directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From elecha...@apache.org
Subject svn commit: r589780 [2/2] - in /directory/apacheds/branches/bigbang/kerberos-shared/src: main/java/org/apache/directory/server/kerberos/shared/ main/java/org/apache/directory/server/kerberos/shared/io/decoder/ main/java/org/apache/directory/server/kerb...
Date Mon, 29 Oct 2007 18:15:07 GMT
Added: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/TicketFlag.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/TicketFlag.java?rev=589780&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/TicketFlag.java
(added)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/TicketFlag.java
Mon Oct 29 11:14:59 2007
@@ -0,0 +1,139 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages.value.flags;
+
+/**
+ * An enum to describe all the TicketFlag possible values.
+ * 
+ *  TicketFlags     ::= KerberosFlags
+ *           -- reserved(0),
+ *           -- forwardable(1),
+ *           -- forwarded(2),
+ *           -- proxiable(3),
+ *           -- proxy(4),
+ *           -- may-postdate(5),
+ *           -- postdated(6),
+ *           -- invalid(7),
+ *           -- renewable(8),
+ *           -- initial(9),
+ *           -- pre-authent(10),
+ *           -- hw-authent(11),
+ *       -- the following are new since 1510
+ *           -- transited-policy-checked(12),
+ *           -- ok-as-delegate(13)
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public enum TicketFlag implements KerberosFlag
+{
+    /**
+     * Ticket flag - reserved
+     */
+    RESERVED(0),
+
+    /**
+     * Ticket flag - forwardable
+     */
+    FORWARDABLE(1),
+
+    /**
+     * Ticket flag - forwarded
+     */
+    FORWARDED(2),
+
+    /**
+     * Ticket flag - proxiable
+     */
+    PROXIABLE(3),
+
+    /**
+     * Ticket flag - proxy
+     */
+    PROXY(4),
+
+    /**
+     * Ticket flag - may be postdated
+     */
+    MAY_POSTDATE(5),
+
+    /**
+     * Ticket flag - postdated
+     */
+    POSTDATED(6),
+    /**
+     * Ticket flag - invalid
+     */
+    INVALID(7),
+
+    /**
+     * Ticket flag - renewable
+     */
+    RENEWABLE(8),
+
+    /**
+     * Ticket flag - initial
+     */
+    INITIAL(9),
+
+    /**
+     * Ticket flag - pre-authentication
+     */
+    PRE_AUTHENT(10),
+
+    /**
+     * Ticket flag - hardware authentication
+     */
+    HW_AUTHENT(11),
+
+    /**
+     * Ticket flag - transitedEncoding policy checked
+     */
+    TRANSITED_POLICY_CHECKED(12),
+
+    /**
+     * Ticket flag - OK as delegate
+     */
+    OK_AS_DELEGATE(13),
+
+    /**
+     * Ticket flag - maximum value
+     */
+    MAX_VALUE(32);
+
+    // The interned value.
+    private int value;
+    
+    /**
+     * Class constructor
+     */
+    private TicketFlag( int value )
+    {
+        this.value = value;
+    }
+    
+    /**
+     * @return The ordinal value associated with this flag
+     */
+    public int getOrdinal()
+    {
+        return value;
+    }
+}

Added: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/TicketFlags.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/TicketFlags.java?rev=589780&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/TicketFlags.java
(added)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/messages/value/flags/TicketFlags.java
Mon Oct 29 11:14:59 2007
@@ -0,0 +1,329 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages.value.flags;
+
+
+/**
+ * An implementation of a BitString for the TicketFlags. The different values
+ * are stored in an int, as there can't be more than 32 flags (TicketFlag).
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
+ */
+public class TicketFlags extends AbstractKerberosFlags
+{
+    public static final long serialVersionUID = 1L;
+
+   /**
+     * Basic constructor of a TicketFlags BitString
+     */
+    public TicketFlags()
+    {
+        super();
+    }
+    
+    /**
+     * Constructor of a TicketFlags BitString with an int value
+     */
+    public TicketFlags( int flags )
+    {
+        super( getBytes( flags ) );
+    }
+    
+    /**
+     * Basic constructor of a TicketFlags BitString with a byte array
+     */
+    public TicketFlags( byte[] flags )
+    {
+        super( flags );
+    }
+    
+    /**
+     * Ticket flag - reserved
+     */
+    public boolean isReserved()
+    {
+        return isFlagSet( TicketFlag.RESERVED );
+    }
+
+    /**
+     * Ticket flag - forwardable
+     */
+    public boolean isForwardable()
+    {
+        return isFlagSet( TicketFlag.FORWARDABLE );
+    }
+
+    /**
+     * Ticket flag - forwarded
+     */
+    public boolean isForwarded()
+    {
+        return isFlagSet( TicketFlag.FORWARDED );
+    }
+
+    /**
+     * Ticket flag - proxiable
+     */
+    public boolean isProxiable()
+    {
+        return isFlagSet( TicketFlag.PROXIABLE );
+    }
+
+    /**
+     * Ticket flag - proxy
+     */
+    public boolean isProxy()
+    {
+        return isFlagSet( TicketFlag.PROXY );
+    }
+
+    /**
+     * Ticket flag - may be postdated
+     */
+    public boolean isMayPosdate()
+    {
+        return isFlagSet( TicketFlag.MAY_POSTDATE );
+    }
+
+    /**
+     * Ticket flag - postdated
+     */
+    public boolean isPostdated()
+    {
+        return isFlagSet( TicketFlag.POSTDATED );
+    }
+
+    /**
+     * Ticket flag - invalid
+     */
+    public boolean isInvalid()
+    {
+        return isFlagSet( TicketFlag.INVALID );
+    }
+
+    /**
+     * Ticket flag - renewable
+     */
+    public boolean isRenewable()
+    {
+        return isFlagSet( TicketFlag.RENEWABLE );
+    }
+
+    /**
+     * Ticket flag - initial
+     */
+    public boolean isInitial()
+    {
+        return isFlagSet( TicketFlag.INITIAL );
+    }
+
+    /**
+     * Ticket flag - pre-authentication
+     */
+    public boolean isPreAuth()
+    {
+        return isFlagSet( TicketFlag.PRE_AUTHENT );
+    }
+
+    /**
+     * Ticket flag - hardware authentication
+     */
+    public boolean isHwAuthent()
+    {
+        return isFlagSet( TicketFlag.HW_AUTHENT );
+    }
+
+    /**
+     * Ticket flag - transitedEncoding policy checked
+     */
+    public boolean isTransitedPolicyChecked()
+    {
+        return isFlagSet( TicketFlag.TRANSITED_POLICY_CHECKED );
+    }
+
+    /**
+     * Ticket flag - OK as delegate
+     */
+    public boolean isOkAsDelegate()
+    {
+        return isFlagSet( TicketFlag.OK_AS_DELEGATE );
+    }
+    
+    /**
+     * Converts the object to a printable string.
+     */
+    /*public static String toString( int flags )
+    {
+        StringBuilder result = new StringBuilder();
+
+        if ( ( flags & ( 1 << TicketFlag.RESERVED.getOrdinal() ) ) != 0 )
+        {
+            result.append( "RESERVED " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.FORWARDABLE.getOrdinal() ) ) != 0 )
+        {
+            result.append( "FORWARDABLE " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.FORWARDED.getOrdinal() ) ) != 0 )
+        {
+            result.append( "FORWARDED " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.PROXIABLE.getOrdinal() ) ) != 0 )
+        {
+            result.append( "PROXIABLE " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.PROXY.getOrdinal() ) ) != 0 )
+        {
+            result.append( "PROXY " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.MAY_POSTDATE.getOrdinal() ) ) != 0 )
+        {
+            result.append( "MAY_POSTDATE " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.POSTDATED.getOrdinal() ) ) != 0 )
+        {
+            result.append( "POSTDATED " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.INVALID.getOrdinal() ) ) != 0 )
+        {
+            result.append( "INVALID " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.RENEWABLE.getOrdinal() ) ) != 0 )
+        {
+            result.append( "RENEWABLE " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.INITIAL.getOrdinal() ) ) != 0 )
+        {
+            result.append( "INITIAL " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.PRE_AUTHENT.getOrdinal() ) ) != 0 )
+        {
+            result.append( "PRE_AUTHENT " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.HW_AUTHENT.getOrdinal() ) ) != 0 )
+        {
+            result.append( "HW_AUTHENT " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.TRANSITED_POLICY_CHECKED.getOrdinal()
) ) != 0 )
+        {
+            result.append( "TRANSITED_POLICY_CHECKED " );
+        }
+
+        if ( ( flags & ( 1 << TicketFlag.OK_AS_DELEGATE.getOrdinal() ) ) != 0 )
+        {
+            result.append( "OPTS_OK_AS_DELEGATE " );
+        }
+
+        return result.toString().trim();
+    }*/
+
+    /**
+     * Converts the object to a printable string.
+     */
+    public String toString()
+    {
+        StringBuilder result = new StringBuilder();
+
+        if ( isFlagSet( TicketFlag.RESERVED ) )
+        {
+            result.append( "RESERVED(0) " );
+        }
+
+        if ( isFlagSet( TicketFlag.FORWARDABLE ) )
+        {
+            result.append( "FORWARDABLE(1) " );
+        }
+
+        if ( isFlagSet( TicketFlag.FORWARDED ) )
+        {
+            result.append( "FORWARDED(2) " );
+        }
+
+        if ( isFlagSet( TicketFlag.PROXIABLE ) )
+        {
+            result.append( "PROXIABLE(3) " );
+        }
+
+        if ( isFlagSet( TicketFlag.PROXY ) )
+        {
+            result.append( "PROXY(4) " );
+        }
+
+        if ( isFlagSet( TicketFlag.MAY_POSTDATE ) )
+        {
+            result.append( "MAY_POSTDATE(5) " );
+        }
+
+        if ( isFlagSet( TicketFlag.POSTDATED ) )
+        {
+            result.append( "POSTDATED(6) " );
+        }
+
+        if ( isFlagSet( TicketFlag.INVALID ) )
+        {
+            result.append( "INVALID(7) " );
+        }
+
+        if ( isFlagSet( TicketFlag.RENEWABLE ) )
+        {
+            result.append( "RENEWABLE(8) " );
+        }
+
+        if ( isFlagSet( TicketFlag.INITIAL ) )
+        {
+            result.append( "INITIAL(9) " );
+        }
+
+        if ( isFlagSet( TicketFlag.PRE_AUTHENT ) )
+        {
+            result.append( "PRE_AUTHENT(10) " );
+        }
+
+        if ( isFlagSet( TicketFlag.HW_AUTHENT ) )
+        {
+            result.append( "HW_AUTHENT(11) " );
+        }
+
+        if ( isFlagSet( TicketFlag.TRANSITED_POLICY_CHECKED ) )
+        {
+            result.append( "TRANSITED_POLICY_CHECKED(12) " );
+        }
+
+        if ( isFlagSet( TicketFlag.OK_AS_DELEGATE ) )
+        {
+            result.append( "OK_AS_DELEGATE(13) " );
+        }
+
+        return result.toString().trim();
+    }
+}

Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java?rev=589780&r1=589779&r2=589780&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
(original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/service/VerifyAuthHeader.java
Mon Oct 29 11:14:59 2007
@@ -24,12 +24,12 @@
 
 import javax.security.auth.kerberos.KerberosPrincipal;
 
+import org.apache.directory.server.kerberos.shared.KerberosMessageType;
 import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
 import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
 import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
 import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
 import org.apache.directory.server.kerberos.shared.messages.ApplicationRequest;
-import org.apache.directory.server.kerberos.shared.messages.MessageType;
 import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
 import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPart;
 import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
@@ -78,12 +78,12 @@
             throw new KerberosException( ErrorType.KRB_AP_ERR_BADVERSION );
         }
 
-        if ( authHeader.getMessageType() != MessageType.KRB_AP_REQ )
+        if ( authHeader.getMessageType() != KerberosMessageType.AP_REQ )
         {
             throw new KerberosException( ErrorType.KRB_AP_ERR_MSG_TYPE );
         }
 
-        if ( authHeader.getTicket().getVersionNumber() != 5 )
+        if ( authHeader.getTicket().getTktVno() != 5 )
         {
             throw new KerberosException( ErrorType.KRB_AP_ERR_BADVERSION );
         }
@@ -92,7 +92,7 @@
 
         if ( authHeader.getOption( ApOptions.USE_SESSION_KEY ) )
         {
-            ticketKey = authHeader.getTicket().getSessionKey();
+            ticketKey = authHeader.getTicket().getEncTicketPart().getSessionKey();
         }
         else
         {
@@ -114,17 +114,17 @@
             KeyUsage.NUMBER2 );
         ticket.setEncTicketPart( encPart );
 
-        Authenticator authenticator = ( Authenticator ) lockBox.unseal( Authenticator.class,
ticket.getSessionKey(),
+        Authenticator authenticator = ( Authenticator ) lockBox.unseal( Authenticator.class,
ticket.getEncTicketPart().getSessionKey(),
             authHeader.getEncPart(), authenticatorKeyUsage );
 
-        if ( !authenticator.getClientPrincipal().getName().equals( ticket.getClientPrincipal().getName()
) )
+        if ( !authenticator.getClientPrincipal().getName().equals( ticket.getEncTicketPart().getClientPrincipal().getName()
) )
         {
             throw new KerberosException( ErrorType.KRB_AP_ERR_BADMATCH );
         }
 
-        if ( ticket.getClientAddresses() != null )
+        if ( ticket.getEncTicketPart().getClientAddresses() != null )
         {
-            if ( !ticket.getClientAddresses().contains( new HostAddress( clientAddress )
) )
+            if ( !ticket.getEncTicketPart().getClientAddresses().contains( new HostAddress(
clientAddress ) ) )
             {
                 throw new KerberosException( ErrorType.KRB_AP_ERR_BADADDR );
             }
@@ -160,19 +160,19 @@
          * current time by more than the allowable clock skew, or if the INVALID
          * flag is set in the ticket, the KRB_AP_ERR_TKT_NYV error is returned."
          */
-        KerberosTime startTime = ( ticket.getStartTime() != null ) ? ticket.getStartTime()
: ticket.getAuthTime();
+        KerberosTime startTime = ( ticket.getEncTicketPart().getStartTime() != null ) ? ticket.getEncTicketPart().getStartTime()
: ticket.getEncTicketPart().getAuthTime();
 
         KerberosTime now = new KerberosTime();
         boolean isValidStartTime = startTime.lessThan( now );
 
-        if ( !isValidStartTime || ( ticket.getFlag( TicketFlags.INVALID ) && !isValidate
) )
+        if ( !isValidStartTime || ( ticket.getEncTicketPart().getFlags().get( TicketFlags.INVALID
) && !isValidate ) )
         {
             // it hasn't yet become valid
             throw new KerberosException( ErrorType.KRB_AP_ERR_TKT_NYV );
         }
 
         // TODO - doesn't take into account skew
-        if ( !ticket.getEndTime().greaterThan( now ) )
+        if ( !ticket.getEncTicketPart().getEndTime().greaterThan( now ) )
         {
             throw new KerberosException( ErrorType.KRB_AP_ERR_TKT_EXPIRED );
         }

Modified: directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/TicketFactory.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/TicketFactory.java?rev=589780&r1=589779&r2=589780&view=diff
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/TicketFactory.java
(original)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/main/java/org/apache/directory/server/kerberos/shared/store/TicketFactory.java
Mon Oct 29 11:14:59 2007
@@ -37,7 +37,6 @@
 import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPart;
 import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPartModifier;
 import org.apache.directory.server.kerberos.shared.messages.components.Ticket;
-import org.apache.directory.server.kerberos.shared.messages.components.TicketModifier;
 import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
 import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
 import org.apache.directory.server.kerberos.shared.messages.value.KerberosTime;
@@ -118,12 +117,10 @@
 
         EncryptedData encryptedTicketPart = cipherTextHandler.seal( serverKey, encTicketPart,
KeyUsage.NUMBER2 );
 
-        TicketModifier ticketModifier = new TicketModifier();
-        ticketModifier.setTicketVersionNumber( 5 );
-        ticketModifier.setServerPrincipal( serverPrincipal );
-        ticketModifier.setEncPart( encryptedTicketPart );
-
-        Ticket ticket = ticketModifier.getTicket();
+        Ticket ticket = new Ticket();
+        ticket.setTktVno( 5 );
+        ticket.setServerPrincipal( serverPrincipal );
+        ticket.setEncPart( encryptedTicketPart );
 
         ticket.setEncTicketPart( encTicketPart );
 
@@ -142,28 +139,28 @@
     {
         byte[] asn1Encoding = TicketEncoder.encodeTicket( ticket );
 
-        KerberosPrincipal client = ticket.getClientPrincipal();
+        KerberosPrincipal client = ticket.getEncTicketPart().getClientPrincipal();
         KerberosPrincipal server = ticket.getServerPrincipal();
-        byte[] sessionKey = ticket.getSessionKey().getKeyValue();
-        int keyType = ticket.getSessionKey().getKeyType().getOrdinal();
+        byte[] sessionKey = ticket.getEncTicketPart().getSessionKey().getKeyValue();
+        int keyType = ticket.getEncTicketPart().getSessionKey().getKeyType().getOrdinal();
 
         boolean[] flags = new boolean[32];
 
         for ( int ii = 0; ii < flags.length; ii++ )
         {
-            flags[ii] = ticket.getFlag( ii );
+            flags[ii] = ticket.getEncTicketPart().getFlags().get( ii );
         }
 
-        Date authTime = ticket.getAuthTime().toDate();
-        Date endTime = ticket.getEndTime().toDate();
+        Date authTime = ticket.getEncTicketPart().getAuthTime().toDate();
+        Date endTime = ticket.getEncTicketPart().getEndTime().toDate();
 
-        Date startTime = ( ticket.getStartTime() != null ? ticket.getStartTime().toDate()
: null );
+        Date startTime = ( ticket.getEncTicketPart().getStartTime() != null ? ticket.getEncTicketPart().getStartTime().toDate()
: null );
 
         Date renewTill = null;
 
-        if ( ticket.getFlag( TicketFlags.RENEWABLE ) )
+        if ( ticket.getEncTicketPart().getFlags().get( TicketFlags.RENEWABLE ) )
         {
-            renewTill = ( ticket.getRenewTill() != null ? ticket.getRenewTill().toDate()
: null );
+            renewTill = ( ticket.getEncTicketPart().getRenewTill() != null ? ticket.getEncTicketPart().getRenewTill().toDate()
: null );
         }
 
         InetAddress[] clientAddresses = new InetAddress[0];

Added: directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/messages/components/TicketTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/messages/components/TicketTest.java?rev=589780&view=auto
==============================================================================
--- directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/messages/components/TicketTest.java
(added)
+++ directory/apacheds/branches/bigbang/kerberos-shared/src/test/java/org/apache/directory/server/kerberos/shared/messages/components/TicketTest.java
Mon Oct 29 11:14:59 2007
@@ -0,0 +1,133 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.server.kerberos.shared.messages.components;
+
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.directory.server.kerberos.shared.io.encoder.TicketEncoder;
+import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;
+import org.apache.directory.server.kerberos.shared.store.TicketFactory;
+import org.apache.directory.shared.ldap.util.StringTools;
+
+import junit.framework.TestCase;
+
+/**
+ * Test the Ticket encoding and decoding
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev: 542147 $, $Date: 2007-05-28 10:14:21 +0200 (Mon, 28 May 2007) $
+ */
+public class TicketTest extends TestCase
+{
+    public void testTicket() throws Exception
+    {
+        TicketFactory ticketFactory = new TicketFactory();
+
+        KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM"
);
+        KerberosPrincipal serverPrincipal = new KerberosPrincipal( "kadmin/changepw@EXAMPLE.COM"
);
+        String serverPassword = "s3crEt";
+
+        EncryptionKey serverKey = ticketFactory.getServerKey( serverPrincipal, serverPassword
);
+
+        Ticket serviceTicket = ticketFactory.getTicket( clientPrincipal, serverPrincipal,
serverKey );
+
+        byte[] encodedTicket = TicketEncoder.encodeTicket( serviceTicket );
+        
+        ByteBuffer encoded = serviceTicket.encode( null );
+        
+        byte[] expectedResult = new byte[]
+            {
+              0x61, (byte)0x81, (byte)0xEF,
+                0x30,  (byte)0x81, (byte)0xEC, 
+                  (byte)0xA0, 0x03,
+                    0x02, 0x01, 0x05,
+                  (byte)0xA1, 0x0D,
+                    0x1B, 0x0B, 
+                      'E', 'X', 'A', 'M', 'P', 'L', 'E', '.', 'C', 'O', 'M',
+                  (byte)0xA2, 0x1D,
+                    0x30, 0x1B,
+                      (byte)0xA0, 0x03, 
+                        0x02, 0x01, 0x01, 
+                      (byte)0xA1, 0x14, 
+                        0x30, 0x12, 
+                          0x1B, 0x06, 
+                            'k', 'a', 'd', 'm', 'i', 'n',
+                          0x1B, 0x08,
+                            'c', 'h', 'a', 'n', 'g', 'e', 'p', 'w',
+                  (byte)0xA3, (byte)0x81, (byte)0xB6, 
+                    0x30, (byte)0x81, (byte)0xB3,
+                      (byte)0xA0, 0x03,
+                        0x02, 0x01, 0x03,
+                      (byte)0xA2, (byte)0x81, (byte)0xAB,
+                        0x04, (byte)0x81, (byte)0xA8
+            };
+
+        // We will just compared the first bytes (everyting before the encrypted data)
+        String expectedResultString = StringTools.dumpBytes( expectedResult );
+        String resultString = StringTools.dumpBytes( encoded.array() ).substring( 0,  expectedResultString.length()
);
+        
+        assertEquals( expectedResultString, resultString );
+        assertTrue( Arrays.equals( encodedTicket, encodedTicket ) );
+    }
+
+    /*
+    public void testTicketPerf() throws Exception
+    {
+        TicketFactory ticketFactory = new TicketFactory();
+
+        KerberosPrincipal clientPrincipal = new KerberosPrincipal( "hnelson@EXAMPLE.COM"
);
+        KerberosPrincipal serverPrincipal = new KerberosPrincipal( "kadmin/changepw@EXAMPLE.COM"
);
+        String serverPassword = "s3crEt";
+
+        EncryptionKey serverKey = ticketFactory.getServerKey( serverPrincipal, serverPassword
);
+
+        Ticket serviceTicket = ticketFactory.getTicket( clientPrincipal, serverPrincipal,
serverKey );
+
+        byte[] encodedTicket = TicketEncoder.encodeTicket( serviceTicket );
+        
+        long t0 = System.currentTimeMillis();
+        
+        for ( int i=0; i < 1000000; i++ )
+        {
+            TicketEncoder.encodeTicket( serviceTicket );
+        }
+        
+        long t1 = System.currentTimeMillis();
+        
+        System.out.println( "Delta slow = " + ( t1 - t0 ) );
+
+        long t2 = System.currentTimeMillis();
+        
+        for ( int i=0; i < 1000000; i++ )
+        {
+            serviceTicket.encode( null );
+        }
+        
+        long t3 = System.currentTimeMillis();
+        
+        System.out.println( "Delta slow = " + ( t3 - t2 ) );
+
+        assertTrue( Arrays.equals( encodedTicket, encodedTicket ) );
+    }
+    */
+}



Mime
View raw message