0sAIq6504QIDAQABAoIBAHqFeMax3unxBbQ0
+Aiy/LTX3RJ9tuZITUOTklnG5fZStBkA+oxhxuaJryE+f1VLbvPMgdCXj5BHqIFGG
+IZSdQA1hak9wzWYvXck9X88qOvtLp47xI/6Vw9NFwZ0n3zST+JiD8UK4eaYQpUim
+Tzrj5SU6hEi3crHOlJvsRFPaGwhnA9wycoOo4o22XBj3C8Hwzi4vWcKXH/RCSwZQ
+zFuYbe77Pn9Sv5q5zdglkmm7wngoVt/aKQke/Vk+Eincx1V12b05DNLjugo6FWQh
+0f2MmHpvqNSHs9USC5+y2lKQ1JNHh7mnpPCXkZEH4V7q+3mKVzl9tXzj9Gul20pw
+tneD6WUCgYEA9QUrQoWHKeVMjeukHjDJa2KjRLMmg9YRQyVABH9+nQTp1jYUjMRA
+GUoUx91gG6gjjJD/xvor/U0Fh3vKtZE93c+avrcaYDwf3q/L4gh+3b87lVDfzjrp
+L+MPTpEzWiyyLfr/kLA0TgUjnrj9bav5uDps8mJpNf8s9ZP1/QDhF5sCgYEAyVZA
+pHSIyBI2GT0+92JXvYDK/ZfV5m4RGHaG/PMDoU4IbGbjHVyzzsyzDUgvOASXwfF8
+YzwX7Tf95RZw12P/Jepxt0vqBJPKUCsMLUrmANQvN1Pz8+Vk6UADLM7kNc06MqB9
+/U3GKCFZZuedEhbgXnEV9gzelhILImJGZMxG0zMCgYApymnofLHjGXMHOcvSQmv4
+XuiODShikB59n1rd6YkE6xOfL7YtlEOCjLoipMWBshnuHcUigQUDvSFWTGz0rwMo
+VAKGyOA8zcR5zO4vbVeGJtnYy+SAXlfrjQTNV8K0fK8fXJI+cW9aZ1H9/ntrO0vq
+ejye0t4zEYTvlf782iuKRQKBgQCnTQ7mGRfX+JoPmv8JniR+idkjpNnPYsK96y/8
+XQs1LJx/R3eN3IxlWV+nt8XU7KwWMs5Dv5m6Ov61MFKQCL3qCch4oZJSP2Sr/Tlf
+IY/CPI8HkLF0h7e0wsZgo4Kq2mBz1T0cEVaJ3jxl8Cxq7at/jsTK8qK7XT73UWZh
+OAXaVQKBgDmg2QTX7c0/dbDMOuw18g3xfE/oqU+VWT784wtvpcdjHR+KAVLWHG8l
+oc/bm8Bs0o0f5dfH7uUvWdP6JMvbgYZBgIMqw+iH8P2lFCLzIRf0me/l+r0Oi64U
+5jp9K+7Ggc7S0SSnCLmBLMN5lXQZbhzks1La7DZmFeAz8rOEnlUB
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/main/resources/extensions.kdc
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/main/resources/extensions.kdc b/kerby-kdc-test/src/main/resources/extensions.kdc
new file mode 100644
index 0000000..8052f71
--- /dev/null
+++ b/kerby-kdc-test/src/main/resources/extensions.kdc
@@ -0,0 +1,36 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+[kdc_cert]
+basicConstraints=CA:FALSE
+keyUsage=nonRepudiation,digitalSignature,keyEncipherment,keyAgreement
+extendedKeyUsage=1.3.6.1.5.2.3.5
+subjectKeyIdentifier=hash
+authorityKeyIdentifier=keyid,issuer
+issuerAltName=issuer:copy
+subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name
+
+[kdc_princ_name]
+realm=EXP:0,GeneralString:${ENV::REALM}
+principal_name=EXP:1,SEQUENCE:kdc_principal_seq
+
+[kdc_principal_seq]
+name_type=EXP:0,INTEGER:1
+name_string=EXP:1,SEQUENCE:kdc_principals
+
+[kdc_principals]
+princ1=GeneralString:krbtgt
+princ2=GeneralString:${ENV::REALM}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/main/resources/kdc-krb5.conf
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/main/resources/kdc-krb5.conf b/kerby-kdc-test/src/main/resources/kdc-krb5.conf
new file mode 100644
index 0000000..d118dd1
--- /dev/null
+++ b/kerby-kdc-test/src/main/resources/kdc-krb5.conf
@@ -0,0 +1,25 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+[libdefaults]
+ default_realm = {0}
+ udp_preference_limit = 1
+
+[realms]
+ {0} = '{'
+ kdc = {1}:{2}
+ '}'
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/main/resources/kdc.ldiff
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/main/resources/kdc.ldiff b/kerby-kdc-test/src/main/resources/kdc.ldiff
new file mode 100644
index 0000000..bc989c3
--- /dev/null
+++ b/kerby-kdc-test/src/main/resources/kdc.ldiff
@@ -0,0 +1,46 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+dn: ou=users,dc=${0},dc=${1}
+objectClass: organizationalUnit
+objectClass: top
+ou: users
+
+dn: uid=krbtgt,ou=users,dc=${0},dc=${1}
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: krb5principal
+objectClass: krb5kdcentry
+cn: KDC Service
+sn: Service
+uid: krbtgt
+userPassword: secret
+krb5PrincipalName: krbtgt/${2}.${3}@${2}.${3}
+krb5KeyVersionNumber: 0
+
+dn: uid=ldap,ou=users,dc=${0},dc=${1}
+objectClass: top
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: krb5principal
+objectClass: krb5kdcentry
+cn: LDAP
+sn: Service
+uid: ldap
+userPassword: secret
+krb5PrincipalName: ldap/${4}@${2}.${3}
+krb5KeyVersionNumber: 0
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/main/resources/kdccert.pem
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/main/resources/kdccert.pem b/kerby-kdc-test/src/main/resources/kdccert.pem
new file mode 100644
index 0000000..67e538c
--- /dev/null
+++ b/kerby-kdc-test/src/main/resources/kdccert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
+fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
+quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
+nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
+EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
+JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
+DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
+Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
+HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
+ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
+AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
+YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
+txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
+R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
+FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
+5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/main/resources/kdckey.pem
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/main/resources/kdckey.pem b/kerby-kdc-test/src/main/resources/kdckey.pem
new file mode 100644
index 0000000..c9e75e2
--- /dev/null
+++ b/kerby-kdc-test/src/main/resources/kdckey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
+8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
+2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
+GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
+fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
+DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
+QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
+6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
+bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
+5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
+8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
+XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
+kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
+Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
+P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
+KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
+qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
+7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
+UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
+n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
+5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
+AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
+KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
+9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
+7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/main/resources/usercert.pem
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/main/resources/usercert.pem b/kerby-kdc-test/src/main/resources/usercert.pem
new file mode 100644
index 0000000..67e538c
--- /dev/null
+++ b/kerby-kdc-test/src/main/resources/usercert.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
+VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
+DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
+YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
+MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
+c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
+A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
+a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
+fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
+quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
+nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
+EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
+JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
+DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
+Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
+HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
+ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
+AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
+YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
+txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
+R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
+FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
+5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
+-----END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/main/resources/userkey.pem
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/main/resources/userkey.pem b/kerby-kdc-test/src/main/resources/userkey.pem
new file mode 100644
index 0000000..c9e75e2
--- /dev/null
+++ b/kerby-kdc-test/src/main/resources/userkey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
+8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
+2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
+GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
+fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
+DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
+QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
+6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
+bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
+5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
+8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
+XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
+kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
+Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
+P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
+KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
+qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
+7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
+UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
+n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
+5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
+AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
+KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
+9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
+7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
+-----END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/JsonBackendKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/JsonBackendKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/JsonBackendKdcTest.java
new file mode 100644
index 0000000..8fbb593
--- /dev/null
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/JsonBackendKdcTest.java
@@ -0,0 +1,55 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc;
+
+import org.apache.kerby.config.Conf;
+import org.apache.kerby.config.Config;
+import org.apache.kerby.kerberos.kdc.identitybackend.JsonIdentityBackend;
+import org.apache.kerby.kerberos.kerb.identity.backend.IdentityBackend;
+import org.junit.Test;
+
+import java.io.File;
+
+public class JsonBackendKdcTest extends KdcTest {
+
+ @Override
+ protected void setUpKdcServer() throws Exception {
+ super.setUpKdcServer();
+
+ File testDir = new File(System.getProperty("test.dir", "target"));
+ String jsonBackendFileString = new File(testDir,
+ "json-identity-backend-file").getAbsolutePath();
+
+ Config backendConfig = new Conf();
+ backendConfig.setString(
+ JsonIdentityBackend.JSON_IDENTITY_BACKEND_FILE, jsonBackendFileString);
+
+ IdentityBackend backend = new JsonIdentityBackend(backendConfig);
+ backend.initialize();
+
+ kdcServer.setBackend(backend);
+ }
+
+ @Test
+ public void testKdc() throws Exception {
+ performKdcTest();
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/KdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/KdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/KdcTest.java
new file mode 100644
index 0000000..56e4a92
--- /dev/null
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/KdcTest.java
@@ -0,0 +1,87 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc;
+
+import org.apache.kerby.kerberos.kerb.server.KdcTestBase;
+import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.junit.Assert;
+
+import java.io.File;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public abstract class KdcTest extends KdcTestBase {
+
+ private String password = "123456";
+
+ @Override
+ protected void createPrincipals() {
+ super.createPrincipals();
+ kdcServer.createPrincipal(clientPrincipal, password);
+ }
+
+ protected void performKdcTest() throws Exception {
+ kdcServer.start();
+ assertThat(kdcServer.isStarted()).isTrue();
+
+ File testDir = new File(System.getProperty("test.dir", "target"));
+ File testConfDir = new File(testDir, "conf");
+ krbClnt.setConfDir(testConfDir);
+ krbClnt.init();
+
+ TgtTicket tgt;
+ ServiceTicket tkt;
+
+ // With good password
+ try {
+ tgt = krbClnt.requestTgtTicket(clientPrincipal, password, null);
+ assertThat(tgt).isNotNull();
+
+ tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
+ assertThat(tkt).isNotNull();
+ } catch (Exception e) {
+ System.out.println("Exception occurred with good password");
+ e.printStackTrace();
+ Assert.fail();
+ }
+
+ // With bad password
+ try {
+ tgt = krbClnt.requestTgtTicket(clientPrincipal, "badpassword", null);
+ } catch (Exception e) {
+ System.out.println("Exception occurred with bad password");
+ }
+
+ // TODO: With good password again. This will fail, to be investigated.
+ /*
+ try {
+ tgt = krbClnt.requestTgtTicket(clientPrincipal, password, null);
+ assertThat(tgt).isNotNull();
+
+ tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
+ assertThat(tkt).isNotNull();
+ } catch (Exception e) {
+ System.out.println("Exception occurred with good password again");
+ e.printStackTrace();
+ Assert.fail();
+ }*/
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java
new file mode 100644
index 0000000..5df9495
--- /dev/null
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithCertKdcTest.java
@@ -0,0 +1,101 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.KrbRuntime;
+import org.apache.kerby.kerberos.kerb.provider.PkiLoader;
+import org.apache.kerby.kerberos.kerb.server.KdcTestBase;
+import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.apache.kerby.kerberos.provider.pki.KerbyPkiProvider;
+import org.junit.Before;
+
+import java.io.InputStream;
+import java.security.PrivateKey;
+import java.security.cert.Certificate;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+/**
+ openssl genrsa -out cakey.pem 2048
+ openssl req -key cakey.pem -new -x509 -out cacert.pem -days 3650
+ vi extensions.kdc
+ openssl genrsa -out kdckey.pem 2048
+ openssl req -new -out kdc.req -key kdckey.pem
+ env REALM=SH.INTEL.COM openssl x509 -req -in kdc.req -CAkey cakey.pem \
+ -CA cacert.pem -out kdc.pem -days 365 -extfile extensions.kdc -extensions kdc_cert -CAcreateserial
+ */
+public class WithCertKdcTest extends KdcTestBase {
+ private PkiLoader pkiLoader;
+
+ private Certificate userCert;
+ private PrivateKey userKey;
+
+ @Before
+ public void setUp() throws Exception {
+ KrbRuntime.setPkiProvider(new KerbyPkiProvider());
+ pkiLoader = KrbRuntime.getPkiProvider().createPkiLoader();
+
+ super.setUp();
+ }
+
+ @Override
+ protected void setUpClient() throws Exception {
+ super.setUpClient();
+
+ loadCredentials();
+ }
+
+ @Override
+ protected void setUpKdcServer() throws Exception {
+ super.setUpKdcServer();
+ kdcServer.createPrincipals(clientPrincipal);
+ }
+
+ //@Test
+ public void testKdc() throws Exception {
+ assertThat(userCert).isNotNull();
+
+ kdcServer.start();
+ assertThat(kdcServer.isStarted()).isTrue();
+ krbClnt.init();
+
+ TgtTicket tgt = null;
+ try {
+ tgt = krbClnt.requestTgtTicket(clientPrincipal, userCert, userKey, null);
+ } catch (KrbException te) {
+ assertThat(te.getMessage().contains("timeout")).isTrue();
+ return;
+ }
+ assertThat(tgt).isNull();
+
+ ServiceTicket tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
+ assertThat(tkt).isNull();
+ }
+
+ private void loadCredentials() throws KrbException {
+ InputStream res = getClass().getResourceAsStream("/usercert.pem");
+ userCert = pkiLoader.loadCerts(res).iterator().next();
+
+ res = getClass().getResourceAsStream("/userkey.pem");
+ userKey = pkiLoader.loadPrivateKey(res, null);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTest.java
new file mode 100644
index 0000000..248a0f9
--- /dev/null
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTest.java
@@ -0,0 +1,73 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.KrbRuntime;
+import org.apache.kerby.kerberos.kerb.provider.PkiLoader;
+import org.apache.kerby.kerberos.kerb.provider.TokenEncoder;
+import org.apache.kerby.kerberos.kerb.server.KdcTestBase;
+import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
+import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
+import org.apache.kerby.kerberos.kerb.spec.base.AuthToken;
+import org.apache.kerby.kerberos.provider.pki.KerbyPkiProvider;
+import org.apache.kerby.kerberos.provider.token.KerbyTokenProvider;
+import org.junit.Before;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class WithTokenKdcTest extends KdcTestBase {
+ private TokenEncoder tokenEncoder;
+
+ private AuthToken token;
+
+ @Before
+ public void setUp() throws Exception {
+ KrbRuntime.setTokenProvider(new KerbyTokenProvider());
+ tokenEncoder = KrbRuntime.getTokenProvider().createTokenEncoder();
+
+ super.setUp();
+ }
+
+ @Override
+ protected void setUpKdcServer() throws Exception {
+ super.setUpKdcServer();
+ kdcServer.createPrincipals(clientPrincipal);
+ }
+
+ //@Test
+ public void testKdc() throws Exception {
+ kdcServer.start();
+ assertThat(kdcServer.isStarted()).isTrue();
+ krbClnt.init();
+
+ TgtTicket tgt;
+ try {
+ tgt = krbClnt.requestTgtTicket(clientPrincipal, token, null);
+ } catch (KrbException te) {
+ assertThat(te.getMessage().contains("timeout")).isTrue();
+ return;
+ }
+ assertThat(tgt).isNull();
+
+ ServiceTicket tkt = krbClnt.requestServiceTicket(tgt, serverPrincipal, null);
+ assertThat(tkt).isNull();
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
new file mode 100644
index 0000000..0c30fe8
--- /dev/null
+++ b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
@@ -0,0 +1,102 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kdc;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.server.KdcServer;
+import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.base.EncryptionType;
+
+import java.io.File;
+import java.util.List;
+import java.util.UUID;
+
+/**
+ * The mentioned Kerby KDC server implementation.
+ */
+public class KerbyKdcServer extends KdcServer {
+ private static KerbyKdcServer server;
+
+ private static final String USAGE = "Usage: " +
+ KerbyKdcServer.class.getSimpleName() +
+ " -start conf-dir working-dir|-stop";
+
+ public static void main(String[] args) {
+ if (args.length == 0) {
+ System.err.println(USAGE);
+ return;
+ }
+
+ if (args[0].equals("-start")) {
+ if (args.length != 3) {
+ System.err.println(USAGE);
+ return;
+ }
+ String confDir = args[1];
+ String workDir = args[2];
+
+ server = new KerbyKdcServer();
+ server.setWorkDir(new File(workDir));
+ server.setConfDir(new File(confDir));
+ server.init();
+
+ server.createPrincipals("krbtgt");
+
+ server.start();
+ System.out.println("KDC started.");
+ } else if (args[0].equals("-stop")) {
+ //server.stop();//FIXME can't get the server instance here
+ System.out.println("KDC Server stopped.");
+ } else {
+ System.err.println(USAGE);
+ }
+ }
+
+ //create some principal for test
+ private void createPrincipal(String principal, String password) {
+ KrbIdentity identity = new KrbIdentity(fixPrincipal(principal));
+ List<EncryptionType> encTypes = getKdcConfig().getEncryptionTypes();
+ List<EncryptionKey> encKeys = null;
+ try {
+ encKeys = EncryptionUtil.generateKeys(fixPrincipal(principal), password, encTypes);
+ } catch (KrbException e) {
+ throw new RuntimeException("Failed to generate encryption keys", e);
+ }
+ identity.addKeys(encKeys);
+ getIdentityService().addIdentity(identity);
+ }
+
+ private void createPrincipals(String ... principals) {
+ String passwd;
+ for (String principal : principals) {
+ passwd = UUID.randomUUID().toString();
+ createPrincipal(fixPrincipal(principal), passwd);
+ }
+ }
+
+ private String fixPrincipal(String principal) {
+ if (! principal.contains("@")) {
+ principal += "@" + getKdcRealm();
+ }
+ return principal;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/KerbyKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/KerbyKdcServer.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/KerbyKdcServer.java
deleted file mode 100644
index 764d691..0000000
--- a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/server/KerbyKdcServer.java
+++ /dev/null
@@ -1,102 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kdc.server;
-
-import org.apache.kerby.kerberos.kerb.KrbException;
-import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
-import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
-import org.apache.kerby.kerberos.kerb.server.KdcServer;
-import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
-import org.apache.kerby.kerberos.kerb.spec.base.EncryptionType;
-
-import java.io.File;
-import java.util.List;
-import java.util.UUID;
-
-/**
- * The mentioned Kerby KDC server implementation.
- */
-public class KerbyKdcServer extends KdcServer {
- private static KerbyKdcServer server;
-
- private static final String USAGE = "Usage: " +
- KerbyKdcServer.class.getSimpleName() +
- " -start conf-dir working-dir|-stop";
-
- public static void main(String[] args) {
- if (args.length == 0) {
- System.err.println(USAGE);
- return;
- }
-
- if (args[0].equals("-start")) {
- if (args.length != 3) {
- System.err.println(USAGE);
- return;
- }
- String confDir = args[1];
- String workDir = args[2];
-
- server = new KerbyKdcServer();
- server.setWorkDir(new File(workDir));
- server.setConfDir(new File(confDir));
- server.init();
-
- server.createPrincipals("krbtgt");
-
- server.start();
- System.out.println("KDC started.");
- } else if (args[0].equals("-stop")) {
- //server.stop();//FIXME can't get the server instance here
- System.out.println("KDC Server stopped.");
- } else {
- System.err.println(USAGE);
- }
- }
-
- //create some principal for test
- private void createPrincipal(String principal, String password) {
- KrbIdentity identity = new KrbIdentity(fixPrincipal(principal));
- List<EncryptionType> encTypes = getKdcConfig().getEncryptionTypes();
- List<EncryptionKey> encKeys = null;
- try {
- encKeys = EncryptionUtil.generateKeys(fixPrincipal(principal), password, encTypes);
- } catch (KrbException e) {
- throw new RuntimeException("Failed to generate encryption keys", e);
- }
- identity.addKeys(encKeys);
- getIdentityService().addIdentity(identity);
- }
-
- private void createPrincipals(String ... principals) {
- String passwd;
- for (String principal : principals) {
- passwd = UUID.randomUUID().toString();
- createPrincipal(fixPrincipal(principal), passwd);
- }
- }
-
- private String fixPrincipal(String principal) {
- if (! principal.contains("@")) {
- principal += "@" + getKdcRealm();
- }
- return principal;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kdc/src/test/java/org/apache/kerby/kerberos/kdc/server/KdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/test/java/org/apache/kerby/kerberos/kdc/server/KdcTest.java b/kerby-kdc/src/test/java/org/apache/kerby/kerberos/kdc/server/KdcTest.java
index 07a1b82..fadc570 100644
--- a/kerby-kdc/src/test/java/org/apache/kerby/kerberos/kdc/server/KdcTest.java
+++ b/kerby-kdc/src/test/java/org/apache/kerby/kerberos/kdc/server/KdcTest.java
@@ -19,6 +19,7 @@
*/
package org.apache.kerby.kerberos.kdc.server;
+import org.apache.kerby.kerberos.kdc.KerbyKdcServer;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/pom.xml b/kerby-kerb/kerb-kdc-test/pom.xml
index c42d6c4..378ef90 100644
--- a/kerby-kerb/kerb-kdc-test/pom.xml
+++ b/kerby-kerb/kerb-kdc-test/pom.xml
@@ -53,9 +53,14 @@
<version>${project.version}</version>
</dependency>
<dependency>
- <groupId>org.apache.kerby</groupId>
- <artifactId>Json-identity-backend</artifactId>
- <version>${project.version}</version>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.assertj</groupId>
+ <artifactId>assertj-core</artifactId>
+ <scope>compile</scope>
</dependency>
</dependencies>
</project>
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
new file mode 100644
index 0000000..a4c6235
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
@@ -0,0 +1,121 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.client.KrbClient;
+import org.junit.After;
+import org.junit.Before;
+
+import java.io.IOException;
+import java.net.ServerSocket;
+
+public abstract class KdcTestBase {
+
+ protected String kdcRealm;
+ protected String clientPrincipal;
+ protected String serverPrincipal;
+
+ protected String hostname = "localhost";
+ protected int tcpPort = -1;
+ protected int udpPort = -1;
+
+ protected TestKdcServer kdcServer;
+ protected KrbClient krbClnt;
+
+ protected boolean allowUdp() {
+ return true;
+ }
+
+ @Before
+ public void setUp() throws Exception {
+ tcpPort = getServerPort();
+
+ if (allowUdp()) {
+ udpPort = getServerPort();
+ }
+
+ setUpKdcServer();
+ setUpClient();
+ createPrincipals();
+ }
+
+ protected void setUpKdcServer() throws Exception {
+ kdcServer = new TestKdcServer();
+ kdcServer.setKdcHost(hostname);
+ if (tcpPort > 0) {
+ kdcServer.setKdcTcpPort(tcpPort);
+ }
+ kdcServer.setAllowUdp(allowUdp());
+ if (udpPort > 0) {
+ kdcServer.setKdcUdpPort(udpPort);
+ }
+
+ kdcServer.init();
+
+ kdcRealm = kdcServer.getKdcRealm();
+ clientPrincipal = "drankye@" + kdcRealm;
+
+ serverPrincipal = "test-service/localhost@" + kdcRealm;
+ }
+
+ protected void setUpClient() throws Exception {
+ krbClnt = new KrbClient();
+
+ krbClnt.setKdcHost(hostname);
+ if (tcpPort > 0) {
+ krbClnt.setKdcTcpPort(tcpPort);
+ }
+ krbClnt.setAllowUdp(allowUdp());
+ if (udpPort > 0) {
+ krbClnt.setKdcUdpPort(udpPort);
+ }
+
+ krbClnt.setTimeout(5);
+ krbClnt.setKdcRealm(kdcServer.getKdcRealm());
+ }
+
+ protected void createPrincipals() {
+ kdcServer.createKrbtgtPrincipal();
+ kdcServer.createPrincipals(serverPrincipal);
+ }
+
+ /**
+ * Get a server socket point for testing usage, either TCP or UDP.
+ * @return server socket point
+ */
+ private static int getServerPort() {
+ int serverPort = 0;
+
+ try {
+ ServerSocket serverSocket = new ServerSocket(0);
+ serverPort = serverSocket.getLocalPort();
+ serverSocket.close();
+ } catch (IOException e) {
+ throw new RuntimeException("Failed to get a server socket point");
+ }
+
+ return serverPort;
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ kdcServer.stop();
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
new file mode 100644
index 0000000..1374c97
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
@@ -0,0 +1,117 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
+import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
+import org.apache.kerby.kerberos.kerb.identity.backend.IdentityBackend;
+import org.apache.kerby.kerberos.kerb.keytab.Keytab;
+import org.apache.kerby.kerberos.kerb.keytab.KeytabEntry;
+import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
+import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.spec.base.EncryptionType;
+import org.apache.kerby.kerberos.kerb.spec.base.PrincipalName;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.List;
+import java.util.UUID;
+
+public class TestKdcServer extends SimpleKdcServer {
+
+ /**
+ * Prepare KDC configuration for the test.
+ */
+ protected void prepareKdcConfig() {
+ KdcConfig kdcConfig = getKdcConfig();
+
+ kdcConfig.setString(KdcConfigKey.KDC_HOST, "localhost");
+ kdcConfig.setInt(KdcConfigKey.KDC_TCP_PORT, 8018);
+ kdcConfig.setString(KdcConfigKey.KDC_DOMAIN, "test.com");
+ kdcConfig.setString(KdcConfigKey.KDC_REALM, "TEST.COM");
+ }
+
+ @Override
+ public void init() {
+ super.init();
+
+ prepareKdcConfig();
+ }
+
+ public void createKrbtgtPrincipal() {
+ createPrincipals("krbtgt");
+ }
+
+ public String getKdcRealm() {
+ return getKdcConfig().getKdcRealm();
+ }
+
+ public synchronized void createPrincipal(String principal, String password) {
+ KrbIdentity identity = new KrbIdentity(principal);
+ List<EncryptionType> encTypes = getKdcConfig().getEncryptionTypes();
+ List<EncryptionKey> encKeys = null;
+ try {
+ encKeys = EncryptionUtil.generateKeys(fixPrincipal(principal), password, encTypes);
+ } catch (KrbException e) {
+ throw new RuntimeException("Failed to generate encryption keys", e);
+ }
+ identity.addKeys(encKeys);
+ getIdentityService().addIdentity(identity);
+ }
+
+ public void setBackend(IdentityBackend backend) {
+ super.setBackend(backend);
+ }
+
+
+ public void createPrincipals(String ... principals) {
+ String passwd;
+ for (String principal : principals) {
+ passwd = UUID.randomUUID().toString();
+ createPrincipal(fixPrincipal(principal), passwd);
+ }
+ }
+
+ private String fixPrincipal(String principal) {
+ if (! principal.contains("@")) {
+ principal += "@" + getKdcRealm();
+ }
+ return principal;
+ }
+
+ public void exportPrincipals(File keytabFile) throws IOException {
+ Keytab keytab = new Keytab();
+
+ List<String> principals = getIdentityService().getIdentities(-1, -1);
+ for (String pn : principals) {
+ KrbIdentity identity = getIdentityService().getIdentity(pn);
+ PrincipalName principal = identity.getPrincipal();
+ KerberosTime timestamp = new KerberosTime();
+ for (EncryptionType encType : identity.getKeys().keySet()) {
+ EncryptionKey ekey = identity.getKeys().get(encType);
+ int keyVersion = ekey.getKvno();
+ keytab.addEntry(new KeytabEntry(principal, timestamp, keyVersion, ekey));
+ }
+ }
+
+ keytab.store(keytabFile);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/resources/cacert.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/cacert.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/cacert.pem
deleted file mode 100644
index 6b91561..0000000
--- a/kerby-kerb/kerb-kdc-test/src/main/resources/cacert.pem
+++ /dev/null
@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIID6zCCAtOgAwIBAgIJAMrZoeDxTzwWMA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
-VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
-DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
-YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
-MzEzMjdaFw0yNDA1MTAxMzEzMjdaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
-c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
-A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
-a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMCznJJ02ZUjCPvAwnBmfPs0akb5QRc/NKu8kCtAPWzgHS2JPTQfJhkDbTAD
-eIlg8IeJpOdrYnzdaBCzgxqjSkls+vxjYotOU0Zbrpy2bj0lRDqdYbNsiuConKgT
-MeuDEd/4ZI0X9NWLAi06Iv1F4mHXf36c6uqiUWTtXiofogrFUoTRwACKR2qeC95X
-Py+FDmpS9lz0mo0vDWjetLQC2IBngjjPFdR16n87QDIWfRBkk66rn7rEA6Li66b/
-cToajMSA/n+2Ud1mntSY4RdDdd0TBtAq9RrXtUOfzGaE7S6t+FtYyEprvT4FdOTU
-uyYgSNaI9ANVP1zhQ9LACKuudOECAwEAAaNQME4wHQYDVR0OBBYEFD91SVOejfwx
-u33+5N0TdYbHJbgAMB8GA1UdIwQYMBaAFD91SVOejfwxu33+5N0TdYbHJbgAMAwG
-A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADsONtUqGNBPBXnRowcJwv+Y
-F1Vea+4dkBwYbhkiO6H5XMKr+waOnOD2eAvgP4aeYg/a0xOzzETRD9wi1Z1P1ZMy
-d/NzHQjj4egPENwDv1PH2voZgsXXzXIqUMOtz9t12TuJUrSA2SBW1tz/evckHhNY
-fHg4ThvTIgwEdV/yvrOEBLV9dXG5IhhF+NW1MegTGkt4SpOoH1pi3o9VekVRnix9
-xrIdaC4Ee6vQaR603HwDS9Y+a1c2KU7QoLX8Vaa904cQ+rxhGsTAkocnZXeo6Hl5
-V8BlDYXxeP86fzcWi04ll2BmEEw/RimHEOLpGqxTVHJ5p5BVSCHP8aCD0VJheaU=
------END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/resources/cakey.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/cakey.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/cakey.pem
deleted file mode 100644
index 66dc806..0000000
--- a/kerby-kerb/kerb-kdc-test/src/main/resources/cakey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAwLOcknTZlSMI+8DCcGZ8+zRqRvlBFz80q7yQK0A9bOAdLYk9
-NB8mGQNtMAN4iWDwh4mk52tifN1oELODGqNKSWz6/GNii05TRluunLZuPSVEOp1h
-s2yK4KicqBMx64MR3/hkjRf01YsCLToi/UXiYdd/fpzq6qJRZO1eKh+iCsVShNHA
-AIpHap4L3lc/L4UOalL2XPSajS8NaN60tALYgGeCOM8V1HXqfztAMhZ9EGSTrquf
-usQDouLrpv9xOhqMxID+f7ZR3Wae1JjhF0N13RMG0Cr1Gte1Q5/MZoTtLq34W1jI
-Smu9PgV05NS7JiBI1oj0A1U/XOFD0sAIq6504QIDAQABAoIBAHqFeMax3unxBbQ0
-Aiy/LTX3RJ9tuZITUOTklnG5fZStBkA+oxhxuaJryE+f1VLbvPMgdCXj5BHqIFGG
-IZSdQA1hak9wzWYvXck9X88qOvtLp47xI/6Vw9NFwZ0n3zST+JiD8UK4eaYQpUim
-Tzrj5SU6hEi3crHOlJvsRFPaGwhnA9wycoOo4o22XBj3C8Hwzi4vWcKXH/RCSwZQ
-zFuYbe77Pn9Sv5q5zdglkmm7wngoVt/aKQke/Vk+Eincx1V12b05DNLjugo6FWQh
-0f2MmHpvqNSHs9USC5+y2lKQ1JNHh7mnpPCXkZEH4V7q+3mKVzl9tXzj9Gul20pw
-tneD6WUCgYEA9QUrQoWHKeVMjeukHjDJa2KjRLMmg9YRQyVABH9+nQTp1jYUjMRA
-GUoUx91gG6gjjJD/xvor/U0Fh3vKtZE93c+avrcaYDwf3q/L4gh+3b87lVDfzjrp
-L+MPTpEzWiyyLfr/kLA0TgUjnrj9bav5uDps8mJpNf8s9ZP1/QDhF5sCgYEAyVZA
-pHSIyBI2GT0+92JXvYDK/ZfV5m4RGHaG/PMDoU4IbGbjHVyzzsyzDUgvOASXwfF8
-YzwX7Tf95RZw12P/Jepxt0vqBJPKUCsMLUrmANQvN1Pz8+Vk6UADLM7kNc06MqB9
-/U3GKCFZZuedEhbgXnEV9gzelhILImJGZMxG0zMCgYApymnofLHjGXMHOcvSQmv4
-XuiODShikB59n1rd6YkE6xOfL7YtlEOCjLoipMWBshnuHcUigQUDvSFWTGz0rwMo
-VAKGyOA8zcR5zO4vbVeGJtnYy+SAXlfrjQTNV8K0fK8fXJI+cW9aZ1H9/ntrO0vq
-ejye0t4zEYTvlf782iuKRQKBgQCnTQ7mGRfX+JoPmv8JniR+idkjpNnPYsK96y/8
-XQs1LJx/R3eN3IxlWV+nt8XU7KwWMs5Dv5m6Ov61MFKQCL3qCch4oZJSP2Sr/Tlf
-IY/CPI8HkLF0h7e0wsZgo4Kq2mBz1T0cEVaJ3jxl8Cxq7at/jsTK8qK7XT73UWZh
-OAXaVQKBgDmg2QTX7c0/dbDMOuw18g3xfE/oqU+VWT784wtvpcdjHR+KAVLWHG8l
-oc/bm8Bs0o0f5dfH7uUvWdP6JMvbgYZBgIMqw+iH8P2lFCLzIRf0me/l+r0Oi64U
-5jp9K+7Ggc7S0SSnCLmBLMN5lXQZbhzks1La7DZmFeAz8rOEnlUB
------END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/resources/extensions.kdc
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/extensions.kdc b/kerby-kerb/kerb-kdc-test/src/main/resources/extensions.kdc
deleted file mode 100644
index 8052f71..0000000
--- a/kerby-kerb/kerb-kdc-test/src/main/resources/extensions.kdc
+++ /dev/null
@@ -1,36 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-[kdc_cert]
-basicConstraints=CA:FALSE
-keyUsage=nonRepudiation,digitalSignature,keyEncipherment,keyAgreement
-extendedKeyUsage=1.3.6.1.5.2.3.5
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-issuerAltName=issuer:copy
-subjectAltName=otherName:1.3.6.1.5.2.2;SEQUENCE:kdc_princ_name
-
-[kdc_princ_name]
-realm=EXP:0,GeneralString:${ENV::REALM}
-principal_name=EXP:1,SEQUENCE:kdc_principal_seq
-
-[kdc_principal_seq]
-name_type=EXP:0,INTEGER:1
-name_string=EXP:1,SEQUENCE:kdc_principals
-
-[kdc_principals]
-princ1=GeneralString:krbtgt
-princ2=GeneralString:${ENV::REALM}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf b/kerby-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf
deleted file mode 100644
index d118dd1..0000000
--- a/kerby-kerb/kerb-kdc-test/src/main/resources/kdc-krb5.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-[libdefaults]
- default_realm = {0}
- udp_preference_limit = 1
-
-[realms]
- {0} = '{'
- kdc = {1}:{2}
- '}'
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff b/kerby-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff
deleted file mode 100644
index bc989c3..0000000
--- a/kerby-kerb/kerb-kdc-test/src/main/resources/kdc.ldiff
+++ /dev/null
@@ -1,46 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-dn: ou=users,dc=${0},dc=${1}
-objectClass: organizationalUnit
-objectClass: top
-ou: users
-
-dn: uid=krbtgt,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: KDC Service
-sn: Service
-uid: krbtgt
-userPassword: secret
-krb5PrincipalName: krbtgt/${2}.${3}@${2}.${3}
-krb5KeyVersionNumber: 0
-
-dn: uid=ldap,ou=users,dc=${0},dc=${1}
-objectClass: top
-objectClass: person
-objectClass: inetOrgPerson
-objectClass: krb5principal
-objectClass: krb5kdcentry
-cn: LDAP
-sn: Service
-uid: ldap
-userPassword: secret
-krb5PrincipalName: ldap/${4}@${2}.${3}
-krb5KeyVersionNumber: 0
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/resources/kdccert.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/kdccert.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/kdccert.pem
deleted file mode 100644
index 67e538c..0000000
--- a/kerby-kerb/kerb-kdc-test/src/main/resources/kdccert.pem
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
-VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
-DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
-YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
-MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
-c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
-A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
-a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
-fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
-quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
-nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
-EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
-JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
-DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
-Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
-HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
-ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
-AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
-YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
-txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
-R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
-FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
-5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
------END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/resources/kdckey.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/kdckey.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/kdckey.pem
deleted file mode 100644
index c9e75e2..0000000
--- a/kerby-kerb/kerb-kdc-test/src/main/resources/kdckey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
-8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
-2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
-GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
-fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
-DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
-QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
-6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
-bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
-5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
-8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
-XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
-kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
-Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
-P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
-KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
-qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
-7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
-UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
-n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
-5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
-AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
-KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
-9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
-7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
------END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/resources/usercert.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/usercert.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/usercert.pem
deleted file mode 100644
index 67e538c..0000000
--- a/kerby-kerb/kerb-kdc-test/src/main/resources/usercert.pem
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEYjCCA0qgAwIBAgIJAL2ZFUkXCgK2MA0GCSqGSIb3DQEBBQUAMIGLMQswCQYD
-VQQGEwJjaDERMA8GA1UECAwIc2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4w
-DAYDVQQKDAVpbnRlbDEQMA4GA1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0
-YTEiMCAGCSqGSIb3DQEJARYTa2FpLnpoZW5nQGludGVsLmNvbTAeFw0xNDA1MTMx
-MzI3MjFaFw0xNTA1MTMxMzI3MjFaMIGLMQswCQYDVQQGEwJjaDERMA8GA1UECAwI
-c2hhbmdoYWkxETAPBgNVBAcMCHNoYW5naGFpMQ4wDAYDVQQKDAVpbnRlbDEQMA4G
-A1UECwwHYmlnZGF0YTEQMA4GA1UEAwwHYmlnZGF0YTEiMCAGCSqGSIb3DQEJARYT
-a2FpLnpoZW5nQGludGVsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMs0jF1fi5AVMunQ/jpxgSjRlpmVQyT//LrwBmyI77C+hCD4z/InoG4q2tl5
-fAH+2n7HHgon4E0QXyRxAz0+Ugun7qHW9oT2pnxoc1l8seyGNMK9adsxLpCv7RXK
-quqLcj34UQCzRDKxgkH5UBwxGY0kId0W1MqPh1LZRZIk1hakREC4DBj+slnDkN0s
-nh8pC/8q/hTPJ9QrqWT6oc1FjMVKz3FxFbxXELYxg4M6SXnzGzdWa3xSe4Ou0QO2
-EwncQUoo8N6plOKX5lncDhC2usT//AZHvKdcVmOwX0ByxZqGQIXk7g1kbsbG5m45
-JMjt/HnOQcfg88iSLKJZu+ODw00CAwEAAaOBxjCBwzAJBgNVHRMEAjAAMAsGA1Ud
-DwQEAwID6DASBgNVHSUECzAJBgcrBgEFAgMFMB0GA1UdDgQWBBS8Bmb9kTUkw61e
-Is+9KDV5U6JjyjAfBgNVHSMEGDAWgBQ/dUlTno38Mbt9/uTdE3WGxyW4ADAJBgNV
-HRIEAjAAMEoGA1UdEQRDMEGgPwYGKwYBBQICoDUwM6AOGwxTSC5JTlRFTC5DT02h
-ITAfoAMCAQGhGDAWGwZrcmJ0Z3QbDFNILklOVEVMLkNPTTANBgkqhkiG9w0BAQUF
-AAOCAQEAS/I0zH9ByFcXTF56I5aPmPdzYKpIpFF6Kkwyw0M2EuIcTcpDl74/xmq9
-YPHS6TSDAt3wHzs9JQlSWah04L0R+IgHVacLRgdXfTWqglFFH/pve3p49WCrYmWz
-txQeRV5dxzaE3oTdDq15DRkUJmt0GIk1x6ehrGZOpIL8oTFmVmnR7EgrKWlIMYCs
-R/GkEuCH15wadom/Hw5Db1KLPEjxCdwy947guOh4SO0fcW3h55V3troS/46TbVFF
-FvNSqGD+19/QM/MhLIy5OnTxOio8M9zp+yfDlzLnpbMi0ZO6tLvB4XhjvP0as34c
-5vCA/8HPfaearSyAYi2Ir9vT3O9J/w==
------END CERTIFICATE-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/main/resources/userkey.pem
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/resources/userkey.pem b/kerby-kerb/kerb-kdc-test/src/main/resources/userkey.pem
deleted file mode 100644
index c9e75e2..0000000
--- a/kerby-kerb/kerb-kdc-test/src/main/resources/userkey.pem
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAyzSMXV+LkBUy6dD+OnGBKNGWmZVDJP/8uvAGbIjvsL6EIPjP
-8iegbira2Xl8Af7afsceCifgTRBfJHEDPT5SC6fuodb2hPamfGhzWXyx7IY0wr1p
-2zEukK/tFcqq6otyPfhRALNEMrGCQflQHDEZjSQh3RbUyo+HUtlFkiTWFqREQLgM
-GP6yWcOQ3SyeHykL/yr+FM8n1CupZPqhzUWMxUrPcXEVvFcQtjGDgzpJefMbN1Zr
-fFJ7g67RA7YTCdxBSijw3qmU4pfmWdwOELa6xP/8Bke8p1xWY7BfQHLFmoZAheTu
-DWRuxsbmbjkkyO38ec5Bx+DzyJIsolm744PDTQIDAQABAoIBAQC4Byb3iQgDvK8X
-QcZ7dz/Zj7Yr8RmV8J8ZTTcEJB+umVtf4PWyAGEyZG0+dt7vj7ahCgMSf3qLUEBZ
-6F9en4n+NF/RAbTQRfAQyydr65nW8tPlaVTsxWW+cxTrn1eagh88MB5r2+3vWwL0
-bK04Wt8hC4//giXELKgJR+vRprqcVRgy11nYaTP59IDdg4YscbHfc/LYa7ABQ1G5
-5NKtjMy13UvtD/4C3TS1NpL2xtzAgQRe3XFDIyOmv476Ts1boqSHBFX+MXmLBAfi
-8Qhaj1DO8A0HS/c4egcL6esCe4kcgtCuq66n8JzOlVbCDGOYIUkUyQ9Nfo31M5i5
-XhqF9CsBAoGBAP7PqkncLAvyjHQKPpDyWCBtkV7z+DWRZRPz4w8tit+TiAv6hRF7
-kK+NUhP1mBuS4duyEV58B8LWOR0ir7ftbL0/unxR1XWMOvTEHr/9lG1sKZoI0dJS
-Ee+VvuVFwdm/ABxfnveGCRrSHY7GAvFln3gC1Cst3NPPKbpznb3FiH/JAoGBAMwn
-P1Labt/OuzB70Vxve3TCeFA6jYzcYdA3riv1V0FIWoNgcQ742b0+6HDpEQgn4Rdb
-KiKz8hSplM1nx8NyWwS9r7gRQ9HIc0qC5S4A0A9QEbdKrkUiQDlwHgdDKPPCWih9
-qH05etiQ044BtOq7uXsWYqiIomOW/XyDUEhbRRFlAoGALmVnj01Mo9xFILfgzomh
-7D2nE4/+qNpRekGVHWVgfPci9XNnGVjTbnOf90xnptWm1Fbm/Lo+u4ZAHgL71dSg
-UREyhoJsCJxA++Jd6v1kMkxYgtiKQ+53n5U3jg2Wj2xMu93ZVx6Lt9t8UEvTq1qi
-n7p8IWSXaeW1pmJ43V4DTakCgYAFcSpj+ASqnKUqxrIvB52/4As7AESTs7A7z7Ap
-5dFcoSQgimqZHpMXU1z43Y2hrQZ4C+sUn71dRaP80b5mfF7mwnOzsWogZnqESvb3
-AfiJ3/WI8Emy+BXEMjPqt6SY0t56Y9cg925J5ZpuF6eN9lEccd1RZssFYpoBPrLe
-KuitbQKBgQC3DNejUqol2max6rf4h/GnwLE2BOTmFLnswexlw76p/63Jo1SaVpk7
-9nAltsqNCl4L/eAJ8hJdeTE5YVjYsgAVJrXZbiRfxHBMeHj9g0d1VafGqdomKf0R
-7Qytlcvsw8jn96ckEMPPLJF0bX5cu9S6lMyEbb6Ih41P13uvgP6ufg==
------END RSA PRIVATE KEY-----
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/JsonBackendKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/JsonBackendKdcTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/JsonBackendKdcTest.java
deleted file mode 100644
index 87016ee..0000000
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/JsonBackendKdcTest.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.server;
-
-import org.apache.kerby.config.Conf;
-import org.apache.kerby.config.Config;
-import org.apache.kerby.kerberos.kdc.identitybackend.JsonIdentityBackend;
-import org.apache.kerby.kerberos.kerb.identity.backend.IdentityBackend;
-import org.junit.Test;
-
-import java.io.File;
-
-public class JsonBackendKdcTest extends KdcTest{
-
- @Override
- protected void setUpKdcServer() throws Exception {
- super.setUpKdcServer();
-
- File testDir = new File(System.getProperty("test.dir", "target"));
- String jsonBackendFileString = new File(testDir, "json-identity-backend-file").getAbsolutePath();
-
- Config backendConfig = new Conf();
- backendConfig.setString(JsonIdentityBackend.JSON_IDENTITY_BACKEND_FILE, jsonBackendFileString);
-
- IdentityBackend backend = new JsonIdentityBackend(backendConfig);
- backend.initialize();
-
- kdcServer.setBackend(backend);
- }
-
- @Test
- public void testKdc() throws Exception {
- performKdcTest();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
deleted file mode 100644
index a4c6235..0000000
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.server;
-
-import org.apache.kerby.kerberos.kerb.client.KrbClient;
-import org.junit.After;
-import org.junit.Before;
-
-import java.io.IOException;
-import java.net.ServerSocket;
-
-public abstract class KdcTestBase {
-
- protected String kdcRealm;
- protected String clientPrincipal;
- protected String serverPrincipal;
-
- protected String hostname = "localhost";
- protected int tcpPort = -1;
- protected int udpPort = -1;
-
- protected TestKdcServer kdcServer;
- protected KrbClient krbClnt;
-
- protected boolean allowUdp() {
- return true;
- }
-
- @Before
- public void setUp() throws Exception {
- tcpPort = getServerPort();
-
- if (allowUdp()) {
- udpPort = getServerPort();
- }
-
- setUpKdcServer();
- setUpClient();
- createPrincipals();
- }
-
- protected void setUpKdcServer() throws Exception {
- kdcServer = new TestKdcServer();
- kdcServer.setKdcHost(hostname);
- if (tcpPort > 0) {
- kdcServer.setKdcTcpPort(tcpPort);
- }
- kdcServer.setAllowUdp(allowUdp());
- if (udpPort > 0) {
- kdcServer.setKdcUdpPort(udpPort);
- }
-
- kdcServer.init();
-
- kdcRealm = kdcServer.getKdcRealm();
- clientPrincipal = "drankye@" + kdcRealm;
-
- serverPrincipal = "test-service/localhost@" + kdcRealm;
- }
-
- protected void setUpClient() throws Exception {
- krbClnt = new KrbClient();
-
- krbClnt.setKdcHost(hostname);
- if (tcpPort > 0) {
- krbClnt.setKdcTcpPort(tcpPort);
- }
- krbClnt.setAllowUdp(allowUdp());
- if (udpPort > 0) {
- krbClnt.setKdcUdpPort(udpPort);
- }
-
- krbClnt.setTimeout(5);
- krbClnt.setKdcRealm(kdcServer.getKdcRealm());
- }
-
- protected void createPrincipals() {
- kdcServer.createKrbtgtPrincipal();
- kdcServer.createPrincipals(serverPrincipal);
- }
-
- /**
- * Get a server socket point for testing usage, either TCP or UDP.
- * @return server socket point
- */
- private static int getServerPort() {
- int serverPort = 0;
-
- try {
- ServerSocket serverSocket = new ServerSocket(0);
- serverPort = serverSocket.getLocalPort();
- serverSocket.close();
- } catch (IOException e) {
- throw new RuntimeException("Failed to get a server socket point");
- }
-
- return serverPort;
- }
-
- @After
- public void tearDown() throws Exception {
- kdcServer.stop();
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/c59056a8/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
deleted file mode 100644
index 1374c97..0000000
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
+++ /dev/null
@@ -1,117 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.kerby.kerberos.kerb.server;
-
-import org.apache.kerby.kerberos.kerb.KrbException;
-import org.apache.kerby.kerberos.kerb.common.EncryptionUtil;
-import org.apache.kerby.kerberos.kerb.identity.KrbIdentity;
-import org.apache.kerby.kerberos.kerb.identity.backend.IdentityBackend;
-import org.apache.kerby.kerberos.kerb.keytab.Keytab;
-import org.apache.kerby.kerberos.kerb.keytab.KeytabEntry;
-import org.apache.kerby.kerberos.kerb.spec.KerberosTime;
-import org.apache.kerby.kerberos.kerb.spec.base.EncryptionKey;
-import org.apache.kerby.kerberos.kerb.spec.base.EncryptionType;
-import org.apache.kerby.kerberos.kerb.spec.base.PrincipalName;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.List;
-import java.util.UUID;
-
-public class TestKdcServer extends SimpleKdcServer {
-
- /**
- * Prepare KDC configuration for the test.
- */
- protected void prepareKdcConfig() {
- KdcConfig kdcConfig = getKdcConfig();
-
- kdcConfig.setString(KdcConfigKey.KDC_HOST, "localhost");
- kdcConfig.setInt(KdcConfigKey.KDC_TCP_PORT, 8018);
- kdcConfig.setString(KdcConfigKey.KDC_DOMAIN, "test.com");
- kdcConfig.setString(KdcConfigKey.KDC_REALM, "TEST.COM");
- }
-
- @Override
- public void init() {
- super.init();
-
- prepareKdcConfig();
- }
-
- public void createKrbtgtPrincipal() {
- createPrincipals("krbtgt");
- }
-
- public String getKdcRealm() {
- return getKdcConfig().getKdcRealm();
- }
-
- public synchronized void createPrincipal(String principal, String password) {
- KrbIdentity identity = new KrbIdentity(principal);
- List<EncryptionType> encTypes = getKdcConfig().getEncryptionTypes();
- List<EncryptionKey> encKeys = null;
- try {
- encKeys = EncryptionUtil.generateKeys(fixPrincipal(principal), password, encTypes);
- } catch (KrbException e) {
- throw new RuntimeException("Failed to generate encryption keys", e);
- }
- identity.addKeys(encKeys);
- getIdentityService().addIdentity(identity);
- }
-
- public void setBackend(IdentityBackend backend) {
- super.setBackend(backend);
- }
-
-
- public void createPrincipals(String ... principals) {
- String passwd;
- for (String principal : principals) {
- passwd = UUID.randomUUID().toString();
- createPrincipal(fixPrincipal(principal), passwd);
- }
- }
-
- private String fixPrincipal(String principal) {
- if (! principal.contains("@")) {
- principal += "@" + getKdcRealm();
- }
- return principal;
- }
-
- public void exportPrincipals(File keytabFile) throws IOException {
- Keytab keytab = new Keytab();
-
- List<String> principals = getIdentityService().getIdentities(-1, -1);
- for (String pn : principals) {
- KrbIdentity identity = getIdentityService().getIdentity(pn);
- PrincipalName principal = identity.getPrincipal();
- KerberosTime timestamp = new KerberosTime();
- for (EncryptionType encType : identity.getKeys().keySet()) {
- EncryptionKey ekey = identity.getKeys().get(encType);
- int keyVersion = ekey.getKvno();
- keytab.addEntry(new KeytabEntry(principal, timestamp, keyVersion, ekey));
- }
- }
-
- keytab.store(keytabFile);
- }
-}
\ No newline at end of file