You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2012/01/26 13:20:13 UTC
svn commit: r1236156 - in /directory/apacheds/trunk:
kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/
kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/
kerberos-test/src/test/java/org/apache/directory/serve...
Author: elecharny
Date: Thu Jan 26 12:20:12 2012
New Revision: 1236156
URL: http://svn.apache.org/viewvc?rev=1236156&view=rev
Log:
o Stored the EncryptionType into a List instead of a Set
Modified:
directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosUtils.java
directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java
directory/apacheds/trunk/kerberos-test/src/test/java/org/apache/directory/server/kerberos/kdc/AbstractKerberosITest.java
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingService.java
directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractAuthenticationServiceTest.java
directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java
directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java
directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/PreAuthenticationTest.java
directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java
directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java
Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosUtils.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosUtils.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosUtils.java (original)
+++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/KerberosUtils.java Thu Jan 26 12:20:12 2012
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.shared.kerberos;
@@ -23,8 +23,6 @@ package org.apache.directory.shared.kerb
import java.text.ParseException;
import java.util.ArrayList;
import java.util.List;
-import java.util.Set;
-
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.i18n.I18n;
@@ -208,7 +206,7 @@ public class KerberosUtils
/**
- * Constructs a KerberosPrincipal from a PrincipalName and an
+ * Constructs a KerberosPrincipal from a PrincipalName and an
* optional realm
*
* @param principal The principal name and type
@@ -237,8 +235,8 @@ public class KerberosUtils
* @param configuredTypes The configured encryption types
* @return The first matching encryption type.
*/
- public static EncryptionType getBestEncryptionType( Set<EncryptionType> requestedTypes,
- Set<EncryptionType> configuredTypes )
+ public static EncryptionType getBestEncryptionType( List<EncryptionType> requestedTypes,
+ List<EncryptionType> configuredTypes )
{
for ( EncryptionType encryptionType : requestedTypes )
{
@@ -258,7 +256,7 @@ public class KerberosUtils
* @param encryptionTypes The encryptionTypes
* @return A list comma separated of the encryptionTypes
*/
- public static String getEncryptionTypesString( Set<EncryptionType> encryptionTypes )
+ public static String getEncryptionTypesString( List<EncryptionType> encryptionTypes )
{
StringBuilder sb = new StringBuilder();
boolean isFirst = true;
Modified: directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java (original)
+++ directory/apacheds/trunk/kerberos-codec/src/main/java/org/apache/directory/shared/kerberos/components/KdcReqBody.java Thu Jan 26 12:20:12 2012
@@ -22,10 +22,7 @@ package org.apache.directory.shared.kerb
import java.nio.ByteBuffer;
import java.util.ArrayList;
-import java.util.LinkedHashSet;
import java.util.List;
-import java.util.Set;
-
import org.apache.directory.server.i18n.I18n;
import org.apache.directory.shared.asn1.AbstractAsn1Object;
import org.apache.directory.shared.asn1.EncoderException;
@@ -92,8 +89,8 @@ public class KdcReqBody extends Abstract
/** Random number to avoid MiM attacks */
private int nonce;
- /** Set of desired encryption types */
- private Set<EncryptionType> eType;
+ /** List of desired encryption types */
+ private List<EncryptionType> eType;
/** Addresses valid for the requested ticket */
private HostAddresses addresses;
@@ -132,7 +129,7 @@ public class KdcReqBody extends Abstract
public KdcReqBody()
{
additionalTickets = new ArrayList<Ticket>();
- eType = new LinkedHashSet<EncryptionType>();
+ eType = new ArrayList<EncryptionType>();
}
@@ -231,7 +228,7 @@ public class KdcReqBody extends Abstract
*
* @return The requested {@link EncryptionType}s.
*/
- public Set<EncryptionType> getEType()
+ public List<EncryptionType> getEType()
{
return eType;
}
@@ -240,7 +237,7 @@ public class KdcReqBody extends Abstract
/**
* @param eType the eType to set
*/
- public void setEType( Set<EncryptionType> eType )
+ public void setEType( List<EncryptionType> eType )
{
this.eType = eType;
}
Modified: directory/apacheds/trunk/kerberos-test/src/test/java/org/apache/directory/server/kerberos/kdc/AbstractKerberosITest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-test/src/test/java/org/apache/directory/server/kerberos/kdc/AbstractKerberosITest.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-test/src/test/java/org/apache/directory/server/kerberos/kdc/AbstractKerberosITest.java (original)
+++ directory/apacheds/trunk/kerberos-test/src/test/java/org/apache/directory/server/kerberos/kdc/AbstractKerberosITest.java Thu Jan 26 12:20:12 2012
@@ -169,7 +169,7 @@ public class AbstractKerberosITest exten
System.setProperty( "java.security.krb5.conf", krb5confPath );
// change encryption type in KDC
- kdcServer.setEncryptionTypes( Collections.singleton( parameters.encryptionType ) );
+ kdcServer.setEncryptionTypes( Collections.singletonList( parameters.encryptionType ) );
// create principals
createPrincipal( "uid=" + USER_UID, "Last", "First Last",
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/KdcServer.java Thu Jan 26 12:20:12 2012
@@ -6,24 +6,23 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.kerberos.kdc;
import java.io.IOException;
-import java.util.HashSet;
-import java.util.Set;
-
+import java.util.ArrayList;
+import java.util.List;
import javax.security.auth.kerberos.KerberosPrincipal;
import net.sf.ehcache.Cache;
@@ -114,7 +113,7 @@ public class KdcServer extends Directory
private static final boolean DEFAULT_VERIFY_BODY_CHECKSUM = true;
/** The encryption types. */
- private Set<EncryptionType> encryptionTypes;
+ private List<EncryptionType> encryptionTypes;
/** The primary realm */
private String primaryRealm = DEFAULT_REALM;
@@ -276,7 +275,7 @@ public class KdcServer extends Directory
*
* @param encryptionTypes the encryptionTypes to set
*/
- public void setEncryptionTypes( Set<EncryptionType> encryptionTypes )
+ public void setEncryptionTypes( List<EncryptionType> encryptionTypes )
{
this.encryptionTypes = encryptionTypes;
}
@@ -399,7 +398,7 @@ public class KdcServer extends Directory
*
* @return The encryption types.
*/
- public Set<EncryptionType> getEncryptionTypes()
+ public List<EncryptionType> getEncryptionTypes()
{
return encryptionTypes;
}
@@ -465,7 +464,7 @@ public class KdcServer extends Directory
UdpTransport transport = new UdpTransport( DEFAULT_IP_PORT );
setTransports( transport );
- DatagramAcceptor acceptor = ( DatagramAcceptor ) transport.getAcceptor();
+ DatagramAcceptor acceptor = transport.getAcceptor();
// Inject the chain
IoFilterChainBuilder udpChainBuilder = new DefaultIoFilterChainBuilder();
@@ -553,7 +552,7 @@ public class KdcServer extends Directory
{
String[] encryptionTypeStrings = DEFAULT_ENCRYPTION_TYPES;
- encryptionTypes = new HashSet<EncryptionType>();
+ encryptionTypes = new ArrayList<EncryptionType>();
for ( String enc : encryptionTypeStrings )
{
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/authentication/AuthenticationService.java Thu Jan 26 12:20:12 2012
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.kerberos.kdc.authentication;
@@ -131,10 +131,10 @@ public class AuthenticationService
private static void selectEncryptionType( AuthenticationContext authContext ) throws KerberosException,
InvalidTicketException
{
- KdcContext kdcContext = ( KdcContext ) authContext;
+ KdcContext kdcContext = authContext;
KdcServer config = kdcContext.getConfig();
- Set<EncryptionType> requestedTypes = kdcContext.getRequest().getKdcReqBody().getEType();
+ List<EncryptionType> requestedTypes = kdcContext.getRequest().getKdcReqBody().getEType();
EncryptionType bestType = KerberosUtils.getBestEncryptionType( requestedTypes, config.getEncryptionTypes() );
@@ -788,7 +788,7 @@ public class AuthenticationService
* @param encryptionTypes
* @return The error message as bytes.
*/
- private static byte[] preparePreAuthenticationError( Set<EncryptionType> encryptionTypes )
+ private static byte[] preparePreAuthenticationError( List<EncryptionType> encryptionTypes )
{
PaData[] paDataSequence = new PaData[2];
Modified: directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingService.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingService.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingService.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/main/java/org/apache/directory/server/kerberos/kdc/ticketgrant/TicketGrantingService.java Thu Jan 26 12:20:12 2012
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.kerberos.kdc.ticketgrant;
@@ -25,8 +25,6 @@ import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
-import java.util.Set;
-
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.i18n.I18n;
@@ -161,10 +159,10 @@ public class TicketGrantingService
private static void selectEncryptionType( TicketGrantingContext tgsContext ) throws Exception
{
- KdcContext kdcContext = ( KdcContext ) tgsContext;
+ KdcContext kdcContext = tgsContext;
KdcServer config = kdcContext.getConfig();
- Set<EncryptionType> requestedTypes = kdcContext.getRequest().getKdcReqBody().getEType();
+ List<EncryptionType> requestedTypes = kdcContext.getRequest().getKdcReqBody().getEType();
EncryptionType bestType = KerberosUtils.getBestEncryptionType( requestedTypes, config.getEncryptionTypes() );
@@ -860,7 +858,7 @@ public class TicketGrantingService
throw new KerberosException( ErrorType.KDC_ERR_POLICY );
}
- // We set the RENEWABLE option for later processing.
+ // We set the RENEWABLE option for later processing.
request.getKdcReqBody().getKdcOptions().set( KdcOptions.RENEWABLE );
long rtime = Math.min( request.getKdcReqBody().getTill().getTime(), tgt.getEncTicketPart()
.getRenewTill().getTime() );
Modified: directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractAuthenticationServiceTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractAuthenticationServiceTest.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractAuthenticationServiceTest.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AbstractAuthenticationServiceTest.java Thu Jan 26 12:20:12 2012
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.kerberos.protocol;
@@ -24,7 +24,7 @@ import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.ByteBuffer;
import java.security.SecureRandom;
-
+import java.util.List;
import javax.security.auth.kerberos.KerberosKey;
import javax.security.auth.kerberos.KerberosPrincipal;
@@ -59,23 +59,23 @@ public abstract class AbstractAuthentica
protected static final SecureRandom random = new SecureRandom();
- protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal, String passPhrase )
+ protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal, String passPhrase, List<EncryptionType> encryptionTypes )
throws Exception
{
KerberosTime timeStamp = new KerberosTime();
- return getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, timeStamp );
+ return getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, timeStamp, encryptionTypes );
}
protected PaData[] getPreAuthEncryptedTimeStamp( KerberosPrincipal clientPrincipal,
- String passPhrase, KerberosTime timeStamp ) throws Exception
+ String passPhrase, KerberosTime timeStamp, List<EncryptionType> encryptionTypes ) throws Exception
{
PaData[] paData = new PaData[1];
PaEncTsEnc encryptedTimeStamp = new PaEncTsEnc( timeStamp, 0 );
- EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase );
+ EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase, encryptionTypes );
EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp,
KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
@@ -110,11 +110,13 @@ public abstract class AbstractAuthentica
* @param passPhrase
* @return The server's {@link EncryptionKey}.
*/
- protected EncryptionKey getEncryptionKey( KerberosPrincipal principal, String passPhrase )
+ protected EncryptionKey getEncryptionKey( KerberosPrincipal principal, String passPhrase, List<EncryptionType> encryptionTypes )
{
+ EncryptionType encryptionType = encryptionTypes.get( 0 );
+
KerberosKey kerberosKey = new KerberosKey( principal, passPhrase.toCharArray(), "AES128" );
byte[] keyBytes = kerberosKey.getEncoded();
- EncryptionKey key = new EncryptionKey( EncryptionType.AES128_CTS_HMAC_SHA1_96, keyBytes );
+ EncryptionKey key = new EncryptionKey( encryptionType, keyBytes );
return key;
}
Modified: directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java Thu Jan 26 12:20:12 2012
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.kerberos.protocol;
@@ -24,7 +24,9 @@ import static org.junit.Assert.assertEqu
import static org.junit.Assert.assertTrue;
import java.nio.ByteBuffer;
+import java.util.ArrayList;
import java.util.HashSet;
+import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -51,7 +53,6 @@ import org.apache.directory.shared.kerbe
import org.apache.directory.shared.kerberos.messages.KrbError;
import org.junit.After;
import org.junit.Before;
-import org.junit.Ignore;
import org.junit.Test;
@@ -98,7 +99,7 @@ public class AuthenticationEncryptionTyp
* @throws Exception
*/
@Test
- @Ignore("AbstractAuthenticationServiceTest.getEncryptionKey() always uses AES128_CTS_HMAC_SHA1_96")
+ //@Ignore("AbstractAuthenticationServiceTest.getEncryptionKey() always uses AES128_CTS_HMAC_SHA1_96")
public void testRequestDesCbcMd5() throws Exception
{
KdcReqBody kdcReqBody = new KdcReqBody();
@@ -106,7 +107,7 @@ public class AuthenticationEncryptionTyp
kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.DES_CBC_MD5 );
kdcReqBody.setEType( encryptionTypes );
@@ -119,7 +120,7 @@ public class AuthenticationEncryptionTyp
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -156,7 +157,7 @@ public class AuthenticationEncryptionTyp
kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
kdcReqBody.setEType( encryptionTypes );
@@ -216,7 +217,7 @@ public class AuthenticationEncryptionTyp
kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
kdcReqBody.setEType( encryptionTypes );
@@ -276,7 +277,7 @@ public class AuthenticationEncryptionTyp
kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> requestedEncryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> requestedEncryptionTypes = new ArrayList<EncryptionType>();
requestedEncryptionTypes.add( EncryptionType.RC4_MD4 );
kdcReqBody.setEType( requestedEncryptionTypes );
@@ -289,7 +290,7 @@ public class AuthenticationEncryptionTyp
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
Modified: directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationServiceTest.java Thu Jan 26 12:20:12 2012
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.kerberos.protocol;
@@ -24,9 +24,8 @@ import static org.junit.Assert.assertEqu
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
-import java.util.HashSet;
-import java.util.Set;
-
+import java.util.ArrayList;
+import java.util.List;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.kdc.KdcServer;
@@ -206,7 +205,7 @@ public class AuthenticationServiceTest e
* "If the server cannot accommodate any encryption type requested by the
* client, an error message with code KDC_ERR_ETYPE_NOSUPP is returned."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testEncryptionTypeNoSupport() throws Exception
@@ -216,7 +215,7 @@ public class AuthenticationServiceTest e
kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.DES3_CBC_MD5 );
kdcReqBody.setEType( encryptionTypes );
@@ -231,7 +230,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -253,7 +252,7 @@ public class AuthenticationServiceTest e
/**
* Tests that a non-existent server principal returns the correct error message.
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testServerNotFound() throws Exception
@@ -267,7 +266,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -316,7 +315,7 @@ public class AuthenticationServiceTest e
* Tests that when a server principal is not configured with Kerberos keys that
* the correct error message is returned.
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testServerNullKey() throws Exception
@@ -330,7 +329,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -359,7 +358,7 @@ public class AuthenticationServiceTest e
* POSTDATE option has not been specified, then the starttime of the
* ticket is set to the authentication server's current time."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testStartTimeAbsentNoPostdate() throws Exception
@@ -380,7 +379,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -413,7 +412,7 @@ public class AuthenticationServiceTest e
* POSTDATE option has not been specified, then the starttime of the
* ticket is set to the authentication server's current time."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testStartTimeInThePastNoPostdate() throws Exception
@@ -437,7 +436,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -470,7 +469,7 @@ public class AuthenticationServiceTest e
* POSTDATE option has not been specified, then the starttime of the
* ticket is set to the authentication server's current time."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testStartTimeAcceptableClockSkewNoPostdate() throws Exception
@@ -494,7 +493,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -550,7 +549,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -602,7 +601,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -630,7 +629,7 @@ public class AuthenticationServiceTest e
* the POSTDATED option has not been specified, then the error
* KDC_ERR_CANNOT_POSTDATE is returned."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testStartTimeNoPostdated() throws Exception
@@ -653,7 +652,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -715,7 +714,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -775,7 +774,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -798,7 +797,7 @@ public class AuthenticationServiceTest e
/**
- * Tests when an end time is requested that exceeds the maximum end time as
+ * Tests when an end time is requested that exceeds the maximum end time as
* configured in policy that the maximum allowable end time is returned instead
* of the requested end time.
*
@@ -827,7 +826,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -874,7 +873,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -922,7 +921,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -960,7 +959,7 @@ public class AuthenticationServiceTest e
* 'RENEWABLE' option were requested (the field and option names are described
* fully in Section 5.4.1).
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testRenewableOk() throws Exception
@@ -983,7 +982,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1019,7 +1018,7 @@ public class AuthenticationServiceTest e
* if they have been requested and if the policy of the local realm
* allows: FORWARDABLE, MAY-POSTDATE, POSTDATED, PROXIABLE, RENEWABLE."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testForwardableTicket() throws Exception
@@ -1041,7 +1040,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1072,7 +1071,7 @@ public class AuthenticationServiceTest e
* if they have been requested and if the policy of the local realm
* allows: FORWARDABLE, MAY-POSTDATE, POSTDATED, PROXIABLE, RENEWABLE."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testAllowPostdate() throws Exception
@@ -1094,7 +1093,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1125,7 +1124,7 @@ public class AuthenticationServiceTest e
* if they have been requested and if the policy of the local realm
* allows: FORWARDABLE, MAY-POSTDATE, POSTDATED, PROXIABLE, RENEWABLE."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testProxiableTicket() throws Exception
@@ -1147,7 +1146,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1181,7 +1180,7 @@ public class AuthenticationServiceTest e
* the starttime of the ticket plus the maximum renewable lifetime
* set by the policy of the local realm."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testRenewableTicket() throws Exception
@@ -1206,7 +1205,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1243,7 +1242,7 @@ public class AuthenticationServiceTest e
* the starttime of the ticket plus the maximum renewable lifetime
* set by the policy of the local realm."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testRenewableTicketExceedsMaximumAllowable() throws Exception
@@ -1268,7 +1267,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1322,7 +1321,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1367,7 +1366,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1412,7 +1411,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1457,7 +1456,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -1502,7 +1501,7 @@ public class AuthenticationServiceTest e
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
Modified: directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/PreAuthenticationTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/PreAuthenticationTest.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/PreAuthenticationTest.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/PreAuthenticationTest.java Thu Jan 26 12:20:12 2012
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.kerberos.protocol;
@@ -23,9 +23,8 @@ package org.apache.directory.server.kerb
import static org.junit.Assert.assertEquals;
import java.nio.ByteBuffer;
-import java.util.HashSet;
-import java.util.Set;
-
+import java.util.ArrayList;
+import java.util.List;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.kdc.KdcServer;
@@ -70,7 +69,7 @@ public class PreAuthenticationTest exten
@Before
public void setUp()
{
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
config = new KdcServer();
@@ -135,7 +134,7 @@ public class PreAuthenticationTest exten
* if the pre-authentication check fails, an error message with the code
* KDC_ERR_PREAUTH_FAILED is returned."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testPreAuthenticationIntegrityFailed() throws Exception
@@ -156,7 +155,7 @@ public class PreAuthenticationTest exten
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "badpassword";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -181,7 +180,7 @@ public class PreAuthenticationTest exten
* if the pre-authentication check fails, an error message with the code
* KDC_ERR_PREAUTH_FAILED is returned."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testPreAuthenticationFailed() throws Exception
@@ -203,7 +202,7 @@ public class PreAuthenticationTest exten
KerberosTime timeStamp = new KerberosTime( 0 );
String passPhrase = "secret";
- PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, timeStamp );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase, timeStamp, config.getEncryptionTypes() );
KdcReq message = new AsReq();
message.setKdcReqBody( kdcReqBody );
@@ -228,7 +227,7 @@ public class PreAuthenticationTest exten
* Tests when pre-authentication is included that is not supported by the KDC, that
* the correct error message is returned.
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testPreAuthenticationNoSupport() throws Exception
@@ -307,7 +306,7 @@ public class PreAuthenticationTest exten
PaEncTsEnc encryptedTimeStamp = new PaEncTsEnc( timeStamp, 0 );
- EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase );
+ EncryptionKey clientKey = getEncryptionKey( clientPrincipal, passPhrase, config.getEncryptionTypes() );
EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp,
KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
Modified: directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingEncryptionTypeTest.java Thu Jan 26 12:20:12 2012
@@ -6,23 +6,25 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.kerberos.protocol;
import static org.junit.Assert.assertEquals;
+import java.util.ArrayList;
import java.util.HashSet;
+import java.util.List;
import java.util.Map;
import java.util.Set;
@@ -115,7 +117,7 @@ public class TicketGrantingEncryptionTyp
kdcReqBody.setSName( new PrincipalName( new KerberosPrincipal( "ldap/ldap.example.com@EXAMPLE.COM" ) ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.DES_CBC_MD5 );
kdcReqBody.setEType( encryptionTypes );
@@ -168,7 +170,7 @@ public class TicketGrantingEncryptionTyp
kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
kdcReqBody.setEType( encryptionTypes );
@@ -234,7 +236,7 @@ public class TicketGrantingEncryptionTyp
kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
kdcReqBody.setEType( encryptionTypes );
@@ -299,7 +301,7 @@ public class TicketGrantingEncryptionTyp
kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
kdcReqBody.setEType( encryptionTypes );
@@ -367,7 +369,7 @@ public class TicketGrantingEncryptionTyp
kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
kdcReqBody.setEType( encryptionTypes );
@@ -433,7 +435,7 @@ public class TicketGrantingEncryptionTyp
kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
kdcReqBody.setEType( encryptionTypes );
Modified: directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java?rev=1236156&r1=1236155&r2=1236156&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/TicketGrantingServiceTest.java Thu Jan 26 12:20:12 2012
@@ -6,16 +6,16 @@
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
- * under the License.
- *
+ * under the License.
+ *
*/
package org.apache.directory.server.kerberos.protocol;
@@ -26,9 +26,8 @@ import static org.junit.Assert.assertNot
import static org.junit.Assert.assertTrue;
import java.net.InetAddress;
-import java.util.HashSet;
-import java.util.Set;
-
+import java.util.ArrayList;
+import java.util.List;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.kdc.KdcServer;
@@ -113,7 +112,7 @@ public class TicketGrantingServiceTest e
* when a client initially authenticates to the system, such as when a user
* logs in)."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testRequestArchetype() throws Exception
@@ -172,7 +171,7 @@ public class TicketGrantingServiceTest e
/**
* Tests that a non-existent server principal returns the correct error message.
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testServerNotFound() throws Exception
@@ -216,7 +215,7 @@ public class TicketGrantingServiceTest e
* "If no ticket can be found in the padata field, the KDC_ERR_PADATA_TYPE_NOSUPP
* error is returned."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testNoTicketFound() throws Exception
@@ -263,7 +262,7 @@ public class TicketGrantingServiceTest e
/**
* Tests that an inappropriate checksum returns the correct error message.
*
- * @throws Exception
+ * @throws Exception
*/
@Test
@Ignore
@@ -306,7 +305,7 @@ public class TicketGrantingServiceTest e
/**
* Tests that an inappropriate checksum returns the correct error message.
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testChecksumTypeNoSupport() throws Exception
@@ -428,7 +427,7 @@ public class TicketGrantingServiceTest e
* "The TGS exchange between a client and the Kerberos TGS is initiated by a
* client when ... it seeks to renew an existing ticket."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testRenewTicket() throws Exception
@@ -472,7 +471,7 @@ public class TicketGrantingServiceTest e
* "The TGS exchange between a client and the Kerberos TGS is initiated by a
* client when ... it seeks to validate an existing ticket."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testValidateTicket() throws Exception
@@ -523,7 +522,7 @@ public class TicketGrantingServiceTest e
* "The TGS exchange between a client and the Kerberos TGS is initiated by a
* client when ... it seeks to obtain a proxy ticket."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testProxyTicket() throws Exception
@@ -583,7 +582,7 @@ public class TicketGrantingServiceTest e
* "The TGS exchange between a client and the Kerberos TGS is initiated by a
* client when ... it seeks to obtain a forwarded ticket."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testForwardedTicket() throws Exception
@@ -644,7 +643,7 @@ public class TicketGrantingServiceTest e
* accepted by the TGS, so once a renewable or TGT expires, the client
* must use a separate exchange to obtain valid tickets.
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testExpiredTgt() throws Exception
@@ -692,7 +691,7 @@ public class TicketGrantingServiceTest e
* by the TGS, so once a renewable or TGT expires, the client must use a separate
* exchange to obtain valid tickets.
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testExpiredRenewableTicket() throws Exception
@@ -850,7 +849,7 @@ public class TicketGrantingServiceTest e
* "If the server cannot accommodate any encryption type requested by the
* client, an error message with code KDC_ERR_ETYPE_NOSUPP is returned."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testEncryptionTypeNoSupport() throws Exception
@@ -859,7 +858,7 @@ public class TicketGrantingServiceTest e
kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
kdcReqBody.setRealm( "EXAMPLE.COM" );
- Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
+ List<EncryptionType> encryptionTypes = new ArrayList<EncryptionType>();
encryptionTypes.add( EncryptionType.DES3_CBC_MD5 );
kdcReqBody.setEType( encryptionTypes );
@@ -887,7 +886,7 @@ public class TicketGrantingServiceTest e
* Tests that when a server principal is not configured with Kerberos keys that
* the correct error message is returned.
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testServerNullKey() throws Exception
@@ -933,7 +932,7 @@ public class TicketGrantingServiceTest e
* POSTDATE option has not been specified, then the starttime of the
* ticket is set to the authentication server's current time."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testStartTimeAbsentNoPostdate() throws Exception
@@ -988,7 +987,7 @@ public class TicketGrantingServiceTest e
* POSTDATE option has not been specified, then the starttime of the
* ticket is set to the authentication server's current time."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testStartTimeInThePastNoPostdate() throws Exception
@@ -1046,7 +1045,7 @@ public class TicketGrantingServiceTest e
* POSTDATE option has not been specified, then the starttime of the
* ticket is set to the authentication server's current time."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testStartTimeAcceptableClockSkewNoPostdate() throws Exception
@@ -1214,7 +1213,7 @@ public class TicketGrantingServiceTest e
* the POSTDATED option has not been specified, then the error
* KDC_ERR_CANNOT_POSTDATE is returned."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testStartTimeNoPostdated() throws Exception
@@ -1436,7 +1435,7 @@ public class TicketGrantingServiceTest e
/**
- * Tests when an end time is requested that exceeds the maximum end time as
+ * Tests when an end time is requested that exceeds the maximum end time as
* configured in policy that the maximum allowable end time is returned instead
* of the requested end time.
*
@@ -1549,7 +1548,7 @@ public class TicketGrantingServiceTest e
* 'RENEWABLE' option were requested (the field and option names are described
* fully in Section 5.4.1).
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testRenewableOk() throws Exception
@@ -1610,7 +1609,7 @@ public class TicketGrantingServiceTest e
* if they have been requested and if the policy of the local realm
* allows: FORWARDABLE, MAY-POSTDATE, POSTDATED, PROXIABLE, RENEWABLE."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testForwardableTicket() throws Exception
@@ -1666,7 +1665,7 @@ public class TicketGrantingServiceTest e
* if they have been requested and if the policy of the local realm
* allows: FORWARDABLE, MAY-POSTDATE, POSTDATED, PROXIABLE, RENEWABLE."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testAllowPostdate() throws Exception
@@ -1722,7 +1721,7 @@ public class TicketGrantingServiceTest e
* if they have been requested and if the policy of the local realm
* allows: FORWARDABLE, MAY-POSTDATE, POSTDATED, PROXIABLE, RENEWABLE."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testProxiableTicket() throws Exception
@@ -1781,7 +1780,7 @@ public class TicketGrantingServiceTest e
* the starttime of the ticket plus the maximum renewable lifetime
* set by the policy of the local realm."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testRenewableTicket() throws Exception
@@ -1846,7 +1845,7 @@ public class TicketGrantingServiceTest e
* the starttime of the ticket plus the maximum renewable lifetime
* set by the policy of the local realm."
*
- * @throws Exception
+ * @throws Exception
*/
@Test
public void testRenewableTicketExceedsMaximumAllowable() throws Exception
@@ -1906,8 +1905,8 @@ public class TicketGrantingServiceTest e
* "The ciphertext part of the response in the KRB_TGS_REP message is encrypted
* in the sub-session key from the Authenticator, if present, or in the session
* key from the TGT."
- *
- * @throws Exception
+ *
+ * @throws Exception
*/
@Test
public void testAuthenticatorSubKey() throws Exception