directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: rev 55053 - incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/jndi
Date Tue, 19 Oct 2004 07:53:15 GMT
Author: erodriguez
Date: Tue Oct 19 00:53:14 2004
New Revision: 55053

Added:
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/jndi/
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/jndi/KdcSchema.java
Log:
First parse of the krb5-kdc.schema.

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/jndi/KdcSchema.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/jndi/KdcSchema.java
Tue Oct 19 00:53:14 2004
@@ -0,0 +1,207 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+
+/**
+ * Definitions for a Kerberos V KDC schema
+ * OID Base is iso(1) org(3) dod(6) internet(1) private(4) enterprise(1) padl(5322) kdcSchema(10)
+ * 
+ * Syntaxes are under 1.3.6.1.4.1.5322.10.0
+ * Attributes types are under 1.3.6.1.4.1.5322.10.1
+ * Object classes are under 1.3.6.1.4.1.5322.10.2
+ */
+package org.apache.kerberos.kdc.jndi;
+
+import org.apache.kerberos.messages.value.*;
+
+public class KdcSchema {
+/*
+#krb5KDCFlagsSyntax SYNTAX ::= {
+#   WITH SYNTAX            INTEGER
+#--        initial(0),             -- require as-req
+#--        forwardable(1),         -- may issue forwardable
+#--        proxiable(2),           -- may issue proxiable
+#--        renewable(3),           -- may issue renewable
+#--        postdate(4),            -- may issue postdatable
+#--        server(5),              -- may be server
+#--        client(6),              -- may be client
+#--        invalid(7),             -- entry is invalid
+#--        require-preauth(8),     -- must use preauth
+#--        change-pw(9),           -- change password service
+#--        require-hwauth(10),     -- must use hwauth
+#--        ok-as-delegate(11),     -- as in TicketFlags
+#--        user-to-user(12),       -- may use user-to-user auth
+#--        immutable(13)           -- may not be deleted         
+#   ID                     { 1.3.6.1.4.1.5322.10.0.1 }
+#}
+	// TODO - figure out where KdcFlags goes.  Make real class.  Currently int, below.
+*/
+	
+/*
+#krb5PrincipalNameSyntax SYNTAX ::= {
+#   WITH SYNTAX            OCTET STRING
+#-- String representations of distinguished names as per RFC1510
+#   ID                     { 1.3.6.1.4.1.5322.10.0.2 }
+#}
+*/
+	
+	// Attribute type definitions
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.1
+	NAME 'krb5PrincipalName'
+	DESC 'The unparsed Kerberos principal name'
+	EQUALITY caseExactIA5Match
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+*/
+	private String krb5PrincipalName;
+	
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.2
+	NAME 'krb5KeyVersionNumber'
+	EQUALITY integerMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+*/
+	private int krb5KeyVersionNumber;
+	
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.3
+	NAME 'krb5MaxLife'
+	EQUALITY integerMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+*/
+	private int krb5MaxLife;
+	
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.4
+	NAME 'krb5MaxRenew'
+	EQUALITY integerMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+*/
+	private int krb5MaxRenew;
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.5
+	NAME 'krb5KDCFlags'
+	EQUALITY integerMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+*/
+	private int krb5KDCFlags;
+	
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.6
+	NAME 'krb5EncryptionType'
+	EQUALITY integerMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+*/
+	private int krb5EncryptionType;
+	
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.7
+	NAME 'krb5ValidStart'
+	EQUALITY generalizedTimeMatch
+	ORDERING generalizedTimeOrderingMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+	SINGLE-VALUE )
+*/
+	private KerberosTime krb5ValidStart;
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.8
+	NAME 'krb5ValidEnd'
+	EQUALITY generalizedTimeMatch
+	ORDERING generalizedTimeOrderingMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+	SINGLE-VALUE )
+*/
+	private KerberosTime krb5ValidEnd;
+	
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.9
+	NAME 'krb5PasswordEnd'
+	EQUALITY generalizedTimeMatch
+	ORDERING generalizedTimeOrderingMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
+	SINGLE-VALUE )
+*/
+	private KerberosTime krb5PasswordEnd;
+	
+/*
+# this is temporary; keys will eventually
+# be child entries or compound attributes.
+attributetype ( 1.3.6.1.4.1.5322.10.1.10
+	NAME 'krb5Key'
+	DESC 'Encoded ASN1 Key as an octet string'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
+*/
+	private byte[] krb5Key;
+	
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.11
+	NAME 'krb5PrincipalRealm'
+	DESC 'Distinguished name of krb5Realm entry'
+	SUP distinguishedName )
+*/
+	private String krb5PrincipalRealm;
+	
+/*
+attributetype ( 1.3.6.1.4.1.5322.10.1.12
+	NAME 'krb5RealmName'
+	EQUALITY octetStringMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
+*/
+	private String krb5RealmName;
+	
+/*
+# Object class definitions
+
+objectclass ( 1.3.6.1.4.1.5322.10.2.1
+	NAME 'krb5Principal'
+	SUP top
+	AUXILIARY
+	MUST ( krb5PrincipalName )
+	MAY ( cn $ krb5PrincipalRealm ) )
+*/
+	private class Krb5Principal {
+		
+	}
+/*
+objectclass ( 1.3.6.1.4.1.5322.10.2.2
+	NAME 'krb5KDCEntry'
+	SUP krb5Principal
+	AUXILIARY
+	MUST ( krb5KeyVersionNumber )
+	MAY ( krb5ValidStart $ krb5ValidEnd $ krb5PasswordEnd $
+              krb5MaxLife $ krb5MaxRenew $ krb5KDCFlags $
+              krb5EncryptionType $ krb5Key ) )
+*/
+	private class Krb5KdcEntry {
+		
+	}
+/*
+objectclass ( 1.3.6.1.4.1.5322.10.2.3
+	NAME 'krb5Realm'
+	SUP top
+	AUXILIARY
+	MUST ( krb5RealmName ) )
+*/
+	private class Krb5Realm {
+		
+	}
+}
+

Mime
View raw message