You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by er...@apache.org on 2007/12/20 02:34:52 UTC
svn commit: r605783 - in
/directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos:
GetServiceTicket.java GetTicketGrantingTicket.java
Author: erodriguez
Date: Wed Dec 19 17:34:52 2007
New Revision: 605783
URL: http://svn.apache.org/viewvc?rev=605783&view=rev
Log:
Added support to kerberos-client for different encryption types (DIRSERVER-1095):
o KdcControls object can now be used to customize desired encryption types.
Modified:
directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java
directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java
Modified: directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java?rev=605783&r1=605782&r2=605783&view=diff
==============================================================================
--- directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java (original)
+++ directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetServiceTicket.java Wed Dec 19 17:34:52 2007
@@ -24,7 +24,6 @@
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.security.SecureRandom;
-import java.util.Collections;
import java.util.Date;
import javax.security.auth.kerberos.KerberosPrincipal;
@@ -311,7 +310,7 @@
modifier.setNonce( random.nextInt() );
- modifier.setEType( Collections.singleton( EncryptionType.DES_CBC_MD5 ) );
+ modifier.setEType( controls.getEncryptionTypes() );
/*
if ( user supplied addresses )
Modified: directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java
URL: http://svn.apache.org/viewvc/directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java?rev=605783&r1=605782&r2=605783&view=diff
==============================================================================
--- directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java (original)
+++ directory/clients/trunk/kerberos/client/src/main/java/org/apache/directory/client/kerberos/GetTicketGrantingTicket.java Wed Dec 19 17:34:52 2007
@@ -27,8 +27,9 @@
import java.text.ParseException;
import java.util.Collections;
import java.util.Date;
+import java.util.Map;
+import java.util.Set;
-import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.kerberos.KerberosTicket;
@@ -36,6 +37,7 @@
import org.apache.directory.server.kerberos.shared.KerberosMessageType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.io.encoder.EncryptedDataEncoder;
@@ -238,9 +240,13 @@
{
RequestBodyModifier modifier = new RequestBodyModifier();
- // TODO - set enc type base on contols
- KerberosKey kerberosKey = new KerberosKey( clientPrincipal, password.toCharArray(), "DES" );
- clientKey = new EncryptionKey( EncryptionType.DES_CBC_MD5, kerberosKey.getEncoded() );
+ EncryptionType encType = controls.getEncryptionTypes().iterator().next();
+ Set<EncryptionType> encTypes = Collections.singleton( encType );
+
+ Map<EncryptionType, EncryptionKey> keys = KerberosKeyFactory.getKerberosKeys( clientPrincipal.getName(),
+ password, encTypes );
+
+ clientKey = keys.get( encType );
PaData[] paData = new PaData[1];
@@ -271,12 +277,13 @@
PrincipalName clientName = new PrincipalName( clientPrincipal.getName(), clientPrincipal.getNameType() );
modifier.setClientName( clientName );
- modifier.setRealm( clientPrincipal.getRealm() );
- PrincipalName serverName = new PrincipalName( "krbtgt/" + clientPrincipal.getRealm(), clientPrincipal
- .getNameType() );
+ PrincipalName serverName = new PrincipalName( "krbtgt/" + clientPrincipal.getRealm() + "@"
+ + clientPrincipal.getRealm(), clientPrincipal.getNameType() );
modifier.setServerName( serverName );
+ modifier.setRealm( clientPrincipal.getRealm() );
+
KdcOptions kdcOptions = new KdcOptions();
// Set the requested starting time.
@@ -318,7 +325,7 @@
modifier.setNonce( random.nextInt() );
- modifier.setEType( Collections.singleton( EncryptionType.DES_CBC_MD5 ) );
+ modifier.setEType( controls.getEncryptionTypes() );
/*
if ( user supplied addresses )