You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by el...@apache.org on 2010/12/09 01:12:08 UTC
svn commit: r1043790 [3/6] - in /directory/apacheds/trunk/protocol-kerberos:
./ src/main/java/org/apache/directory/server/kerberos/kdc/
src/main/java/org/apache/directory/server/kerberos/kdc/authentication/
src/main/java/org/apache/directory/server/ker...
Modified: directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java?rev=1043790&r1=1043789&r2=1043790&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationEncryptionTypeTest.java Thu Dec 9 00:12:07 2010
@@ -20,6 +20,10 @@
package org.apache.directory.server.kerberos.protocol;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.nio.ByteBuffer;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
@@ -27,31 +31,27 @@ import java.util.Set;
import javax.security.auth.kerberos.KerberosPrincipal;
import org.apache.directory.server.kerberos.kdc.KdcServer;
-import org.apache.directory.server.kerberos.shared.KerberosConstants;
-import org.apache.directory.server.kerberos.shared.KerberosMessageType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
-import org.apache.directory.server.kerberos.shared.crypto.encryption.EncryptionType;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
-import org.apache.directory.server.kerberos.shared.io.encoder.EncryptedDataEncoder;
-import org.apache.directory.server.kerberos.shared.messages.AuthenticationReply;
-import org.apache.directory.server.kerberos.shared.messages.ErrorMessage;
-import org.apache.directory.server.kerberos.shared.messages.KdcRequest;
-import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
-import org.apache.directory.server.kerberos.shared.messages.value.EncryptedTimeStamp;
-import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
-import org.apache.directory.server.kerberos.shared.messages.value.KdcOptions;
-import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
-import org.apache.directory.server.kerberos.shared.messages.value.PaData;
-import org.apache.directory.server.kerberos.shared.messages.value.RequestBodyModifier;
-import org.apache.directory.server.kerberos.shared.messages.value.types.PaDataType;
import org.apache.directory.server.kerberos.shared.store.PrincipalStore;
-
+import org.apache.directory.shared.kerberos.KerberosTime;
+import org.apache.directory.shared.kerberos.codec.options.KdcOptions;
+import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
+import org.apache.directory.shared.kerberos.codec.types.PaDataType;
+import org.apache.directory.shared.kerberos.components.EncryptedData;
+import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.directory.shared.kerberos.components.KdcReq;
+import org.apache.directory.shared.kerberos.components.KdcReqBody;
+import org.apache.directory.shared.kerberos.components.PaData;
+import org.apache.directory.shared.kerberos.components.PaEncTsEnc;
+import org.apache.directory.shared.kerberos.exceptions.ErrorType;
+import org.apache.directory.shared.kerberos.messages.AsRep;
+import org.apache.directory.shared.kerberos.messages.AsReq;
+import org.apache.directory.shared.kerberos.messages.KrbError;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
/**
@@ -99,33 +99,39 @@ public class AuthenticationEncryptionTyp
@Test
public void testRequestDesCbcMd5() throws Exception
{
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
encryptionTypes.add( EncryptionType.DES_CBC_MD5 );
- modifier.setEType( encryptionTypes );
- modifier.setNonce( random.nextInt() );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setEType( encryptionTypes );
+ kdcReqBody.setNonce( random.nextInt() );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paData = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, paData, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
+
+ for ( PaData paData : paDatas )
+ {
+ message.addPaData( paData );
+ }
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", AuthenticationReply.class, msg.getClass() );
- AuthenticationReply reply = ( AuthenticationReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", AsRep.class, msg.getClass() );
+ AsRep reply = ( AsRep ) msg;
assertEquals( "Encryption type", EncryptionType.DES_CBC_MD5, reply.getEncPart().getEType() );
}
@@ -143,21 +149,21 @@ public class AuthenticationEncryptionTyp
{ EncryptionType.AES128_CTS_HMAC_SHA1_96 };
config.setEncryptionTypes( configuredEncryptionTypes );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
- modifier.setEType( encryptionTypes );
- modifier.setNonce( random.nextInt() );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setEType( encryptionTypes );
+ kdcReqBody.setNonce( random.nextInt() );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
String principalName = "hnelson@EXAMPLE.COM";
String passPhrase = "secret";
@@ -169,15 +175,21 @@ public class AuthenticationEncryptionTyp
EncryptionKey clientKey = keyMap.get( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
KerberosTime timeStamp = new KerberosTime();
- PaData[] paData = getPreAuthEncryptedTimeStamp( clientKey, timeStamp );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientKey, timeStamp );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, paData, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
+
+ for ( PaData paData : paDatas )
+ {
+ message.addPaData( paData );
+ }
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", AuthenticationReply.class, msg.getClass() );
- AuthenticationReply reply = ( AuthenticationReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", AsRep.class, msg.getClass() );
+ AsRep reply = ( AsRep ) msg;
assertTrue( "Requested end time", requestedEndTime.equals( reply.getEndTime() ) );
assertTrue( "PRE_AUTHENT flag", reply.getTicket().getEncTicketPart().getFlags().isPreAuth() );
@@ -197,22 +209,22 @@ public class AuthenticationEncryptionTyp
{ EncryptionType.AES128_CTS_HMAC_SHA1_96 };
config.setEncryptionTypes( configuredEncryptionTypes );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
Set<EncryptionType> encryptionTypes = new HashSet<EncryptionType>();
encryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
- modifier.setEType( encryptionTypes );
+ kdcReqBody.setEType( encryptionTypes );
int nonce = random.nextInt();
- modifier.setNonce( nonce );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setNonce( nonce );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
String principalName = "hnelson@EXAMPLE.COM";
String passPhrase = "secret";
@@ -224,15 +236,21 @@ public class AuthenticationEncryptionTyp
EncryptionKey clientKey = keyMap.get( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
KerberosTime timeStamp = new KerberosTime();
- PaData[] paData = getPreAuthEncryptedTimeStamp( clientKey, timeStamp );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientKey, timeStamp );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, paData, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
+
+ for ( PaData paData : paDatas )
+ {
+ message.addPaData( paData );
+ }
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", AuthenticationReply.class, msg.getClass() );
- AuthenticationReply reply = ( AuthenticationReply ) msg;
+ assertEquals( "session.getMessage() instanceOf", AsRep.class, msg.getClass() );
+ AsRep reply = ( AsRep ) msg;
assertTrue( "Requested end time", requestedEndTime.equals( reply.getEndTime() ) );
assertTrue( "PRE_AUTHENT flag", reply.getTicket().getEncTicketPart().getFlags().isPreAuth() );
@@ -251,34 +269,40 @@ public class AuthenticationEncryptionTyp
@Test
public void testAes128Configuration() throws Exception
{
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
Set<EncryptionType> requestedEncryptionTypes = new HashSet<EncryptionType>();
requestedEncryptionTypes.add( EncryptionType.AES128_CTS_HMAC_SHA1_96 );
- modifier.setEType( requestedEncryptionTypes );
- modifier.setNonce( random.nextInt() );
- modifier.setKdcOptions( new KdcOptions() );
+ kdcReqBody.setEType( requestedEncryptionTypes );
+ kdcReqBody.setNonce( random.nextInt() );
+ kdcReqBody.setKdcOptions( new KdcOptions() );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM" );
String passPhrase = "secret";
- PaData[] paData = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
+ PaData[] paDatas = getPreAuthEncryptedTimeStamp( clientPrincipal, passPhrase );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, paData, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
+
+ for ( PaData paData : paDatas )
+ {
+ message.addPaData( paData );
+ }
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "KDC has no support for encryption type", 14, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "KDC has no support for encryption type", ErrorType.KDC_ERR_ETYPE_NOSUPP, error.getErrorCode() );
}
@@ -287,11 +311,12 @@ public class AuthenticationEncryptionTyp
{
PaData[] paData = new PaData[1];
- EncryptedTimeStamp encryptedTimeStamp = new EncryptedTimeStamp( timeStamp, 0 );
+ PaEncTsEnc encryptedTimeStamp = new PaEncTsEnc( timeStamp, 0 );
- EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp, KeyUsage.NUMBER1 );
+ EncryptedData encryptedData = lockBox.seal( clientKey, encryptedTimeStamp, KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
- byte[] encodedEncryptedData = EncryptedDataEncoder.encode( encryptedData );
+ ByteBuffer buffer = ByteBuffer.allocate( encryptedData.computeLength() );
+ byte[] encodedEncryptedData = encryptedData.encode( buffer ).array();
PaData preAuth = new PaData();
preAuth.setPaDataType( PaDataType.PA_ENC_TIMESTAMP );
Modified: directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationPolicyTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationPolicyTest.java?rev=1043790&r1=1043789&r2=1043790&view=diff
==============================================================================
--- directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationPolicyTest.java (original)
+++ directory/apacheds/trunk/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/protocol/AuthenticationPolicyTest.java Thu Dec 9 00:12:07 2010
@@ -23,14 +23,14 @@ package org.apache.directory.server.kerb
import static org.junit.Assert.assertEquals;
import org.apache.directory.server.kerberos.kdc.KdcServer;
-import org.apache.directory.server.kerberos.shared.KerberosConstants;
-import org.apache.directory.server.kerberos.shared.KerberosMessageType;
-import org.apache.directory.server.kerberos.shared.messages.ErrorMessage;
-import org.apache.directory.server.kerberos.shared.messages.KdcRequest;
-import org.apache.directory.server.kerberos.shared.messages.value.KdcOptions;
-import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
-import org.apache.directory.server.kerberos.shared.messages.value.RequestBodyModifier;
import org.apache.directory.server.kerberos.shared.store.PrincipalStore;
+import org.apache.directory.shared.kerberos.KerberosTime;
+import org.apache.directory.shared.kerberos.codec.options.KdcOptions;
+import org.apache.directory.shared.kerberos.components.KdcReq;
+import org.apache.directory.shared.kerberos.components.KdcReqBody;
+import org.apache.directory.shared.kerberos.exceptions.ErrorType;
+import org.apache.directory.shared.kerberos.messages.AsReq;
+import org.apache.directory.shared.kerberos.messages.KrbError;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -85,28 +85,29 @@ public class AuthenticationPolicyTest ex
config.setPaEncTimestampRequired( false );
config.setForwardableAllowed( false );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.FORWARDABLE );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, null, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "KDC policy rejects request", 12, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "KDC policy rejects request", ErrorType.KDC_ERR_POLICY, error.getErrorCode() );
}
@@ -123,28 +124,29 @@ public class AuthenticationPolicyTest ex
config.setPaEncTimestampRequired( false );
config.setProxiableAllowed( false );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.PROXIABLE );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, null, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "KDC policy rejects request", 12, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "KDC policy rejects request", ErrorType.KDC_ERR_POLICY, error.getErrorCode() );
}
@@ -161,28 +163,29 @@ public class AuthenticationPolicyTest ex
config.setPaEncTimestampRequired( false );
config.setPostdatedAllowed( false );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.ALLOW_POSTDATE );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, null, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "KDC policy rejects request", 12, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "KDC policy rejects request", ErrorType.KDC_ERR_POLICY, error.getErrorCode() );
}
@@ -199,28 +202,29 @@ public class AuthenticationPolicyTest ex
config.setPaEncTimestampRequired( false );
config.setPostdatedAllowed( false );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.POSTDATED );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, null, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "KDC policy rejects request", 12, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "KDC policy rejects request", ErrorType.KDC_ERR_POLICY, error.getErrorCode() );
}
@@ -237,28 +241,29 @@ public class AuthenticationPolicyTest ex
config.setPaEncTimestampRequired( false );
config.setRenewableAllowed( false );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.RENEWABLE_OK );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.WEEK );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, null, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "KDC policy rejects request", 12, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "KDC policy rejects request", ErrorType.KDC_ERR_POLICY, error.getErrorCode() );
}
@@ -275,31 +280,32 @@ public class AuthenticationPolicyTest ex
config.setPaEncTimestampRequired( false );
config.setRenewableAllowed( false );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
KdcOptions kdcOptions = new KdcOptions();
kdcOptions.set( KdcOptions.RENEWABLE );
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
KerberosTime requestedRenewTillTime = new KerberosTime( now + KerberosTime.WEEK / 2 );
- modifier.setRtime( requestedRenewTillTime );
+ kdcReqBody.setRtime( requestedRenewTillTime );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, null, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "KDC policy rejects request", 12, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "KDC policy rejects request", ErrorType.KDC_ERR_POLICY, error.getErrorCode() );
}
@@ -316,29 +322,30 @@ public class AuthenticationPolicyTest ex
config.setPaEncTimestampRequired( false );
config.setEmptyAddressesAllowed( false );
- RequestBodyModifier modifier = new RequestBodyModifier();
- modifier.setClientName( getPrincipalName( "hnelson" ) );
- modifier.setServerName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
- modifier.setRealm( "EXAMPLE.COM" );
- modifier.setEType( config.getEncryptionTypes() );
+ KdcReqBody kdcReqBody = new KdcReqBody();
+ kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
+ kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
+ kdcReqBody.setRealm( "EXAMPLE.COM" );
+ kdcReqBody.setEType( config.getEncryptionTypes() );
KdcOptions kdcOptions = new KdcOptions();
- modifier.setKdcOptions( kdcOptions );
+ kdcReqBody.setKdcOptions( kdcOptions );
long now = System.currentTimeMillis();
KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
- modifier.setTill( requestedEndTime );
+ kdcReqBody.setTill( requestedEndTime );
KerberosTime requestedRenewTillTime = new KerberosTime( now + KerberosTime.WEEK / 2 );
- modifier.setRtime( requestedRenewTillTime );
+ kdcReqBody.setRtime( requestedRenewTillTime );
- KdcRequest message = new KdcRequest( KerberosConstants.KERBEROS_V5, KerberosMessageType.AS_REQ, null, modifier.getRequestBody() );
+ KdcReq message = new AsReq();
+ message.setKdcReqBody( kdcReqBody );
handler.messageReceived( session, message );
Object msg = session.getMessage();
- assertEquals( "session.getMessage() instanceOf", ErrorMessage.class, msg.getClass() );
- ErrorMessage error = ( ErrorMessage ) msg;
- assertEquals( "KDC policy rejects request", 12, error.getErrorCode() );
+ assertEquals( "session.getMessage() instanceOf", KrbError.class, msg.getClass() );
+ KrbError error = ( KrbError ) msg;
+ assertEquals( "KDC policy rejects request", ErrorType.KDC_ERR_POLICY, error.getErrorCode() );
}
}