directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From erodrig...@apache.org
Subject svn commit: rev 56182 - in incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc: . server/udp store
Date Mon, 01 Nov 2004 02:10:41 GMT
Author: erodriguez
Date: Sun Oct 31 18:10:40 2004
New Revision: 56182

Added:
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/BootstrapStore.java
Modified:
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/KdcDispatcher.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/server/udp/Main.java
   incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/LdapStore.java
Log:
Key store implementation for bootstrapping the initial KDC Subject for subsequent SASL-GSSAPI
connections, such as to LDAP servers.

Modified: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/KdcDispatcher.java
==============================================================================
--- incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/KdcDispatcher.java
(original)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/KdcDispatcher.java
Sun Oct 31 18:10:40 2004
@@ -37,7 +37,7 @@
 	private KdcRequestDecoder _decoder = new KdcRequestDecoder();
 	private KdcReplyEncoder   _encoder = new KdcReplyEncoder();
 	
-	private PrincipalStore   _bootstrap    = new KdcBootstrapStore();
+	private PrincipalStore   _bootstrap;
 	private CryptoService    _cryptoService;
 	private KdcConfiguration _config;
 	private PrincipalStore   _store;
@@ -45,9 +45,10 @@
 	private AuthenticationService _authService;
 	private TicketGrantingService _tgsService;
 	
-	public KdcDispatcher(KdcConfiguration config, PrincipalStore store) {
-		_config      = config;
-		_store       = store;
+	public KdcDispatcher(KdcConfiguration config, BootstrapStore bootstrap, PrincipalStore store)
{
+		_config    = config;
+		_bootstrap = bootstrap;
+		_store     = store;
 		
 		_cryptoService = new CryptoService(_config);
 		_authService   = new AuthenticationService(_store, _bootstrap, _cryptoService, _config);

Modified: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/server/udp/Main.java
==============================================================================
--- incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/server/udp/Main.java
(original)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/server/udp/Main.java
Sun Oct 31 18:10:40 2004
@@ -24,9 +24,10 @@
 
 public class Main {
 
-	private static final KdcConfiguration config = new KdcConfiguration();
-	private static final PrincipalStore ldap     = new LdapStore(config);
-	private static final KdcDispatcher kdc       = new KdcDispatcher(config, ldap);
+	private static final KdcConfiguration config  = new KdcConfiguration();
+	private static final BootstrapStore bootstrap = new BootstrapStore(config);
+	private static final PrincipalStore ldap      = new LdapStore(config, bootstrap);
+	private static final KdcDispatcher kdc        = new KdcDispatcher(config, bootstrap, ldap);
 	
 	public static void main(String[] args) {
 		Main m = new Main();
@@ -35,8 +36,7 @@
 
 	private void go() {
 		
-		initConfig();
-		initStore();
+		init();
 		
 		DatagramSocket socket = null;
 		try {
@@ -59,13 +59,10 @@
 		}
 	}
 	
-	private void initConfig() {
-		// TODO - implement
-	}
-
-	private void initStore() {
+	private void init() {
 		Thread storeInit = new Thread() {
 			public void run() {
+				bootstrap.init();
 				ldap.init();
 			}
 		};

Added: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/BootstrapStore.java
==============================================================================
--- (empty file)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/BootstrapStore.java
Sun Oct 31 18:10:40 2004
@@ -0,0 +1,61 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.kerberos.kdc.store;
+
+import org.apache.kerberos.kdc.*;
+
+import java.io.*;
+import java.util.*;
+
+import javax.security.auth.kerberos.*;
+
+public class BootstrapStore implements PrincipalStore {
+	
+	private KdcConfiguration _config;
+	private Map              _entries;
+	
+	public BootstrapStore(KdcConfiguration config) {
+		_config = config;
+	}
+	
+	public void init() {
+		try {
+			FileInputStream in = new FileInputStream(_config.getKerberosKeysLocation());
+			ObjectInputStream s = new ObjectInputStream(in);
+			_entries = (HashMap)s.readObject();
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+	}
+	
+	public PrincipalStoreEntry getEntry(KerberosPrincipal principal) {
+		KerberosKey key = (KerberosKey)_entries.get(principal.getName());
+		if (key == null) {
+			return null;
+		}
+		return getEntry(key);
+	}
+	
+	private PrincipalStoreEntry getEntry(KerberosKey key) {
+		PrincipalStoreEntryModifier modifier = new PrincipalStoreEntryModifier();
+		modifier.setPrincipal(key.getPrincipal());
+		modifier.setKey(key.getEncoded());
+		modifier.setEncryptionType(key.getKeyType());
+		return modifier.getEntry();
+	}
+}
+

Modified: incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/LdapStore.java
==============================================================================
--- incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/LdapStore.java
(original)
+++ incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/LdapStore.java
Sun Oct 31 18:10:40 2004
@@ -18,6 +18,7 @@
 
 import org.apache.kerberos.kdc.*;
 import org.apache.kerberos.kdc.jaas.*;
+import org.apache.kerberos.messages.value.*;
 
 import java.security.*;
 
@@ -43,14 +44,26 @@
 	public static final String REALM_NAME         = "krb5RealmName";
 	
 	private KdcConfiguration _config;
+	private BootstrapStore   _bootstrap;
 	private Subject          _subject;
 	
-	public LdapStore(KdcConfiguration config) {
-		_config  = config;
-		_subject = _config.getKdcSubject();
+	public LdapStore(KdcConfiguration config, BootstrapStore bootstrap) {
+		_config    = config;
+		_bootstrap = bootstrap;
 	}
 	
 	public void init() {
+		
+		_subject = new Subject();
+		
+		KerberosPrincipal principal = _config.getKdcPrincipal();
+		EncryptionKey entry         = _bootstrap.getEntry(principal).getEncryptionKey();
+		
+		KerberosKey key = new KerberosKey(principal, entry.getKeyValue(),
+				entry.getKeyType().getOrdinal(), entry.getKeyVersion());
+		
+		_subject.getPrincipals().add(principal);
+		_subject.getPrivateCredentials().add(key);
 		
 		Configuration.setConfiguration(new Krb5Configuration());
 		

Mime
View raw message