You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by dr...@apache.org on 2015/07/06 09:15:55 UTC
[1/3] directory-kerby git commit: DIRKRB-320 Added SASL test using
real application client and server; and also added some test scripts
Repository: directory-kerby
Updated Branches:
refs/heads/master 74a4f7236 -> a5efcfba6
DIRKRB-320 Added SASL test using real application client and server; and also added some test scripts
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/e29e1d49
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/e29e1d49
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/e29e1d49
Branch: refs/heads/master
Commit: e29e1d4971610c4c022c85340d046a3a3c7adae6
Parents: 1ca7154
Author: drankye <ka...@intel.com>
Authored: Sun Jul 5 07:10:58 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Sun Jul 5 07:10:58 2015 +0800
----------------------------------------------------------------------
kerby-kerb/integration-test/run/login.conf | 20 ++++
kerby-kerb/integration-test/run/rungssclient.sh | 6 +
kerby-kerb/integration-test/run/rungssserver.sh | 5 +
.../integration-test/run/runsaslclient.sh | 7 ++
.../integration-test/run/runsaslserver.sh | 6 +
.../integration/test/sasl/SaslAppClient.java | 85 ++++++++++++++
.../integration/test/sasl/SaslAppServer.java | 117 +++++++++++++++++++
.../kerberos/kerb/integration/test/AppTest.java | 2 -
.../kerb/integration/test/SaslAppTest.java | 51 ++++++++
9 files changed, 297 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e29e1d49/kerby-kerb/integration-test/run/login.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/run/login.conf b/kerby-kerb/integration-test/run/login.conf
new file mode 100644
index 0000000..33bda06
--- /dev/null
+++ b/kerby-kerb/integration-test/run/login.conf
@@ -0,0 +1,20 @@
+/**
+ * Login Configuration for JAAS.
+ */
+
+com.sun.security.jgss.initiate {
+ kerb.token.login.Krb5TokenAuthnLoginModule required
+ debug=true
+ principal="drankye@SH.INTEL.COM"
+ useTicketCache=true
+ doNotPrompt=false;
+};
+
+com.sun.security.jgss.accept {
+ com.sun.security.auth.module.Krb5LoginModule required
+ useTicketCache=false
+ useKeyTab=true
+ principal="myservice/zkdesk.sh.intel.com@SH.INTEL.COM"
+ keyTab="/tmp/myservice.keytab"
+ doNotPrompt=false;
+};
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e29e1d49/kerby-kerb/integration-test/run/rungssclient.sh
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/run/rungssclient.sh b/kerby-kerb/integration-test/run/rungssclient.sh
new file mode 100644
index 0000000..5d4be93
--- /dev/null
+++ b/kerby-kerb/integration-test/run/rungssclient.sh
@@ -0,0 +1,6 @@
+java -Djava.security.krb5.realm=SH.INTEL.COM \
+ -Djava.security.krb5.kdc=zkdev.sh.intel.com \
+ -Djavax.security.auth.useSubjectCredsOnly=false \
+ -Djava.security.auth.login.config=login.conf \
+ SampleClient myservice/zkdev.sh.intel.com@SH.INTEL.COM \
+ zkdev.sh.intel.com 8080
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e29e1d49/kerby-kerb/integration-test/run/rungssserver.sh
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/run/rungssserver.sh b/kerby-kerb/integration-test/run/rungssserver.sh
new file mode 100644
index 0000000..6c5bd55
--- /dev/null
+++ b/kerby-kerb/integration-test/run/rungssserver.sh
@@ -0,0 +1,5 @@
+java -Djava.security.krb5.realm=SH.INTEL.COM \
+ -Djava.security.krb5.kdc=zkdev.sh.intel.com \
+ -Djavax.security.auth.useSubjectCredsOnly=false \
+ -Djava.security.auth.login.config=login.conf \
+ SampleServer 8080
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e29e1d49/kerby-kerb/integration-test/run/runsaslclient.sh
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/run/runsaslclient.sh b/kerby-kerb/integration-test/run/runsaslclient.sh
new file mode 100644
index 0000000..d23d513
--- /dev/null
+++ b/kerby-kerb/integration-test/run/runsaslclient.sh
@@ -0,0 +1,7 @@
+java -Djava.security.krb5.realm=SH.INTEL.COM \
+ -Djava.security.krb5.kdc=zkdesk.sh.intel.com \
+ -Djavax.security.auth.useSubjectCredsOnly=false \
+ -Djava.security.auth.login.config=login.conf \
+ security.samples.sasl.SaslSampleClient \
+ zkdesk.sh.intel.com 8080 \
+ myservice zkdesk.sh.intel.com
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e29e1d49/kerby-kerb/integration-test/run/runsaslserver.sh
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/run/runsaslserver.sh b/kerby-kerb/integration-test/run/runsaslserver.sh
new file mode 100644
index 0000000..77f003e
--- /dev/null
+++ b/kerby-kerb/integration-test/run/runsaslserver.sh
@@ -0,0 +1,6 @@
+java -Djava.security.krb5.realm=SH.INTEL.COM \
+ -Djava.security.krb5.kdc=zkdesk.sh.intel.com \
+ -Djavax.security.auth.useSubjectCredsOnly=false \
+ -Djava.security.auth.login.config=login.conf \
+ token.samples.sasl.TokenSaslSampleServer \
+ 8080 myservice zkdesk.sh.intel.com
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e29e1d49/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppClient.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppClient.java b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppClient.java
new file mode 100644
index 0000000..07ec6ab
--- /dev/null
+++ b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppClient.java
@@ -0,0 +1,85 @@
+package org.apache.kerby.kerberos.kerb.integration.test.sasl;
+
+import org.apache.kerby.kerberos.kerb.integration.test.AppClient;
+import org.apache.kerby.kerberos.kerb.integration.test.Transport;
+
+import javax.security.sasl.Sasl;
+import javax.security.sasl.SaslClient;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+public class SaslAppClient extends AppClient {
+ private SaslClient saslClient;
+
+ @Override
+ protected void usage(String[] args) {
+ if (args.length < 4) {
+ System.err.println("Usage: SaslAppClient "
+ + "<server-host> <server-port> <service-protocol> <server-fqdn>");
+ System.exit(-1);
+ }
+ }
+
+ public SaslAppClient(String[] args) throws Exception {
+ super(args);
+
+ String protocol = args[2];
+ String serverFqdn = args[3];
+ Map<String, String> props = new HashMap<String, String>();
+ props.put(Sasl.QOP, "auth");
+
+ this.saslClient = Sasl.createSaslClient(new String[]{"GSSAPI"}, null,
+ protocol, serverFqdn, props, null);
+ }
+
+ @Override
+ protected void withConnection(Transport.Connection conn) throws Exception {
+ byte[] token = saslClient.hasInitialResponse() ? new byte[0] : null;
+ token = saslClient.evaluateChallenge(token);
+ conn.sendMessage("CONT", token);
+
+ Transport.Message msg = conn.recvMessage();
+ while (!saslClient.isComplete() && (isContinue(msg) || isOK(msg))) {
+ byte[] respToken = saslClient.evaluateChallenge(msg.body);
+
+ if (isOK(msg)) {
+ if (respToken != null) {
+ throw new IOException("Attempting to send response after completion");
+ }
+ break;
+ } else {
+ conn.sendMessage("CONT", respToken);
+ msg = conn.recvMessage();
+ }
+ }
+
+ System.out.println("Context Established! ");
+
+ token = "Hello There!\0".getBytes();
+ System.out.println("Will send wrap token of size " + token.length);
+
+ conn.sendToken(token);
+ setTestOK(true);
+
+ saslClient.dispose();
+ }
+
+ private boolean isOK(Transport.Message msg) {
+ if (msg.header != null) {
+ return new String(msg.header).equals("OK");
+ }
+ return false;
+ }
+
+ private boolean isContinue(Transport.Message msg) {
+ if (msg.header != null) {
+ return new String(msg.header).equals("CONT");
+ }
+ return false;
+ }
+
+ public static void main(String[] args) throws Exception {
+ new SaslAppClient(args).run();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e29e1d49/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppServer.java b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppServer.java
new file mode 100644
index 0000000..d54ad1f
--- /dev/null
+++ b/kerby-kerb/integration-test/src/main/java/org/apache/kerby/kerberos/kerb/integration/test/sasl/SaslAppServer.java
@@ -0,0 +1,117 @@
+package org.apache.kerby.kerberos.kerb.integration.test.sasl;
+
+import org.apache.kerby.kerberos.kerb.integration.test.AppServer;
+import org.apache.kerby.kerberos.kerb.integration.test.Transport;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.sasl.AuthorizeCallback;
+import javax.security.sasl.Sasl;
+import javax.security.sasl.SaslException;
+import javax.security.sasl.SaslServer;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+public class SaslAppServer extends AppServer {
+ private String mechanism;
+ private String serviceProtocol;
+ private String serverFqdn;
+
+ @Override
+ protected void usage(String[] args) {
+ if (args.length < 3) {
+ System.err.println("Usage: SaslAppServer "
+ + "<ListenPort> <service-protocol> <server-fqdn>");
+ System.exit(-1);
+ }
+ }
+
+ public SaslAppServer(String[] args) throws Exception {
+ super(args);
+
+ this.mechanism = "GSSAPI";
+ this.serviceProtocol = args[1];
+ this.serverFqdn = args[2];
+ }
+
+ @Override
+ protected void onConnection(Transport.Connection conn) throws Exception {
+ System.out.print("Starting negotiating security context");
+
+ //mechanism, protocol, serverId, saslProperties, callback
+ CallbackHandler callbackHandler = new SaslGssCallbackHandler();
+ Map<String, Object> props = new HashMap<String, Object>();
+ props.put(Sasl.QOP, "auth");
+
+ SaslServer ss = Sasl.createSaslServer(mechanism,
+ serviceProtocol, serverFqdn, props, callbackHandler);
+ Transport.Message msg = conn.recvMessage();
+ while (!ss.isComplete()) {
+ try {
+ byte[] respToken = ss.evaluateResponse(msg.body);
+ if (ss.isComplete()) {
+ conn.sendMessage("OK", respToken);
+ } else {
+ conn.sendMessage("CONT", respToken);
+ msg = conn.recvMessage();
+ }
+
+ } catch (SaslException e) {
+ conn.sendMessage("ERR", null);
+ ss.dispose();
+ break;
+ }
+ }
+
+ System.out.print("Context Established! ");
+
+ doWith(ss, props, conn);
+
+ ss.dispose();
+ }
+
+ protected void doWith(SaslServer ss, Map<String, Object> props,
+ Transport.Connection conn) throws IOException, Exception {
+ byte[] token = conn.recvToken();
+ String str = new String(token);
+ System.out.println("Received data \""
+ + str + "\" of length " + str.length());
+ }
+
+ public static class SaslGssCallbackHandler implements CallbackHandler {
+
+ @Override
+ public void handle(Callback[] callbacks) throws
+ UnsupportedCallbackException {
+ AuthorizeCallback ac = null;
+ for (Callback callback : callbacks) {
+ if (callback instanceof AuthorizeCallback) {
+ ac = (AuthorizeCallback) callback;
+ } else {
+ throw new UnsupportedCallbackException(callback,
+ "Unrecognized SASL GSSAPI Callback");
+ }
+ }
+ if (ac != null) {
+ String authid = ac.getAuthenticationID();
+ String authzid = ac.getAuthorizationID();
+ if (authid.equals(authzid)) {
+ ac.setAuthorized(true);
+ } else {
+ ac.setAuthorized(false);
+ }
+ if (ac.isAuthorized()) {
+ System.out.println("SASL server GSSAPI callback: setting "
+ + "canonicalized client ID: " + authzid);
+ ac.setAuthorizedID(authzid);
+ }
+ }
+ }
+ }
+
+ public static void main(String[] args) throws Exception {
+ new SaslAppServer(args).run();
+ }
+}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e29e1d49/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/AppTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/AppTest.java b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/AppTest.java
index 16e8fd2..0964598 100644
--- a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/AppTest.java
+++ b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/AppTest.java
@@ -40,8 +40,6 @@ public abstract class AppTest extends LoginTestBase {
serverPort = NetworkUtil.getServerPort();
setupAppServer();
-
- runAppClient();
}
protected int getServerPort() {
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/e29e1d49/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/SaslAppTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/SaslAppTest.java b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/SaslAppTest.java
new file mode 100644
index 0000000..508adec
--- /dev/null
+++ b/kerby-kerb/integration-test/src/test/java/org/apache/kerby/kerberos/kerb/integration/test/SaslAppTest.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.kerby.kerberos.kerb.integration.test;
+
+import org.apache.kerby.kerberos.kerb.integration.test.sasl.SaslAppClient;
+import org.apache.kerby.kerberos.kerb.integration.test.sasl.SaslAppServer;
+import org.junit.Test;
+
+public class SaslAppTest extends AppTest {
+
+ @Override
+ protected AppServer createAppServer() throws Exception {
+ return new SaslAppServer(new String[] {
+ String.valueOf(getServerPort()),
+ getServerPrincipalName(),
+ getHostname()
+ });
+ }
+
+ @Override
+ protected AppClient createAppClient() throws Exception {
+ return new SaslAppClient(new String[] {
+ getHostname(),
+ String.valueOf(getServerPort()),
+ getServerPrincipalName(),
+ getHostname()
+ });
+ }
+
+ @Test
+ public void test() throws Exception {
+ runAppClient();
+ }
+}
\ No newline at end of file
[2/3] directory-kerby git commit: Merge branch 'master' of
https://git-wip-us.apache.org/repos/asf/directory-kerby
Posted by dr...@apache.org.
Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/directory-kerby
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/826761a9
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/826761a9
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/826761a9
Branch: refs/heads/master
Commit: 826761a95e6c6b8e3d79230c139be92f8aca51cc
Parents: e29e1d4 74a4f72
Author: Drankye <dr...@gmail.com>
Authored: Mon Jul 6 07:28:02 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Mon Jul 6 07:28:02 2015 +0800
----------------------------------------------------------------------
docs/kerby-checkstyle.xml | 147 ++++++++++++++++++++
docs/kerby-formatting.xml | 295 +++++++++++++++++++++++++++++++++++++++++
pom.xml | 54 ++++++--
3 files changed, 484 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
[3/3] directory-kerby git commit: DIRKRB-343 Clean up some
configuration items unlikely to be used
Posted by dr...@apache.org.
DIRKRB-343 Clean up some configuration items unlikely to be used
Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/a5efcfba
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/a5efcfba
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/a5efcfba
Branch: refs/heads/master
Commit: a5efcfba6b6e0a75465ce21fb4528da8fc74a2de
Parents: 826761a
Author: drankye <ka...@intel.com>
Authored: Mon Jul 6 15:15:26 2015 +0800
Committer: Drankye <dr...@gmail.com>
Committed: Mon Jul 6 15:15:26 2015 +0800
----------------------------------------------------------------------
.../kerby/kerberos/kerb/client/KrbConfig.java | 14 --------------
.../kerby/kerberos/kerb/client/KrbConfigKey.java | 7 +------
.../kerberos/kerb/client/TestKrbConfigLoad.java | 12 +++---------
.../kerby/kerberos/kerb/server/KdcConfig.java | 16 ++--------------
.../kerby/kerberos/kerb/server/KdcConfigKey.java | 8 +-------
.../kerberos/kerb/server/TestKdcConfigLoad.java | 12 ------------
6 files changed, 7 insertions(+), 62 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a5efcfba/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
index 4bbfdfa..00669d2 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
@@ -184,18 +184,4 @@ public class KrbConfig extends Conf {
public List<EncryptionType> getDefaultTktEnctypes() {
return KrbConfHelper.getEncTypesUnderSection(this, KrbConfigKey.DEFAULT_TKT_ENCTYPES);
}
-
- public String getDefaultLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(this, KrbConfigKey.DEFAULT);
- }
-
- public String getKdcLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(this, KrbConfigKey.KDC);
- }
-
- public String getAdminLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(this, KrbConfigKey.ADMIN_SERVER);
- }
-
-
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a5efcfba/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
index 00c5afa..938beab 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
@@ -58,12 +58,7 @@ public enum KrbConfigKey implements SectionConfigKey {
DEFAULT_TKT_ENCTYPES("aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 " +
"des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac " +
"camellia128-cts-cmac des-cbc-crc des-cbc-md5 des-cbc-md4",
- "libdefaults"),
-
- //key for logging location
- DEFAULT(null, "logging"),
- KDC(null, "logging"),
- ADMIN_SERVER(null, "logging");
+ "libdefaults");
private Object defaultValue;
/**
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a5efcfba/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/TestKrbConfigLoad.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/TestKrbConfigLoad.java b/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/TestKrbConfigLoad.java
index dedf70d..46c28ad 100644
--- a/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/TestKrbConfigLoad.java
+++ b/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/TestKrbConfigLoad.java
@@ -23,8 +23,6 @@ import org.apache.kerby.kerberos.kerb.spec.base.EncryptionType;
import org.junit.Test;
import java.io.File;
-import java.io.IOException;
-import java.net.URISyntaxException;
import java.net.URL;
import static org.assertj.core.api.Assertions.assertThat;
@@ -36,7 +34,7 @@ import static org.assertj.core.api.Assertions.assertThat;
public class TestKrbConfigLoad {
@Test
- public void test() throws IOException, URISyntaxException {
+ public void test() throws Exception {
URL confFileUrl = TestKrbConfigLoad.class.getResource("/krb5.conf");
File confFile = new File(confFileUrl.toURI());
@@ -52,17 +50,13 @@ public class TestKrbConfigLoad {
assertThat(krbConfig.getRenewLifetime()).isEqualTo(7 * 24 * 3600);
assertThat(krbConfig.isForwardableAllowed()).isTrue();
assertThat(krbConfig.getEncryptionTypes()).hasSize(2)
- .contains(EncryptionType.DES_CBC_CRC, EncryptionType.AES128_CTS_HMAC_SHA1_96);
+ .contains(EncryptionType.DES_CBC_CRC,
+ EncryptionType.AES128_CTS_HMAC_SHA1_96);
assertThat(krbConfig.getAllowableClockSkew()).isEqualTo(300);
assertThat(krbConfig.isProxiableAllowed()).isTrue();
assertThat(krbConfig.getDefaultTgsEnctypes()).hasSize(1)
.contains(EncryptionType.DES_CBC_CRC);
assertThat(krbConfig.getDefaultTktEnctypes()).hasSize(1)
.contains(EncryptionType.DES_CBC_CRC);
-
- assertThat(krbConfig.getDefaultLoggingLocation()).isEqualTo("FILE:/var/log/krb5libs.log");
- assertThat(krbConfig.getKdcLoggingLocation()).isEqualTo("FILE:/var/log/krb5kdc.log");
- assertThat(krbConfig.getAdminLoggingLocation()).isEqualTo("FILE:/var/log/kadmind.log");
-
}
}
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a5efcfba/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
index d8747cc..5d6e4ee 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
@@ -86,7 +86,8 @@ public class KdcConfig extends Conf {
}
public String getKdcRealm() {
- return KrbConfHelper.getStringUnderSection(this, KdcConfigKey.KDC_REALM);
+ return KrbConfHelper.getStringUnderSection(this,
+ KdcConfigKey.KDC_REALM);
}
public String getKdcDomain() {
@@ -150,19 +151,6 @@ public class KdcConfig extends Conf {
return getBoolean(KdcConfigKey.VERIFY_BODY_CHECKSUM);
}
- public String getDefaultLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(this, KdcConfigKey.DEFAULT);
- }
-
- public String getKdcLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(this, KdcConfigKey.KDC);
- }
-
- public String getAdminLoggingLocation() {
- return KrbConfHelper.getStringUnderSection(this,
- KdcConfigKey.ADMIN_SERVER);
- }
-
public boolean isRestrictAnonymousToTgt() {
return KrbConfHelper.getBooleanUnderSection(this,
KdcConfigKey.RESTRICT_ANONYMOUS_TO_TGT);
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a5efcfba/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
index b071bd6..9d27304 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
@@ -52,13 +52,7 @@ public enum KdcConfigKey implements SectionConfigKey {
new String[] { "aes128-cts-hmac-sha1-96", "des3-cbc-sha1-kd"}
),
RESTRICT_ANONYMOUS_TO_TGT(false, "kdcdefaults"),
- KDC_MAX_DGRAM_REPLY_SIZE(4096, "kdcdefaults"),
-
- //logging location
- //TODO: the default log location need to be determined.
- DEFAULT(null, "logging"),
- KDC(null, "logging"),
- ADMIN_SERVER(null, "logging");
+ KDC_MAX_DGRAM_REPLY_SIZE(4096, "kdcdefaults");
private Object defaultValue;
http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/a5efcfba/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
index 29840bf..402e256 100644
--- a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
+++ b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
@@ -38,24 +38,12 @@ public class TestKdcConfigLoad {
KdcConfig kdcConfig = new KdcConfig();
kdcConfig.addIniConfig(confFile);
- assertThat(kdcConfig.getDefaultLoggingLocation()).isEqualTo("FILE:/var/log/krb5libs.log");
- assertThat(kdcConfig.getKdcLoggingLocation()).isEqualTo("FILE:/var/log/krb5kdc.log");
- assertThat(kdcConfig.getAdminLoggingLocation()).isEqualTo("FILE:/var/log/kadmind.log");
-
assertThat(kdcConfig.getKdcHost()).isEqualTo("localhost");
assertThat(kdcConfig.getKdcUdpPort()).isEqualTo(88);
assertThat(kdcConfig.getKdcTcpPort()).isEqualTo(8014);
assertThat(kdcConfig.getKdcRealm()).isEqualTo("TEST.COM");
assertThat(kdcConfig.isRestrictAnonymousToTgt()).isTrue();
assertThat(kdcConfig.getKdcMaxDgramReplySize()).isEqualTo(4096);
-
- /* will be moved to LdapLdentityBackend module
- String[] ldapContainerDn = krbConfig.getLdapKerberosContainerDn();
- assertThat(ldapContainerDn.length).isEqualTo(3);
- assertThat(ldapContainerDn[0]).isEqualTo("cn=krbcontainer");
- assertThat(ldapContainerDn[1]).isEqualTo("dc=mit");
- assertThat(ldapContainerDn[2]).isEqualTo("dc=edu");
- */
}
@Test