directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r1467804 [1/2] - in /directory/apacheds/trunk/kerberos-client2: ./ src/ src/main/ src/main/java/ src/main/java/org/ src/main/java/org/apache/ src/main/java/org/apache/directory/ src/main/java/org/apache/directory/kerberos/ src/main/java/org...
Date Sun, 14 Apr 2013 17:47:07 GMT
Author: kayyagari
Date: Sun Apr 14 17:47:06 2013
New Revision: 1467804

URL: http://svn.apache.org/r1467804
Log:
new kerberos client that uses new kerberos codec and does not depend on MINA for network communication
This code was initially developed at Keydap.com, now it is donated to community by granting full copyright to ApacheDS project

Added:
    directory/apacheds/trunk/kerberos-client2/
    directory/apacheds/trunk/kerberos-client2/pom.xml
    directory/apacheds/trunk/kerberos-client2/src/
    directory/apacheds/trunk/kerberos-client2/src/main/
    directory/apacheds/trunk/kerberos-client2/src/main/java/
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/AbstractTicket.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/HeimdalKpasswdDecode.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcClientUtil.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KerberosChannel.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KpasswdDecode.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicket.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicketRequest.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgTicket.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java
    directory/apacheds/trunk/kerberos-client2/src/test/
    directory/apacheds/trunk/kerberos-client2/src/test/java/
    directory/apacheds/trunk/kerberos-client2/src/test/java/org/
    directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/
    directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/
    directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/
    directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/
    directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcAsRepTest.java
    directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcConnectionTest.java
    directory/apacheds/trunk/kerberos-client2/src/test/resources/
    directory/apacheds/trunk/kerberos-client2/src/test/resources/log4j.xml

Added: directory/apacheds/trunk/kerberos-client2/pom.xml
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/pom.xml?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/pom.xml (added)
+++ directory/apacheds/trunk/kerberos-client2/pom.xml Sun Apr 14 17:47:06 2013
@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+  
+  http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>org.apache.directory.server</groupId>
+    <artifactId>apacheds-parent</artifactId>
+    <version>2.0.0-M12-SNAPSHOT</version>
+  </parent>
+  <artifactId>kerberos-client2</artifactId>
+  <packaging>jar</packaging>
+  <name>ApacheDS Kerberos Client</name>
+  
+  <properties>
+    <kerberos.codec.version>${project.version}</kerberos.codec.version>
+  </properties>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.apache.directory.junit</groupId>
+      <artifactId>junit-addons</artifactId>
+      <scope>test</scope>
+    </dependency>
+
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>apacheds-kerberos-codec</artifactId>
+      <version>${kerberos.codec.version}</version>
+    </dependency>
+
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>apacheds-server-annotations</artifactId>
+      <scope>test</scope>
+    </dependency>
+    
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>apacheds-test-framework</artifactId>
+      <scope>test</scope>
+    </dependency>
+    
+    <dependency>
+      <groupId>${project.groupId}</groupId>
+      <artifactId>apacheds-interceptor-kerberos</artifactId>
+      <scope>test</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-source-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>attach-sources</id>
+            <phase>verify</phase>
+            <goals>
+              <goal>jar</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+</project>

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/AbstractTicket.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/AbstractTicket.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/AbstractTicket.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/AbstractTicket.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,72 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+
+import org.apache.directory.shared.kerberos.components.EncKdcRepPart;
+import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.directory.shared.kerberos.messages.Ticket;
+
+/**
+ * 
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public abstract class AbstractTicket
+{
+    protected Ticket ticket;
+
+    protected EncKdcRepPart encKdcRepPart;
+
+
+    public AbstractTicket( Ticket ticket, EncKdcRepPart encKdcRepPart )
+    {
+        this.ticket = ticket;
+        this.encKdcRepPart = encKdcRepPart;
+    }
+
+
+    /*default protected*/ Ticket getTicket()
+    {
+        return ticket;
+    }
+
+
+    public EncryptionKey getSessionKey()
+    {
+        return encKdcRepPart.getKey();
+    }
+
+
+    public long getStartTime()
+    {
+        return encKdcRepPart.getStartTime().getTime();
+    }
+
+
+    public long getExpiryTime()
+    {
+        return encKdcRepPart.getEndTime().getTime();
+    }
+
+    public boolean isForwardable()
+    {
+        return encKdcRepPart.getFlags().isForwardable();
+    }
+}

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/HeimdalKpasswdDecode.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/HeimdalKpasswdDecode.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/HeimdalKpasswdDecode.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/HeimdalKpasswdDecode.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,275 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
+
+public class HeimdalKpasswdDecode extends KpasswdDecode
+{
+    public HeimdalKpasswdDecode( String principal, String password, EncryptionType eType )
+    {
+        super( principal, password, eType );
+    }
+    
+    public static void main( String[] args ) throws Exception
+    {
+        KpasswdDecode k = new HeimdalKpasswdDecode( "hnelson@EXAMPLE.COM", "secret00", EncryptionType.AES256_CTS_HMAC_SHA1_96 );
+        k.decodeAsRep( asReppkt10 );
+        k.decodeApReq( kpasswdApReqpkt12 );
+        k.decodeApRep( kpasswdReplypkt13 );
+    }
+    
+    //pkt10
+    private static byte[] asReppkt10 = {
+//        (byte)0x00, (byte)0x00, (byte)0x03, (byte)0x04, (byte)0x00, (byte)0x06, (byte)0x00, (byte)0x00, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x86, (byte)0xdd, 
+//        (byte)0x60, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x02, (byte)0xc2, (byte)0x11, (byte)0x40, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x01, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x01, 
+//        (byte)0x00, (byte)0x58, (byte)0xd1, (byte)0x0c, (byte)0x02, (byte)0xc2, (byte)0xc1, (byte)0x28, 
+        (byte)0x6b, (byte)0x82, (byte)0x02, (byte)0xb6, (byte)0x30, (byte)0x82, (byte)0x02, (byte)0xb2, 
+        (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x05, (byte)0xa1, (byte)0x03, (byte)0x02, 
+        (byte)0x01, (byte)0x0b, (byte)0xa2, (byte)0x1f, (byte)0x30, (byte)0x1d, (byte)0x30, (byte)0x1b, 
+        (byte)0xa1, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x03, (byte)0xa2, (byte)0x14, (byte)0x04, 
+        (byte)0x12, (byte)0x45, (byte)0x58, (byte)0x41, (byte)0x4d, (byte)0x50, (byte)0x4c, (byte)0x45, 
+        (byte)0x2e, (byte)0x43, (byte)0x4f, (byte)0x4d, (byte)0x68, (byte)0x6e, (byte)0x65, (byte)0x6c, 
+        (byte)0x73, (byte)0x6f, (byte)0x6e, (byte)0xa3, (byte)0x0d, (byte)0x1b, (byte)0x0b, (byte)0x45, 
+        (byte)0x58, (byte)0x41, (byte)0x4d, (byte)0x50, (byte)0x4c, (byte)0x45, (byte)0x2e, (byte)0x43, 
+        (byte)0x4f, (byte)0x4d, (byte)0xa4, (byte)0x14, (byte)0x30, (byte)0x12, (byte)0xa0, (byte)0x03, 
+        (byte)0x02, (byte)0x01, (byte)0x01, (byte)0xa1, (byte)0x0b, (byte)0x30, (byte)0x09, (byte)0x1b, 
+        (byte)0x07, (byte)0x68, (byte)0x6e, (byte)0x65, (byte)0x6c, (byte)0x73, (byte)0x6f, (byte)0x6e, 
+        (byte)0xa5, (byte)0x82, (byte)0x01, (byte)0x3f, (byte)0x61, (byte)0x82, (byte)0x01, (byte)0x3b, 
+        (byte)0x30, (byte)0x82, (byte)0x01, (byte)0x37, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, 
+        (byte)0x05, (byte)0xa1, (byte)0x0d, (byte)0x1b, (byte)0x0b, (byte)0x45, (byte)0x58, (byte)0x41, 
+        (byte)0x4d, (byte)0x50, (byte)0x4c, (byte)0x45, (byte)0x2e, (byte)0x43, (byte)0x4f, (byte)0x4d, 
+        (byte)0xa2, (byte)0x1d, (byte)0x30, (byte)0x1b, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, 
+        (byte)0x01, (byte)0xa1, (byte)0x14, (byte)0x30, (byte)0x12, (byte)0x1b, (byte)0x06, (byte)0x6b, 
+        (byte)0x61, (byte)0x64, (byte)0x6d, (byte)0x69, (byte)0x6e, (byte)0x1b, (byte)0x08, (byte)0x63, 
+        (byte)0x68, (byte)0x61, (byte)0x6e, (byte)0x67, (byte)0x65, (byte)0x70, (byte)0x77, (byte)0xa3,// 
+        (byte)0x82, (byte)0x01, (byte)0x00, (byte)0x30, (byte)0x81, (byte)0xfd, (byte)0xa0, (byte)0x03, 
+        (byte)0x02, (byte)0x01, (byte)0x12, (byte)0xa1, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x01, 
+        (byte)0xa2, (byte)0x81, (byte)0xf0, (byte)0x04, (byte)0x81, (byte)0xed, (byte)0x18, (byte)0xe6, 
+        (byte)0xde, (byte)0xba, (byte)0xd7, (byte)0xf5, (byte)0xac, (byte)0xd8, (byte)0xe2, (byte)0xe9, 
+        (byte)0xe4, (byte)0x9f, (byte)0x7d, (byte)0x41, (byte)0x9b, (byte)0xe0, (byte)0x48, (byte)0xc2, 
+        (byte)0x0c, (byte)0xca, (byte)0x20, (byte)0x23, (byte)0xdf, (byte)0xdb, (byte)0xc5, (byte)0x9b, 
+        (byte)0x92, (byte)0xd9, (byte)0x72, (byte)0xce, (byte)0x17, (byte)0xc2, (byte)0xc3, (byte)0xe9, 
+        (byte)0xfc, (byte)0xfa, (byte)0x5a, (byte)0xf3, (byte)0xa6, (byte)0xb9, (byte)0x7f, (byte)0x05, 
+        (byte)0x54, (byte)0x90, (byte)0xff, (byte)0xa0, (byte)0x5d, (byte)0x61, (byte)0x05, (byte)0x61, 
+        (byte)0x54, (byte)0xde, (byte)0xf7, (byte)0x87, (byte)0x0e, (byte)0x38, (byte)0xfa, (byte)0xbd, 
+        (byte)0x6b, (byte)0xbe, (byte)0x6b, (byte)0x14, (byte)0x12, (byte)0x53, (byte)0x64, (byte)0x9c, 
+        (byte)0x23, (byte)0xfe, (byte)0x47, (byte)0xd0, (byte)0x39, (byte)0x07, (byte)0xdb, (byte)0xb6, 
+        (byte)0x18, (byte)0xaa, (byte)0x04, (byte)0x44, (byte)0xfd, (byte)0x28, (byte)0xa0, (byte)0x64, 
+        (byte)0xc5, (byte)0x31, (byte)0x3d, (byte)0xc2, (byte)0x2e, (byte)0xe9, (byte)0xb2, (byte)0x5e, 
+        (byte)0xdb, (byte)0x2c, (byte)0xd2, (byte)0x7c, (byte)0x53, (byte)0x45, (byte)0xf5, (byte)0x1a, 
+        (byte)0x9b, (byte)0x62, (byte)0xbe, (byte)0x1a, (byte)0xdc, (byte)0xd4, (byte)0x1a, (byte)0xf9, 
+        (byte)0x0c, (byte)0x70, (byte)0x29, (byte)0xc4, (byte)0x46, (byte)0x51, (byte)0x4d, (byte)0x69, 
+        (byte)0xf8, (byte)0x20, (byte)0x8e, (byte)0x0e, (byte)0x11, (byte)0x89, (byte)0x06, (byte)0x28, 
+        (byte)0xfa, (byte)0x48, (byte)0x43, (byte)0x81, (byte)0x1e, (byte)0xbc, (byte)0x48, (byte)0x09, 
+        (byte)0x6e, (byte)0x0f, (byte)0x5f, (byte)0x0f, (byte)0x79, (byte)0x16, (byte)0x1a, (byte)0xeb, 
+        (byte)0xd1, (byte)0x8b, (byte)0xdf, (byte)0x5e, (byte)0x3f, (byte)0xc5, (byte)0x5f, (byte)0xee, 
+        (byte)0xdd, (byte)0x1f, (byte)0xc4, (byte)0x52, (byte)0x8d, (byte)0xa0, (byte)0xcd, (byte)0x68, 
+        (byte)0xea, (byte)0x87, (byte)0xc9, (byte)0x16, (byte)0xe7, (byte)0x51, (byte)0x85, (byte)0xfb, 
+        (byte)0x8a, (byte)0x71, (byte)0x9f, (byte)0x1f, (byte)0x67, (byte)0x33, (byte)0x7c, (byte)0x9b, 
+        (byte)0x00, (byte)0x86, (byte)0x9c, (byte)0x07, (byte)0x0e, (byte)0xbd, (byte)0xb6, (byte)0x6e, 
+        (byte)0x91, (byte)0x57, (byte)0xc2, (byte)0x7f, (byte)0xc7, (byte)0xae, (byte)0x0e, (byte)0x94, 
+        (byte)0x27, (byte)0xf4, (byte)0xb3, (byte)0x25, (byte)0xe3, (byte)0xa0, (byte)0x5b, (byte)0xd5, 
+        (byte)0x1d, (byte)0x4c, (byte)0x40, (byte)0x90, (byte)0x57, (byte)0xad, (byte)0x09, (byte)0xa7, 
+        (byte)0xbe, (byte)0xd8, (byte)0x56, (byte)0x37, (byte)0xe8, (byte)0xeb, (byte)0xae, (byte)0xd9, 
+        (byte)0x0b, (byte)0x9e, (byte)0x17, (byte)0x67, (byte)0x14, (byte)0x39, (byte)0x72, (byte)0x37, 
+        (byte)0xd5, (byte)0xa4, (byte)0xd8, (byte)0xa1, (byte)0x27, (byte)0xe8, (byte)0x71, (byte)0xad, 
+        (byte)0xb5, (byte)0x35, (byte)0x7f, (byte)0x80, (byte)0x80, (byte)0x1a, (byte)0xdf, (byte)0x1f, 
+        (byte)0x6f, (byte)0x38, (byte)0xae, (byte)0xa6, (byte)0x82, (byte)0x01, (byte)0x1b, (byte)0x30, 
+        (byte)0x82, (byte)0x01, (byte)0x17, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x12, 
+        (byte)0xa1, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x02, (byte)0xa2, (byte)0x82, (byte)0x01, 
+        (byte)0x09, (byte)0x04, (byte)0x82, (byte)0x01, (byte)0x05, (byte)0x5b, (byte)0x1c, (byte)0xee, 
+        (byte)0x66, (byte)0x13, (byte)0x42, (byte)0x1b, (byte)0x1c, (byte)0x7e, (byte)0xba, (byte)0x0b, 
+        (byte)0xa6, (byte)0xc0, (byte)0x30, (byte)0xa5, (byte)0xba, (byte)0x8e, (byte)0xce, (byte)0x9a, 
+        (byte)0xe7, (byte)0xb1, (byte)0x21, (byte)0x95, (byte)0x6e, (byte)0xc9, (byte)0xb3, (byte)0x7f, 
+        (byte)0xe4, (byte)0x92, (byte)0x0d, (byte)0x78, (byte)0x72, (byte)0x02, (byte)0x36, (byte)0x46, 
+        (byte)0x33, (byte)0x2b, (byte)0x73, (byte)0xb4, (byte)0x68, (byte)0xdf, (byte)0x32, (byte)0x6f, 
+        (byte)0x6c, (byte)0x85, (byte)0xb3, (byte)0x82, (byte)0x09, (byte)0x49, (byte)0xa7, (byte)0x3b, 
+        (byte)0x3d, (byte)0xb9, (byte)0x51, (byte)0xdd, (byte)0x48, (byte)0x3e, (byte)0xda, (byte)0x17, 
+        (byte)0x63, (byte)0xaf, (byte)0xef, (byte)0xb4, (byte)0x1c, (byte)0xcb, (byte)0x3f, (byte)0x82, 
+        (byte)0xba, (byte)0x42, (byte)0xda, (byte)0x9b, (byte)0xf0, (byte)0x67, (byte)0xf5, (byte)0x00, 
+        (byte)0xfd, (byte)0xdc, (byte)0x31, (byte)0xf6, (byte)0xde, (byte)0xd9, (byte)0x6b, (byte)0x25, 
+        (byte)0x0d, (byte)0x5d, (byte)0x2d, (byte)0x48, (byte)0xba, (byte)0xb4, (byte)0x59, (byte)0x94, 
+        (byte)0x68, (byte)0xa1, (byte)0xcf, (byte)0x39, (byte)0x64, (byte)0x6f, (byte)0xf5, (byte)0xf5, 
+        (byte)0x05, (byte)0x08, (byte)0xdc, (byte)0xe3, (byte)0xec, (byte)0x0e, (byte)0x94, (byte)0xa9, 
+        (byte)0x0b, (byte)0x83, (byte)0xa7, (byte)0xca, (byte)0x21, (byte)0x26, (byte)0xe9, (byte)0x5f, 
+        (byte)0xed, (byte)0x69, (byte)0x64, (byte)0x77, (byte)0x18, (byte)0x5e, (byte)0x5c, (byte)0x5e, 
+        (byte)0x01, (byte)0xa4, (byte)0x2e, (byte)0x71, (byte)0xf5, (byte)0x8f, (byte)0xc5, (byte)0x49, 
+        (byte)0x77, (byte)0xb3, (byte)0x71, (byte)0xb6, (byte)0x8f, (byte)0xf5, (byte)0x02, (byte)0xe8, 
+        (byte)0x1b, (byte)0xaa, (byte)0x06, (byte)0x09, (byte)0x09, (byte)0x29, (byte)0xa5, (byte)0x13, 
+        (byte)0xfd, (byte)0x32, (byte)0x23, (byte)0x61, (byte)0xde, (byte)0x98, (byte)0x4b, (byte)0x70, 
+        (byte)0xea, (byte)0x2d, (byte)0x55, (byte)0x1a, (byte)0xcf, (byte)0x89, (byte)0xd9, (byte)0x46, 
+        (byte)0xb2, (byte)0x44, (byte)0xa9, (byte)0x1d, (byte)0xc8, (byte)0x79, (byte)0x42, (byte)0x1e, 
+        (byte)0x0e, (byte)0xb1, (byte)0xd1, (byte)0x21, (byte)0x80, (byte)0x9a, (byte)0x21, (byte)0x15, 
+        (byte)0x35, (byte)0x5e, (byte)0x32, (byte)0x21, (byte)0x89, (byte)0x71, (byte)0x61, (byte)0x31, 
+        (byte)0xa9, (byte)0x91, (byte)0xc0, (byte)0x22, (byte)0x19, (byte)0x22, (byte)0x37, (byte)0xaf, 
+        (byte)0xb8, (byte)0x6c, (byte)0x90, (byte)0x7c, (byte)0xbb, (byte)0xb4, (byte)0xbd, (byte)0x46, 
+        (byte)0x9e, (byte)0x90, (byte)0x36, (byte)0x78, (byte)0x77, (byte)0x58, (byte)0xcb, (byte)0x18, 
+        (byte)0xbd, (byte)0xaa, (byte)0xba, (byte)0x35, (byte)0x6f, (byte)0x01, (byte)0xc1, (byte)0x58, 
+        (byte)0x07, (byte)0x8e, (byte)0xb6, (byte)0xe5, (byte)0x7e, (byte)0xa1, (byte)0x8c, (byte)0xbb, 
+        (byte)0xb5, (byte)0xf4, (byte)0xab, (byte)0xbf, (byte)0xe6, (byte)0xcd, (byte)0x48, (byte)0xea, 
+        (byte)0xb7, (byte)0x37, (byte)0x81, (byte)0x26, (byte)0x1e, (byte)0x32, (byte)0x2b, (byte)0xd4, 
+        (byte)0x90, (byte)0x0d, (byte)0x29, (byte)0xa9, (byte)0x60, (byte)0x90, (byte)0x3c, (byte)0xb6, 
+        (byte)0x4b, (byte)0xdd, (byte)0x37, (byte)0x81, (byte)0xa4, (byte)0x76, (byte)0x73, (byte)0x6c, 
+        (byte)0x23, (byte)0x43 };
+
+    private static byte[] kpasswdApReqpkt12 = {
+//        (byte)0x00, (byte)0x00, (byte)0x03, (byte)0x04, (byte)0x00, (byte)0x06, (byte)0x00, (byte)0x00, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x86, (byte)0xdd, 
+//        (byte)0x60, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x02, (byte)0xb1, (byte)0x11, (byte)0x40, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x01, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x01, 
+//        (byte)0x9c, (byte)0x20, (byte)0x01, (byte)0xd0, (byte)0x02, (byte)0xb1, (byte)0x1a, (byte)0xf1, 
+        (byte)0x02, (byte)0xa9, (byte)0xff, (byte)0x80, (byte)0x02, (byte)0x08, (byte)0x6e, (byte)0x82, 
+        (byte)0x02, (byte)0x04, (byte)0x30, (byte)0x82, (byte)0x02, (byte)0x00, (byte)0xa0, (byte)0x03, 
+        (byte)0x02, (byte)0x01, (byte)0x05, (byte)0xa1, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x0e, 
+        (byte)0xa2, (byte)0x07, (byte)0x03, (byte)0x05, (byte)0x00, (byte)0x20, (byte)0x00, (byte)0x00, 
+        (byte)0x00, (byte)0xa3, (byte)0x82, (byte)0x01, (byte)0x3f, (byte)0x61, (byte)0x82, (byte)0x01, 
+        (byte)0x3b, (byte)0x30, (byte)0x82, (byte)0x01, (byte)0x37, (byte)0xa0, (byte)0x03, (byte)0x02, 
+        (byte)0x01, (byte)0x05, (byte)0xa1, (byte)0x0d, (byte)0x1b, (byte)0x0b, (byte)0x45, (byte)0x58, 
+        (byte)0x41, (byte)0x4d, (byte)0x50, (byte)0x4c, (byte)0x45, (byte)0x2e, (byte)0x43, (byte)0x4f, 
+        (byte)0x4d, (byte)0xa2, (byte)0x1d, (byte)0x30, (byte)0x1b, (byte)0xa0, (byte)0x03, (byte)0x02, 
+        (byte)0x01, (byte)0x01, (byte)0xa1, (byte)0x14, (byte)0x30, (byte)0x12, (byte)0x1b, (byte)0x06, 
+        (byte)0x6b, (byte)0x61, (byte)0x64, (byte)0x6d, (byte)0x69, (byte)0x6e, (byte)0x1b, (byte)0x08, 
+        (byte)0x63, (byte)0x68, (byte)0x61, (byte)0x6e, (byte)0x67, (byte)0x65, (byte)0x70, (byte)0x77, 
+        (byte)0xa3, (byte)0x82, (byte)0x01, (byte)0x00, (byte)0x30, (byte)0x81, (byte)0xfd, (byte)0xa0, 
+        (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x12, (byte)0xa1, (byte)0x03, (byte)0x02, (byte)0x01, 
+        (byte)0x01, (byte)0xa2, (byte)0x81, (byte)0xf0, (byte)0x04, (byte)0x81, (byte)0xed, (byte)0x18, 
+        (byte)0xe6, (byte)0xde, (byte)0xba, (byte)0xd7, (byte)0xf5, (byte)0xac, (byte)0xd8, (byte)0xe2, 
+        (byte)0xe9, (byte)0xe4, (byte)0x9f, (byte)0x7d, (byte)0x41, (byte)0x9b, (byte)0xe0, (byte)0x48, 
+        (byte)0xc2, (byte)0x0c, (byte)0xca, (byte)0x20, (byte)0x23, (byte)0xdf, (byte)0xdb, (byte)0xc5, 
+        (byte)0x9b, (byte)0x92, (byte)0xd9, (byte)0x72, (byte)0xce, (byte)0x17, (byte)0xc2, (byte)0xc3, 
+        (byte)0xe9, (byte)0xfc, (byte)0xfa, (byte)0x5a, (byte)0xf3, (byte)0xa6, (byte)0xb9, (byte)0x7f, 
+        (byte)0x05, (byte)0x54, (byte)0x90, (byte)0xff, (byte)0xa0, (byte)0x5d, (byte)0x61, (byte)0x05, 
+        (byte)0x61, (byte)0x54, (byte)0xde, (byte)0xf7, (byte)0x87, (byte)0x0e, (byte)0x38, (byte)0xfa, 
+        (byte)0xbd, (byte)0x6b, (byte)0xbe, (byte)0x6b, (byte)0x14, (byte)0x12, (byte)0x53, (byte)0x64, 
+        (byte)0x9c, (byte)0x23, (byte)0xfe, (byte)0x47, (byte)0xd0, (byte)0x39, (byte)0x07, (byte)0xdb, 
+        (byte)0xb6, (byte)0x18, (byte)0xaa, (byte)0x04, (byte)0x44, (byte)0xfd, (byte)0x28, (byte)0xa0, 
+        (byte)0x64, (byte)0xc5, (byte)0x31, (byte)0x3d, (byte)0xc2, (byte)0x2e, (byte)0xe9, (byte)0xb2, 
+        (byte)0x5e, (byte)0xdb, (byte)0x2c, (byte)0xd2, (byte)0x7c, (byte)0x53, (byte)0x45, (byte)0xf5, 
+        (byte)0x1a, (byte)0x9b, (byte)0x62, (byte)0xbe, (byte)0x1a, (byte)0xdc, (byte)0xd4, (byte)0x1a, 
+        (byte)0xf9, (byte)0x0c, (byte)0x70, (byte)0x29, (byte)0xc4, (byte)0x46, (byte)0x51, (byte)0x4d, 
+        (byte)0x69, (byte)0xf8, (byte)0x20, (byte)0x8e, (byte)0x0e, (byte)0x11, (byte)0x89, (byte)0x06, 
+        (byte)0x28, (byte)0xfa, (byte)0x48, (byte)0x43, (byte)0x81, (byte)0x1e, (byte)0xbc, (byte)0x48, 
+        (byte)0x09, (byte)0x6e, (byte)0x0f, (byte)0x5f, (byte)0x0f, (byte)0x79, (byte)0x16, (byte)0x1a, 
+        (byte)0xeb, (byte)0xd1, (byte)0x8b, (byte)0xdf, (byte)0x5e, (byte)0x3f, (byte)0xc5, (byte)0x5f, 
+        (byte)0xee, (byte)0xdd, (byte)0x1f, (byte)0xc4, (byte)0x52, (byte)0x8d, (byte)0xa0, (byte)0xcd, 
+        (byte)0x68, (byte)0xea, (byte)0x87, (byte)0xc9, (byte)0x16, (byte)0xe7, (byte)0x51, (byte)0x85, 
+        (byte)0xfb, (byte)0x8a, (byte)0x71, (byte)0x9f, (byte)0x1f, (byte)0x67, (byte)0x33, (byte)0x7c, 
+        (byte)0x9b, (byte)0x00, (byte)0x86, (byte)0x9c, (byte)0x07, (byte)0x0e, (byte)0xbd, (byte)0xb6, 
+        (byte)0x6e, (byte)0x91, (byte)0x57, (byte)0xc2, (byte)0x7f, (byte)0xc7, (byte)0xae, (byte)0x0e, 
+        (byte)0x94, (byte)0x27, (byte)0xf4, (byte)0xb3, (byte)0x25, (byte)0xe3, (byte)0xa0, (byte)0x5b, 
+        (byte)0xd5, (byte)0x1d, (byte)0x4c, (byte)0x40, (byte)0x90, (byte)0x57, (byte)0xad, (byte)0x09, 
+        (byte)0xa7, (byte)0xbe, (byte)0xd8, (byte)0x56, (byte)0x37, (byte)0xe8, (byte)0xeb, (byte)0xae, 
+        (byte)0xd9, (byte)0x0b, (byte)0x9e, (byte)0x17, (byte)0x67, (byte)0x14, (byte)0x39, (byte)0x72, 
+        (byte)0x37, (byte)0xd5, (byte)0xa4, (byte)0xd8, (byte)0xa1, (byte)0x27, (byte)0xe8, (byte)0x71, 
+        (byte)0xad, (byte)0xb5, (byte)0x35, (byte)0x7f, (byte)0x80, (byte)0x80, (byte)0x1a, (byte)0xdf, 
+        (byte)0x1f, (byte)0x6f, (byte)0x38, (byte)0xae, (byte)0xa4, (byte)0x81, (byte)0xa7, (byte)0x30, 
+        (byte)0x81, (byte)0xa4, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x12, (byte)0xa2, 
+        (byte)0x81, (byte)0x9c, (byte)0x04, (byte)0x81, (byte)0x99, (byte)0xb5, (byte)0x17, (byte)0x08, 
+        (byte)0xff, (byte)0xea, (byte)0xf3, (byte)0x84, (byte)0xde, (byte)0x79, (byte)0x93, (byte)0xe7, 
+        (byte)0x9a, (byte)0xa3, (byte)0x80, (byte)0xdc, (byte)0x62, (byte)0x25, (byte)0x55, (byte)0x52, 
+        (byte)0xc6, (byte)0x00, (byte)0x0e, (byte)0x67, (byte)0xa3, (byte)0x3a, (byte)0xb7, (byte)0x39, 
+        (byte)0x24, (byte)0x48, (byte)0x3c, (byte)0x7d, (byte)0x74, (byte)0xcf, (byte)0xd1, (byte)0xcf, 
+        (byte)0x8a, (byte)0xf6, (byte)0x1f, (byte)0xfe, (byte)0xc8, (byte)0x1c, (byte)0xea, (byte)0x1f, 
+        (byte)0xdd, (byte)0xb2, (byte)0x7d, (byte)0x26, (byte)0x60, (byte)0x8e, (byte)0x26, (byte)0x23, 
+        (byte)0x6b, (byte)0x38, (byte)0x0b, (byte)0x2a, (byte)0x3d, (byte)0x3d, (byte)0x56, (byte)0xd3, 
+        (byte)0xe9, (byte)0x8b, (byte)0xc8, (byte)0xe8, (byte)0x27, (byte)0xa0, (byte)0x51, (byte)0x6c, 
+        (byte)0xa6, (byte)0xf2, (byte)0xf3, (byte)0x37, (byte)0xc9, (byte)0x74, (byte)0xff, (byte)0xa4, 
+        (byte)0xdc, (byte)0x0e, (byte)0x93, (byte)0x18, (byte)0x73, (byte)0x97, (byte)0x3d, (byte)0x60, 
+        (byte)0xa4, (byte)0x19, (byte)0xa2, (byte)0xac, (byte)0x2a, (byte)0xef, (byte)0x79, (byte)0x5c, 
+        (byte)0x05, (byte)0x7d, (byte)0xf6, (byte)0xc4, (byte)0x34, (byte)0x41, (byte)0x36, (byte)0xe5, 
+        (byte)0xdc, (byte)0x91, (byte)0x46, (byte)0x2e, (byte)0x6f, (byte)0xfb, (byte)0x4f, (byte)0x40, 
+        (byte)0xe7, (byte)0x34, (byte)0x38, (byte)0x6e, (byte)0x2c, (byte)0x6e, (byte)0x95, (byte)0x87, 
+        (byte)0x32, (byte)0x22, (byte)0x10, (byte)0xec, (byte)0xa0, (byte)0x6e, (byte)0xaa, (byte)0xdb, 
+        (byte)0x93, (byte)0x76, (byte)0x79, (byte)0x81, (byte)0x6a, (byte)0xc0, (byte)0x0b, (byte)0xd2, 
+        (byte)0xac, (byte)0xbb, (byte)0xc3, (byte)0x21, (byte)0x97, (byte)0xc4, (byte)0x85, (byte)0x8a, 
+        (byte)0x8e, (byte)0x00, (byte)0xdf, (byte)0x61, (byte)0x6e, (byte)0xb5, (byte)0x7c, (byte)0xf6, 
+        (byte)0x51, (byte)0x0c, (byte)0xf3, (byte)0x72, (byte)0xf7, (byte)0xaf, (byte)0x75, (byte)0x81, 
+        (byte)0x98, (byte)0x30, (byte)0x81, (byte)0x95, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, 
+        (byte)0x05, (byte)0xa1, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x15, (byte)0xa3, (byte)0x81, 
+        (byte)0x88, (byte)0x30, (byte)0x81, (byte)0x85, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, 
+        (byte)0x12, (byte)0xa2, (byte)0x7e, (byte)0x04, (byte)0x7c, (byte)0x9c, (byte)0x67, (byte)0xf7, 
+        (byte)0x1c, (byte)0x77, (byte)0xe8, (byte)0x65, (byte)0x40, (byte)0x2a, (byte)0xc5, (byte)0xcc, 
+        (byte)0x7e, (byte)0x48, (byte)0xd4, (byte)0x02, (byte)0xf6, (byte)0x97, (byte)0x02, (byte)0xee, 
+        (byte)0x9e, (byte)0x1f, (byte)0xe4, (byte)0xab, (byte)0xe7, (byte)0x99, (byte)0x9c, (byte)0x50, 
+        (byte)0x17, (byte)0x99, (byte)0xf6, (byte)0xa5, (byte)0x56, (byte)0x40, (byte)0x2e, (byte)0xcd, 
+        (byte)0x3c, (byte)0x26, (byte)0xa2, (byte)0x41, (byte)0x9a, (byte)0x62, (byte)0xfc, (byte)0x42, 
+        (byte)0x01, (byte)0x02, (byte)0x69, (byte)0x80, (byte)0x8a, (byte)0x3a, (byte)0x64, (byte)0xfa, 
+        (byte)0xe7, (byte)0x36, (byte)0xfe, (byte)0x51, (byte)0xbe, (byte)0x34, (byte)0x3a, (byte)0x2c, 
+        (byte)0x3e, (byte)0xa8, (byte)0x7d, (byte)0xaf, (byte)0x01, (byte)0xba, (byte)0x5f, (byte)0xc0, 
+        (byte)0xc3, (byte)0x6c, (byte)0x43, (byte)0x13, (byte)0x77, (byte)0x5d, (byte)0x77, (byte)0x4d, 
+        (byte)0xe9, (byte)0x6c, (byte)0x95, (byte)0xb1, (byte)0x93, (byte)0x0f, (byte)0xeb, (byte)0xf3, 
+        (byte)0x18, (byte)0x5e, (byte)0x31, (byte)0xde, (byte)0xc8, (byte)0xce, (byte)0x78, (byte)0xd1, 
+        (byte)0x7a, (byte)0xdb, (byte)0x0f, (byte)0x7e, (byte)0x45, (byte)0x51, (byte)0x30, (byte)0x6f, 
+        (byte)0x05, (byte)0xc4, (byte)0x64, (byte)0x32, (byte)0xcf, (byte)0xd9, (byte)0xf6, (byte)0xc2, 
+        (byte)0xe7, (byte)0x40, (byte)0x43, (byte)0x05, (byte)0xdf, (byte)0x32, (byte)0x0c, (byte)0xef, 
+        (byte)0xc8, (byte)0xb0, (byte)0xd5, (byte)0x7c, (byte)0xec, (byte)0xe4, (byte)0x9b, (byte)0x38, 
+        (byte)0x2e };
+    
+    private static byte[] kpasswdReplypkt13 = {
+//        (byte)0x00, (byte)0x00, (byte)0x03, (byte)0x04, (byte)0x00, (byte)0x06, (byte)0x00, (byte)0x00, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x86, (byte)0xdd, 
+//        (byte)0x60, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x01, (byte)0x03, (byte)0x11, (byte)0x40, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x01, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, 
+//        (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x00, (byte)0x01, 
+//        (byte)0x01, (byte)0xd0, (byte)0x9c, (byte)0x20, (byte)0x01, (byte)0x03, (byte)0xdb, (byte)0x7e, 
+        (byte)0x00, (byte)0xfb, (byte)0x00, (byte)0x01, (byte)0x00, (byte)0x5d, (byte)0x6f, (byte)0x5b, 
+        (byte)0x30, (byte)0x59, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x05, (byte)0xa1, 
+        (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x0f, (byte)0xa2, (byte)0x4d, (byte)0x30, (byte)0x4b, 
+        (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x12, (byte)0xa2, (byte)0x44, (byte)0x04, 
+        (byte)0x42, (byte)0x99, (byte)0xa8, (byte)0x34, (byte)0x6f, (byte)0x64, (byte)0x64, (byte)0xb0, 
+        (byte)0x8f, (byte)0x5b, (byte)0x90, (byte)0x98, (byte)0xb4, (byte)0x0f, (byte)0xfc, (byte)0x01, 
+        (byte)0x4a, (byte)0x8c, (byte)0x2c, (byte)0x0d, (byte)0x01, (byte)0xf2, (byte)0x99, (byte)0x65, 
+        (byte)0x15, (byte)0xde, (byte)0x74, (byte)0x39, (byte)0x97, (byte)0x46, (byte)0x7a, (byte)0x27, 
+        (byte)0x6a, (byte)0xb2, (byte)0x42, (byte)0xae, (byte)0x8a, (byte)0x8f, (byte)0xe8, (byte)0xad, 
+        (byte)0xc5, (byte)0xd7, (byte)0x82, (byte)0x0a, (byte)0x24, (byte)0x2d, (byte)0x86, (byte)0xc7, 
+        (byte)0x29, (byte)0x45, (byte)0x78, (byte)0x0c, (byte)0x4c, (byte)0x48, (byte)0xce, (byte)0x1b, 
+        (byte)0x9e, (byte)0xd4, (byte)0x94, (byte)0xb9, (byte)0x5b, (byte)0xe9, (byte)0xbb, (byte)0x66, 
+        (byte)0x0c, (byte)0x56, (byte)0x31, (byte)0x75, (byte)0x81, (byte)0x95, (byte)0x30, (byte)0x81, 
+        (byte)0x92, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x05, (byte)0xa1, (byte)0x03, 
+        (byte)0x02, (byte)0x01, (byte)0x15, (byte)0xa3, (byte)0x81, (byte)0x85, (byte)0x30, (byte)0x81, 
+        (byte)0x82, (byte)0xa0, (byte)0x03, (byte)0x02, (byte)0x01, (byte)0x12, (byte)0xa2, (byte)0x7b, 
+        (byte)0x04, (byte)0x79, (byte)0xb1, (byte)0x60, (byte)0x9c, (byte)0x45, (byte)0x7e, (byte)0xf3, 
+        (byte)0xb4, (byte)0xaa, (byte)0xd0, (byte)0xba, (byte)0x04, (byte)0x13, (byte)0x06, (byte)0x6d, 
+        (byte)0x76, (byte)0x6b, (byte)0xcc, (byte)0x7c, (byte)0x37, (byte)0x1d, (byte)0x4c, (byte)0x14, 
+        (byte)0xea, (byte)0x30, (byte)0xde, (byte)0xd5, (byte)0x64, (byte)0x34, (byte)0xf8, (byte)0x96, 
+        (byte)0xe8, (byte)0xce, (byte)0x4c, (byte)0xa7, (byte)0xc5, (byte)0xc3, (byte)0x77, (byte)0x08, 
+        (byte)0xe6, (byte)0x70, (byte)0x39, (byte)0x32, (byte)0x23, (byte)0x9c, (byte)0x7a, (byte)0xa6, 
+        (byte)0x66, (byte)0x83, (byte)0xc6, (byte)0x32, (byte)0xf9, (byte)0x05, (byte)0x9c, (byte)0xd3, 
+        (byte)0x48, (byte)0x11, (byte)0x29, (byte)0x88, (byte)0x79, (byte)0x34, (byte)0x2b, (byte)0x5d, 
+        (byte)0xe4, (byte)0x55, (byte)0xaf, (byte)0x7e, (byte)0x34, (byte)0x3f, (byte)0x2b, (byte)0x0c, 
+        (byte)0x0b, (byte)0x13, (byte)0xa6, (byte)0x40, (byte)0x61, (byte)0x52, (byte)0x8c, (byte)0xa8, 
+        (byte)0x50, (byte)0x67, (byte)0xae, (byte)0x49, (byte)0xeb, (byte)0x49, (byte)0x82, (byte)0x9f, 
+        (byte)0x66, (byte)0x28, (byte)0x7c, (byte)0x1b, (byte)0x92, (byte)0x25, (byte)0xa3, (byte)0x5e, 
+        (byte)0xe3, (byte)0xe3, (byte)0x5c, (byte)0x21, (byte)0x83, (byte)0x87, (byte)0xd9, (byte)0x84, 
+        (byte)0xa9, (byte)0xc8, (byte)0x85, (byte)0x7b, (byte)0x5f, (byte)0x77, (byte)0x70, (byte)0x8b, 
+        (byte)0xd4, (byte)0x77, (byte)0x7d, (byte)0x29, (byte)0xc1, (byte)0x54, (byte)0x11, (byte)0x07, 
+        (byte)0xaf, (byte)0xb0, (byte)0x1f };
+}

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcClientUtil.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcClientUtil.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcClientUtil.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcClientUtil.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,36 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+
+public class KdcClientUtil
+{
+    public static String extractRealm( String principal )
+    {
+        int pos = principal.indexOf( '@' );
+
+        if ( pos > 0 )
+        {
+            return principal.substring( pos + 1 );
+        }
+
+        throw new IllegalArgumentException( "Not a valid principal, missing realm name" );
+    }
+}

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,687 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+
+import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES128_CTS_HMAC_SHA1_96;
+import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES3_CBC_SHA1_KD;
+import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES_CBC_MD5;
+
+import java.io.IOException;
+import java.nio.ByteBuffer;
+import java.security.SecureRandom;
+import java.text.ParseException;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import javax.security.auth.kerberos.KerberosPrincipal;
+
+import org.apache.directory.api.asn1.Asn1Object;
+import org.apache.directory.api.asn1.ber.Asn1Decoder;
+import org.apache.directory.api.util.Strings;
+import org.apache.directory.server.kerberos.changepwd.exceptions.ChangePasswdErrorType;
+import org.apache.directory.server.kerberos.changepwd.exceptions.ChangePasswordException;
+import org.apache.directory.server.kerberos.changepwd.io.ChangePasswordDecoder;
+import org.apache.directory.server.kerberos.changepwd.io.ChangePasswordEncoder;
+import org.apache.directory.server.kerberos.changepwd.messages.AbstractPasswordMessage;
+import org.apache.directory.server.kerberos.changepwd.messages.ChangePasswordError;
+import org.apache.directory.server.kerberos.changepwd.messages.ChangePasswordRequest;
+import org.apache.directory.server.kerberos.protocol.codec.KerberosDecoder;
+import org.apache.directory.server.kerberos.protocol.codec.KerberosEncoder;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
+import org.apache.directory.shared.kerberos.KerberosTime;
+import org.apache.directory.shared.kerberos.KerberosUtils;
+import org.apache.directory.shared.kerberos.codec.KerberosMessageContainer;
+import org.apache.directory.shared.kerberos.codec.options.ApOptions;
+import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
+import org.apache.directory.shared.kerberos.codec.types.PaDataType;
+import org.apache.directory.shared.kerberos.codec.types.PrincipalNameType;
+import org.apache.directory.shared.kerberos.components.EncKdcRepPart;
+import org.apache.directory.shared.kerberos.components.EncryptedData;
+import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.directory.shared.kerberos.components.HostAddress;
+import org.apache.directory.shared.kerberos.components.HostAddresses;
+import org.apache.directory.shared.kerberos.components.KdcReqBody;
+import org.apache.directory.shared.kerberos.components.PaData;
+import org.apache.directory.shared.kerberos.components.PaEncTsEnc;
+import org.apache.directory.shared.kerberos.components.PrincipalName;
+import org.apache.directory.shared.kerberos.exceptions.ErrorType;
+import org.apache.directory.shared.kerberos.exceptions.KerberosException;
+import org.apache.directory.shared.kerberos.messages.ApReq;
+import org.apache.directory.shared.kerberos.messages.AsRep;
+import org.apache.directory.shared.kerberos.messages.AsReq;
+import org.apache.directory.shared.kerberos.messages.Authenticator;
+import org.apache.directory.shared.kerberos.messages.ChangePasswdData;
+import org.apache.directory.shared.kerberos.messages.EncAsRepPart;
+import org.apache.directory.shared.kerberos.messages.EncTgsRepPart;
+import org.apache.directory.shared.kerberos.messages.KerberosMessage;
+import org.apache.directory.shared.kerberos.messages.KrbError;
+import org.apache.directory.shared.kerberos.messages.KrbPriv;
+import org.apache.directory.shared.kerberos.messages.TgsRep;
+import org.apache.directory.shared.kerberos.messages.TgsReq;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * 
+ * A client to connect to kerberos servers using TCP or UDP transports.
+ * 
+ * @author Kiran Ayyagari
+ */
+public class KdcConnection
+{
+
+    private static final Logger LOG = LoggerFactory.getLogger( KdcConnection.class );
+    
+    /** host name of the Kerberos server */
+    private String host;
+
+    /** port on which the Kerberos server is listening */
+    private int port;
+
+    /** flag to indicate if the client should use UDP while connecting to Kerberos server */
+    private boolean useUdp;
+
+    /** the timeout of the connection to the Kerberos server */
+    private int timeout = 60000; // default 1 min
+
+    /** a secure random number generator used for creating nonces */
+    private SecureRandom nonceGenerator;
+
+    /** the set of encryption types that the client can support */
+    private Set<EncryptionType> encryptionTypes;
+    
+    static final String TIME_OUT_ERROR = "TimeOut occured";
+    
+    /** the cipher text handler */
+    private CipherTextHandler cipherTextHandler;
+
+    /** underlying network channel handler */
+    private KerberosChannel channel;
+    
+    /** the default encryption types, this includes <b>many</b> encryption types */
+    private static Set<EncryptionType> DEFAULT_ENCRYPTION_TYPES;
+    
+
+    static
+    {
+        DEFAULT_ENCRYPTION_TYPES = new HashSet<EncryptionType>();
+        
+        DEFAULT_ENCRYPTION_TYPES.add( AES128_CTS_HMAC_SHA1_96 );
+        DEFAULT_ENCRYPTION_TYPES.add( DES_CBC_MD5 );
+        DEFAULT_ENCRYPTION_TYPES.add( DES3_CBC_SHA1_KD );
+//        DEFAULT_ENCRYPTION_TYPES.add( RC4_HMAC );
+//        DEFAULT_ENCRYPTION_TYPES.add( RC4_HMAC_EXP );
+        
+        DEFAULT_ENCRYPTION_TYPES = KerberosUtils.orderEtypesByStrength( DEFAULT_ENCRYPTION_TYPES );
+    }
+    
+    
+    /**
+     * 
+     * Creates a new instance of KdcConnection.
+     *
+     * @param host the host name of Kerberos server
+     * @param port the port on which Kerberos server is listening
+     * @param isUdp flag to indicate if UDP should be used instead of TCP
+     */
+    private KdcConnection( String host, int port, boolean isUdp )
+    {
+        this.host = host;
+        this.port = port;
+        this.useUdp = isUdp;
+        
+        nonceGenerator = new SecureRandom( String.valueOf( System.currentTimeMillis() ).getBytes() );
+        cipherTextHandler = new CipherTextHandler();
+        channel = new KerberosChannel();
+        encryptionTypes = DEFAULT_ENCRYPTION_TYPES;
+    }
+
+
+    /**
+     * created a UDP based Kerberos client connection
+     * 
+     * @param host the host name of Kerberos server
+     * @param port the port on which Kerberos server is listening
+     * @return
+     * @throws Exception
+     */
+    public static KdcConnection createUdpConnection( String host, int port ) throws Exception
+    {
+        KdcConnection connection = new KdcConnection( host, port, true );
+        
+        return connection;
+    }
+
+
+    /**
+     * created a TCP based Kerberos client connection
+     * 
+     * @param host the host name of Kerberos server
+     * @param port the port on which Kerberos server is listening
+     * @return
+     * @throws Exception
+     */
+    public static KdcConnection createTcpConnection( String host, int port ) throws Exception
+    {
+        KdcConnection connection = new KdcConnection( host, port, false );
+        
+        return connection;
+    }
+
+    
+    private void connect() throws IOException
+    {
+        channel.openConnection( host, port, timeout, !useUdp );
+    }
+    
+    
+    /**
+     * Authenticates to the Kerberos server and gets the initial Ticket Granting Ticket
+     * 
+     * @param principal the client's principal 
+     * @param password password of the client
+     * @return
+     * @throws Exception
+     */
+    public TgTicket getTgt( String principal, String password ) throws Exception
+    {
+        TgtRequest clientTgtReq = new TgtRequest();
+        
+        clientTgtReq.setClientPrincipal( principal );
+        clientTgtReq.setPassword( password );
+        
+        return getTgt( clientTgtReq );
+    }
+    
+
+    /**
+     * Authenticates to the Kerberos server and gets a service ticket for the given server principal
+     * 
+     * @param principal the client's principal 
+     * @param password password of the client
+     * @param serverPrincipal the application server's principal
+     * @return
+     * @throws Exception
+     */
+    public ServiceTicket getServiceTicket( String clientPrincipal, String password, String serverPrincipal ) throws KerberosException
+    {
+        TgtRequest clientTgtReq = new TgtRequest();
+        clientTgtReq.setClientPrincipal( clientPrincipal );
+        clientTgtReq.setPassword( password );
+
+        TgTicket tgt = getTgt( clientTgtReq );
+        
+        return getServiceTicket( new ServiceTicketRequest( tgt, serverPrincipal ) );
+    }
+
+    
+    public TgTicket getTgt( TgtRequest clientTgtReq ) throws KerberosException
+    {
+        String realm = clientTgtReq.getRealm();
+        
+        if ( clientTgtReq.getServerPrincipal() == null )
+        {
+            String serverPrincipal = "krbtgt/" + realm + "@" + realm;
+            clientTgtReq.setServerPrincipal( serverPrincipal );
+        }
+
+        KdcReqBody body = new KdcReqBody();
+        
+        body.setFrom( new KerberosTime( clientTgtReq.getStartTime() ) );
+        
+        PrincipalName cName = null;
+        try
+        {
+            cName = new PrincipalName( clientTgtReq.getClientPrincipal(), PrincipalNameType.KRB_NT_PRINCIPAL );
+            body.setCName( cName );
+            body.setRealm( realm );
+            PrincipalName sName = new PrincipalName( clientTgtReq.getServerPrincipal(), PrincipalNameType.KRB_NT_SRV_INST );
+            body.setSName( sName );
+        }
+        catch( ParseException e )
+        {
+            throw new IllegalArgumentException( "Couldn't parse the given principals", e );
+        }
+        
+        body.setTill( new KerberosTime( clientTgtReq.getExpiryTime() ) );
+        int currentNonce = nonceGenerator.nextInt();
+        body.setNonce( currentNonce );
+        body.setEType( encryptionTypes );
+        body.setKdcOptions( clientTgtReq.getOptions() );
+        
+        List<HostAddress> lstAddresses = clientTgtReq.getHostAddresses();
+        if ( !lstAddresses.isEmpty() )
+        {
+            HostAddresses addresses = new HostAddresses();
+            for( HostAddress h : lstAddresses )
+            {
+                addresses.addHostAddress( h );
+            }
+            
+            body.setAddresses( addresses );
+        }
+        
+        EncryptionType encryptionType = encryptionTypes.iterator().next();
+        EncryptionKey clientKey = KerberosKeyFactory.string2Key( clientTgtReq.getClientPrincipal(), clientTgtReq.getPassword(), encryptionType );
+
+        AsReq req = new AsReq();
+        req.setKdcReqBody( body );
+
+        if ( clientTgtReq.isPreAuthEnabled() )
+        {
+            PaEncTsEnc tmstmp = new PaEncTsEnc();
+            tmstmp.setPaTimestamp( new KerberosTime() );
+            
+            EncryptedData paDataValue = cipherTextHandler.encrypt( clientKey, getEncoded( tmstmp ), KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
+            
+            PaData paEncTstmp = new PaData();
+            paEncTstmp.setPaDataType( PaDataType.PA_ENC_TIMESTAMP );
+            paEncTstmp.setPaDataValue( getEncoded( paDataValue ) );
+            
+            req.addPaData( paEncTstmp );
+        }
+        
+        // Get the result from the future
+        try
+        {
+            connect();
+            
+            // Read the response, waiting for it if not available immediately
+            // Get the response, blocking
+            KerberosMessage kdcRep = sendAndReceiveKrbMsg( req );
+
+            if ( kdcRep == null )
+            {
+                // We didn't received anything : this is an error
+                LOG.error( "Authentication failed : timeout occured" );
+                throw new KerberosException( ErrorType.KRB_ERR_GENERIC, TIME_OUT_ERROR );
+            }
+
+            if ( kdcRep instanceof KrbError )
+            {
+                // We have an error
+                LOG.debug( "Authentication failed : {}", kdcRep );
+                throw new KerberosException( ( KrbError ) kdcRep );
+            }
+
+            AsRep rep = ( AsRep ) kdcRep;
+            
+            if ( !cName.getNameString().equals( rep.getCName().getNameString() ) )
+            {
+                throw new KerberosException( ErrorType.KDC_ERR_CLIENT_NAME_MISMATCH );
+            }
+            
+            if ( !realm.equals( rep.getCRealm() ) )
+            {
+                throw new KerberosException( ErrorType.KRB_ERR_WRONG_REALM );
+            }
+            
+            byte[] decryptedEncAsRepPart = cipherTextHandler.decrypt( clientKey, rep.getEncPart(), KeyUsage.AS_REP_ENC_PART_WITH_CKEY );
+            EncAsRepPart encAsRepPart = KerberosDecoder.decodeEncAsRepPart( decryptedEncAsRepPart );
+            
+            if ( currentNonce != encAsRepPart.getEncKdcRepPart().getNonce() )
+            {
+                throw new KerberosException( ErrorType.KRB_ERR_GENERIC, "received nonce didn't match with the nonce sent in the request" );
+            }
+            
+            EncKdcRepPart encKdcRepPart = encAsRepPart.getEncKdcRepPart();
+            
+            if ( !encKdcRepPart.getSName().getNameString().equals( clientTgtReq.getServerPrincipal() ) )
+            {
+                throw new KerberosException( ErrorType.KDC_ERR_SERVER_NOMATCH );
+            }
+            
+            if ( !encKdcRepPart.getSRealm().equals( clientTgtReq.getRealm() ) )
+            {
+                throw new KerberosException( ErrorType.KRB_ERR_GENERIC, "received server realm does not match with requested server realm" );
+            }
+            
+            List<HostAddress> hosts = clientTgtReq.getHostAddresses();
+            
+            if( !hosts.isEmpty() )
+            {
+                HostAddresses addresses = encKdcRepPart.getClientAddresses();
+                for( HostAddress h : hosts )
+                {
+                    if ( !addresses.contains( h ) )
+                    {
+                        throw new KerberosException( ErrorType.KRB_ERR_GENERIC, "requested client address" + h + " is not found in the ticket" );
+                    }
+                }
+            }
+            
+            // Everything is fine, return the response
+            LOG.debug( "Authentication successful : {}", kdcRep );
+            
+            TgTicket tgTicket = new TgTicket( rep.getTicket(), encKdcRepPart, rep.getCName().getNameString() );
+            
+            return tgTicket;
+        }
+        catch( KerberosException ke )
+        {
+            throw ke;
+        }
+        catch ( Exception e )
+        {
+            // We didn't received anything : this is an error
+            LOG.error( "Authentication failed" );
+            throw new KerberosException( ErrorType.KRB_ERR_GENERIC, TIME_OUT_ERROR );
+        }
+        finally
+        {
+            if ( channel != null )
+            {
+                try
+                {
+                    channel.close();
+                }
+                catch( IOException e )
+                {
+                    LOG.warn( "Failed to close the channel", e );
+                }
+            }
+        }
+    }
+
+    
+    private ServiceTicket getServiceTicket( ServiceTicketRequest srvTktReq ) throws KerberosException
+    {
+        String serverPrincipal = srvTktReq.getServerPrincipal();
+        
+        // session key
+        EncryptionKey sessionKey = srvTktReq.getTgt().getSessionKey();
+        
+        Authenticator authenticator = new Authenticator();
+        
+        try
+        {
+            authenticator.setCName( new PrincipalName( srvTktReq.getTgt().getClientName(), PrincipalNameType.KRB_NT_PRINCIPAL ) );
+        }
+        catch( ParseException e )
+        {
+            throw new IllegalArgumentException( "Couldn't parse the given principal", e );
+        }
+        
+        authenticator.setCRealm( srvTktReq.getTgt().getRealm() );
+        authenticator.setCTime( new KerberosTime() );
+        authenticator.setCusec( 0 );
+
+        if( srvTktReq.getSubSessionKey() != null )
+        {
+            sessionKey = srvTktReq.getSubSessionKey();
+            authenticator.setSubKey( sessionKey );
+        }
+        
+        EncryptedData authnData = cipherTextHandler.encrypt( sessionKey, getEncoded( authenticator ), KeyUsage.TGS_REQ_PA_TGS_REQ_PADATA_AP_REQ_TGS_SESS_KEY );
+        
+        ApReq apReq = new ApReq();
+        
+        apReq.setAuthenticator( authnData );
+        apReq.setTicket( srvTktReq.getTgt().getTicket() );
+
+        apReq.setApOptions( srvTktReq.getApOptions() );
+        
+        KdcReqBody tgsReqBody = new KdcReqBody();
+        tgsReqBody.setKdcOptions( srvTktReq.getKdcOptions() );
+        tgsReqBody.setRealm( KdcClientUtil.extractRealm( serverPrincipal ) );
+        tgsReqBody.setTill( getDefaultTill() );
+        int currentNonce = nonceGenerator.nextInt();
+        tgsReqBody.setNonce( currentNonce );
+        tgsReqBody.setEType( encryptionTypes );
+        
+        KerberosPrincipal principal = new KerberosPrincipal( serverPrincipal, KerberosPrincipal.KRB_NT_SRV_HST );
+        PrincipalName principalName = new PrincipalName( principal );
+        tgsReqBody.setSName( principalName );
+        
+        TgsReq tgsReq = new TgsReq();
+        tgsReq.setKdcReqBody( tgsReqBody );
+        
+        PaData authnHeader = new PaData();
+        authnHeader.setPaDataType( PaDataType.PA_TGS_REQ );
+        authnHeader.setPaDataValue( getEncoded( apReq ) );
+        
+        tgsReq.addPaData( authnHeader );
+        
+        // Get the result from the future
+        try
+        {
+            connect();
+            
+            // Read the response, waiting for it if not available immediately
+            // Get the response, blocking
+            KerberosMessage kdcRep = sendAndReceiveKrbMsg( tgsReq );
+
+            if ( kdcRep == null )
+            {
+                // We didn't received anything : this is an error
+                LOG.error( "TGT request failed : timeout occured" );
+                throw new KerberosException( ErrorType.KRB_ERR_GENERIC, TIME_OUT_ERROR );
+            }
+
+            if ( kdcRep instanceof KrbError )
+            {
+                // We have an error
+                LOG.debug( "TGT request failed : {}", kdcRep );
+                throw new KerberosException( ( KrbError ) kdcRep );
+            }
+
+            TgsRep rep = ( TgsRep ) kdcRep;
+            byte[] decryptedData = cipherTextHandler.decrypt( sessionKey, rep.getEncPart(), KeyUsage.TGS_REP_ENC_PART_TGS_SESS_KEY );
+            EncTgsRepPart encTgsRepPart = KerberosDecoder.decodeEncTgsRepPart( decryptedData );
+            
+            if ( currentNonce != encTgsRepPart.getEncKdcRepPart().getNonce() )
+            {
+                throw new KerberosException( ErrorType.KRB_ERR_GENERIC, "received nonce didn't match with the nonce sent in the request" );
+            }
+            
+            
+            // Everything is fine, return the response
+            LOG.debug( "TGT request successful : {}", rep );
+
+            ServiceTicket srvTkt = new ServiceTicket( rep.getTicket(), encTgsRepPart.getEncKdcRepPart() );
+            
+            return srvTkt;
+        }
+        catch( KerberosException e )
+        {
+            throw e;
+        }
+        catch ( Exception te )
+        {
+            // We didn't receive anything : this is an error
+            LOG.error( "TGT request failed : timeout occured" );
+            throw new KerberosException( ErrorType.KRB_ERR_GENERIC, TIME_OUT_ERROR );
+        }
+        finally
+        {
+            if ( channel != null )
+            {
+                try
+                {
+                    channel.close();
+                }
+                catch( IOException e )
+                {
+                    LOG.warn( "Failed to close the channel", e );
+                }
+            }
+        }
+    }
+    
+    
+    public void changePassword( String clientPrincipal, String oldPassword, String newPassword, String host, int port, boolean isUdp ) throws ChangePasswordException
+    {
+        KerberosChannel channel = null;
+        
+        try
+        {
+            TgtRequest clientTgtReq = new TgtRequest();
+            clientTgtReq.setClientPrincipal( clientPrincipal );
+            clientTgtReq.setPassword( oldPassword );
+            clientTgtReq.setServerPrincipal( "kadmin/changepw@" + KdcClientUtil.extractRealm( clientPrincipal ) );
+            
+            TgTicket tgt = getTgt( clientTgtReq );
+            
+            ApReq apReq = new ApReq();
+            ApOptions options = new ApOptions();
+            apReq.setApOptions( options );
+            apReq.setTicket( tgt.getTicket() );
+            
+            Authenticator authenticator = new Authenticator();
+            authenticator.setCName( new PrincipalName( tgt.getClientName(), PrincipalNameType.KRB_NT_PRINCIPAL ) );
+            authenticator.setCRealm( tgt.getRealm() );
+            KerberosTime ctime = new KerberosTime();
+            authenticator.setCTime( ctime );
+            authenticator.setSeqNumber( nonceGenerator.nextInt() );
+            
+            EncryptionKey subKey = RandomKeyFactory.getRandomKey( getEncryptionTypes().iterator().next() );
+            
+            authenticator.setSubKey( subKey );
+            
+            EncryptedData authData = cipherTextHandler.encrypt( tgt.getSessionKey(), getEncoded( authenticator ), KeyUsage.AP_REQ_AUTHNT_SESS_KEY );
+            apReq.setAuthenticator( authData );
+            
+            
+            ChangePasswdData chngPwdData = new ChangePasswdData();
+            chngPwdData.setNewPasswd( Strings.getBytesUtf8( newPassword ) );
+            
+            EncryptedData  chngPwdEncData = cipherTextHandler.encrypt( subKey, getEncoded( chngPwdData ), KeyUsage.KRB_PRIV_ENC_PART_CHOSEN_KEY );
+            
+            KrbPriv privateMessage = new KrbPriv();
+            privateMessage.setEncPart( chngPwdEncData );
+            
+            ChangePasswordRequest req = new ChangePasswordRequest( apReq, privateMessage );
+            
+            channel = new KerberosChannel();
+            channel.openConnection( host, port, timeout, !isUdp );
+            
+            AbstractPasswordMessage reply = sendAndReceiveChngPwdMsg( req, channel );
+            
+            if ( reply instanceof ChangePasswordError )
+            {
+                ChangePasswordError err = ( ChangePasswordError ) reply;
+                
+                throw new ChangePasswordException( err.getResultCode(), err.getResultString() );
+            }
+        }
+        catch( ChangePasswordException e )
+        {
+            throw e;
+        }
+        catch( Exception e )
+        {
+            LOG.warn( "failed to change the password", e );
+            throw new ChangePasswordException( ChangePasswdErrorType.KRB5_KPASSWD_HARDERROR, e );
+        }
+        finally
+        {
+            if ( channel != null )
+            {
+                try
+                {
+                    channel.close();
+                }
+                catch( IOException e )
+                {
+                    LOG.warn( "Failed to close the channel", e );
+                }
+            }
+        }
+    }
+    
+    
+    private byte[] getEncoded( Asn1Object obj )
+    {
+        try
+        {
+            ByteBuffer buf = ByteBuffer.allocate( obj.computeLength() );
+            obj.encode( buf );
+            
+            return buf.array();
+        }
+        catch( Exception e )
+        {
+            // shouldn't happen, but if it does then log it and give  up
+            LOG.error( "Failed to encode the ASN.1 object {}", obj );
+            throw new RuntimeException( e );
+        }
+    }
+
+    
+    private KerberosTime getDefaultTill()
+    {
+        return new KerberosTime( System.currentTimeMillis() + ( KerberosTime.MINUTE * 60 ) );
+    }
+    
+    
+    public Set<EncryptionType> getEncryptionTypes()
+    {
+        return encryptionTypes;
+    }
+
+
+    public void setEncryptionTypes( Set<EncryptionType> encryptionTypes )
+    {
+        this.encryptionTypes = KerberosUtils.orderEtypesByStrength( encryptionTypes );
+    }
+
+
+    public long getTimeout()
+    {
+        return timeout;
+    }
+
+
+    public void setTimeout( int timeout )
+    {
+        this.timeout = timeout;
+    }
+    
+    private KerberosMessage sendAndReceiveKrbMsg( KerberosMessage req ) throws Exception
+    {
+        ByteBuffer encodedBuf = KerberosEncoder.encode( req, channel.isUseTcp() );
+        encodedBuf.flip();
+        
+        ByteBuffer repData = channel.sendAndReceive( encodedBuf );
+        
+        KerberosMessageContainer kerberosMessageContainer = new KerberosMessageContainer();
+        kerberosMessageContainer.setStream( repData );
+        kerberosMessageContainer.setGathering( true );
+        kerberosMessageContainer.setTCP( channel.isUseTcp() );
+
+        return ( KerberosMessage ) KerberosDecoder.decode( kerberosMessageContainer, new Asn1Decoder() );
+    }
+    
+    
+    private AbstractPasswordMessage sendAndReceiveChngPwdMsg( AbstractPasswordMessage req, KerberosChannel chngPwdChannel ) throws Exception
+    {
+        ByteBuffer encodedBuf = ChangePasswordEncoder.encode( req, chngPwdChannel.isUseTcp() );
+        encodedBuf.flip();
+        
+        ByteBuffer repData = chngPwdChannel.sendAndReceive( encodedBuf );
+        
+        return ChangePasswordDecoder.decode( repData, chngPwdChannel.isUseTcp() );
+    }
+}

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KerberosChannel.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KerberosChannel.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KerberosChannel.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KerberosChannel.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,124 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+import java.io.DataInputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.DatagramPacket;
+import java.net.DatagramSocket;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.net.SocketAddress;
+import java.nio.ByteBuffer;
+
+public class KerberosChannel
+{
+    private Socket tcpSocket;
+    private DatagramSocket udpSocket;
+    
+    private DataInputStream in;
+    private OutputStream out;
+    
+    private boolean useTcp;
+    
+    private int timeOut = 60000;
+
+    public void openConnection( String hostName, int  portNo, int timeOut, boolean isTcp ) throws IOException
+    {
+        this.useTcp = isTcp;
+        this.timeOut = timeOut;
+        
+        if ( isTcp )
+        {
+            tcpSocket = new Socket( hostName, portNo );
+            tcpSocket.setSoTimeout( ( int ) timeOut );
+            in = new DataInputStream( tcpSocket.getInputStream() );
+            out = tcpSocket.getOutputStream();
+        }
+        else
+        {
+            SocketAddress bindaddr = new InetSocketAddress( hostName, portNo );
+            udpSocket = new DatagramSocket( bindaddr );
+        }
+    }
+
+
+    public ByteBuffer sendAndReceive( ByteBuffer encodedBuf ) throws IOException
+    {
+        byte[] reqData  = encodedBuf.array();
+        
+        ByteBuffer repData;
+        
+        if ( useTcp )
+        {
+            out.write( reqData );
+            out.flush();
+
+            int len = in.readInt();
+            
+            repData = ByteBuffer.allocate( len + 4 );
+            repData.putInt( len );
+            
+            byte[] tmp = new byte[ 1024 * 8 ];
+            while ( in.available() > 0 )
+            {
+                int read = in.read( tmp );
+                repData.put( tmp, 0, read );
+            }
+        }
+        else
+        {
+            DatagramPacket reqPacket = new DatagramPacket( reqData, reqData.length );
+            udpSocket.send( reqPacket );
+            
+            DatagramPacket repPacket = new DatagramPacket( new byte[1], 1);
+            udpSocket.receive( repPacket );
+            
+            byte[] receivedData = repPacket.getData();
+            repData = ByteBuffer.allocate( receivedData.length );
+            repData.put( receivedData );
+        }
+        
+        repData.flip();
+        
+        return repData;
+    }
+    
+    
+    public boolean isUseTcp()
+    {
+        return useTcp;
+    }
+
+
+    public void close() throws IOException
+    {
+        if( useTcp )
+        {
+            tcpSocket.close();
+        }
+        else
+        {
+            udpSocket.close();
+        }
+    }
+}
+

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KpasswdDecode.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KpasswdDecode.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KpasswdDecode.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KpasswdDecode.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,104 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+import java.nio.ByteBuffer;
+
+import org.apache.directory.api.asn1.ber.Asn1Decoder;
+import org.apache.directory.server.kerberos.changepwd.io.ChangePasswordDecoder;
+import org.apache.directory.server.kerberos.changepwd.messages.ChangePasswordReply;
+import org.apache.directory.server.kerberos.changepwd.messages.ChangePasswordRequest;
+import org.apache.directory.server.kerberos.protocol.codec.KerberosDecoder;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.CipherTextHandler;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
+import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
+import org.apache.directory.shared.kerberos.codec.KerberosMessageContainer;
+import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
+import org.apache.directory.shared.kerberos.components.EncKrbPrivPart;
+import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.directory.shared.kerberos.messages.ApRep;
+import org.apache.directory.shared.kerberos.messages.ApReq;
+import org.apache.directory.shared.kerberos.messages.AsRep;
+import org.apache.directory.shared.kerberos.messages.Authenticator;
+import org.apache.directory.shared.kerberos.messages.EncAsRepPart;
+import org.apache.directory.shared.kerberos.messages.KrbPriv;
+
+public abstract class KpasswdDecode
+{
+    private CipherTextHandler cipherTextHandler = new CipherTextHandler();
+
+    private EncryptionKey clientKey;
+    
+    private EncryptionKey sessionKey;
+    
+    private EncryptionKey subSessionKey;
+    
+    public KpasswdDecode( String principal, String password, EncryptionType eType )
+    {
+        clientKey = KerberosKeyFactory.string2Key( principal, password, eType );
+    }
+    
+    public void decodeAsRep( byte[] asReppkt ) throws Exception
+    {
+        ByteBuffer repData = ByteBuffer.wrap( asReppkt );
+        
+        KerberosMessageContainer kerberosMessageContainer = new KerberosMessageContainer();
+        kerberosMessageContainer.setStream( repData );
+        kerberosMessageContainer.setGathering( true );
+        kerberosMessageContainer.setTCP( false );
+
+        AsRep asReply = ( AsRep ) KerberosDecoder.decode( kerberosMessageContainer, new Asn1Decoder() );
+
+        System.out.println( asReply );
+        byte[] decryptedEncAsRepPart = cipherTextHandler.decrypt( clientKey, asReply.getEncPart(), KeyUsage.AS_REP_ENC_PART_WITH_CKEY );
+        byte[] tmp = new byte[182];
+        System.arraycopy( decryptedEncAsRepPart, 0, tmp, 0, 182 );
+        EncAsRepPart encAsRepPart = KerberosDecoder.decodeEncAsRepPart( tmp );
+        sessionKey = encAsRepPart.getEncKdcRepPart().getKey();
+    }
+    
+    
+    public void decodeApReq( byte[] kpasswdApReqpkt ) throws Exception
+    {
+        ByteBuffer chngpwdReqData = ByteBuffer.wrap( kpasswdApReqpkt );
+        
+        ChangePasswordRequest chngPwdReq = ( ChangePasswordRequest ) ChangePasswordDecoder.decode( chngpwdReqData, false );
+
+        ApReq apReq = chngPwdReq.getAuthHeader();
+        byte[] decryptedAuthenticator = cipherTextHandler.decrypt( sessionKey, apReq.getAuthenticator(), KeyUsage.AP_REQ_AUTHNT_SESS_KEY );
+        Authenticator authenticator = KerberosDecoder.decodeAuthenticator( decryptedAuthenticator );
+        subSessionKey = authenticator.getSubKey();
+    }
+
+    public void decodeApRep( byte[] kpasswdReplypkt ) throws Exception
+    {
+        ByteBuffer chngpwdReplyData = ByteBuffer.wrap( kpasswdReplypkt );
+        
+        ChangePasswordReply chngPwdReply = ( ChangePasswordReply ) ChangePasswordDecoder.decode( chngpwdReplyData, false );
+
+        ApRep apRep = chngPwdReply.getApplicationReply();
+        
+        KrbPriv krbPriv = chngPwdReply.getPrivateMessage();
+        byte[] decryptedKrbPrivPart = cipherTextHandler.decrypt( subSessionKey, krbPriv.getEncPart(), KeyUsage.KRB_PRIV_ENC_PART_CHOSEN_KEY );
+        EncKrbPrivPart krbPrivPart = KerberosDecoder.decodeEncKrbPrivPart( decryptedKrbPrivPart );
+        System.out.println( krbPrivPart );
+    }
+    
+}

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicket.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicket.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicket.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicket.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,34 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+
+import org.apache.directory.shared.kerberos.components.EncKdcRepPart;
+import org.apache.directory.shared.kerberos.messages.Ticket;
+
+
+public class ServiceTicket extends AbstractTicket
+{
+    public ServiceTicket( Ticket ticket, EncKdcRepPart encKdcRepPart )
+    {
+        super( ticket, encKdcRepPart );
+    }
+
+}

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicketRequest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicketRequest.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicketRequest.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/ServiceTicketRequest.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,87 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+
+import org.apache.directory.shared.kerberos.codec.options.ApOptions;
+import org.apache.directory.shared.kerberos.codec.options.KdcOptions;
+import org.apache.directory.shared.kerberos.components.EncryptionKey;
+
+
+public class ServiceTicketRequest
+{
+    private TgTicket tgt;
+
+    private String serverPrincipal;
+
+    private ApOptions apOptions = new ApOptions();
+
+    private EncryptionKey subSessionKey;
+
+    private KdcOptions kdcOptions = new KdcOptions();
+    
+    public ServiceTicketRequest( TgTicket tgt, String serverPrincipal )
+    {
+        this.tgt = tgt;
+        this.serverPrincipal = serverPrincipal;
+    }
+
+
+    public TgTicket getTgt()
+    {
+        return tgt;
+    }
+
+
+    public String getServerPrincipal()
+    {
+        return serverPrincipal;
+    }
+
+
+    public ApOptions getApOptions()
+    {
+        return apOptions;
+    }
+
+
+    public EncryptionKey getSubSessionKey()
+    {
+        return subSessionKey;
+    }
+
+
+    public void setSubSessionKey( EncryptionKey subSessionKey )
+    {
+        this.subSessionKey = subSessionKey;
+    }
+
+
+    public KdcOptions getKdcOptions()
+    {
+        return kdcOptions;
+    }
+
+
+    public void setKdcOptions( KdcOptions kdcOptions )
+    {
+        this.kdcOptions = kdcOptions;
+    }
+}

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgTicket.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgTicket.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgTicket.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgTicket.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,55 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+
+import org.apache.directory.shared.kerberos.components.EncKdcRepPart;
+import org.apache.directory.shared.kerberos.messages.Ticket;
+
+
+public class TgTicket extends AbstractTicket
+{
+    private String clientPrincipal;
+
+
+    public TgTicket( Ticket ticket, EncKdcRepPart kdcRep, String clientPrincipal )
+    {
+        super( ticket, kdcRep );
+        this.clientPrincipal = clientPrincipal;
+    }
+
+
+    public String getRealm()
+    {
+        return ticket.getRealm();
+    }
+
+
+    public String getServerName()
+    {
+        return ticket.getSName().getNameString();
+    }
+
+
+    public String getClientName()
+    {
+        return clientPrincipal;
+    }
+}

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java?rev=1467804&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java (added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java Sun Apr 14 17:47:06 2013
@@ -0,0 +1,215 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.directory.kerberos.client;
+
+
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.directory.shared.kerberos.codec.options.KdcOptions;
+import org.apache.directory.shared.kerberos.components.HostAddress;
+
+
+public class TgtRequest
+{
+    private String clientPrincipal;// cname
+    private String password;
+    private String realm; // realm
+    private String serverPrincipal;// sname, optional
+
+    private long startTime;// from
+
+    private long expiryTime;// till
+
+    private long renewTill;// rtime
+
+    private List<HostAddress> hostAddresses = new ArrayList<HostAddress>();
+
+    private KdcOptions options = new KdcOptions();
+
+    private boolean preAuthEnabled = true;
+
+    public TgtRequest()
+    {
+        startTime = System.currentTimeMillis();
+        expiryTime = startTime + ( 8 * 60 * 60 * 1000 );
+    }
+    
+    
+    public void addHost( String hostNameOrIpAddress ) throws UnknownHostException
+    {
+        InetAddress address = InetAddress.getByName( hostNameOrIpAddress );
+        hostAddresses.add( new HostAddress( address ) );
+    }
+
+
+    public String getPassword()
+    {
+        return password;
+    }
+
+
+    public void setPassword( String password )
+    {
+        this.password = password;
+    }
+
+
+    public String getClientPrincipal()
+    {
+        return clientPrincipal;
+    }
+
+
+    public void setClientPrincipal( String clientPrincipal )
+    {
+        this.clientPrincipal = clientPrincipal;
+        realm = KdcClientUtil.extractRealm( clientPrincipal );
+    }
+
+
+    public String getRealm()
+    {
+        return realm;
+    }
+
+
+    public String getServerPrincipal()
+    {
+        return serverPrincipal;
+    }
+
+
+    public void setServerPrincipal( String serverPrincipal )
+    {
+        this.serverPrincipal = serverPrincipal;
+    }
+
+
+    public long getStartTime()
+    {
+        return startTime;
+    }
+
+
+    public void setStartTime( long startTime )
+    {
+        this.startTime = startTime;
+    }
+
+
+    public long getExpiryTime()
+    {
+        return expiryTime;
+    }
+
+
+    public void setExpiryTime( long expiryTime )
+    {
+        this.expiryTime = expiryTime;
+    }
+
+
+    public long getRenewTill()
+    {
+        return renewTill;
+    }
+
+
+    public void setRenewTill( long renewTill )
+    {
+        this.renewTill = renewTill;
+    }
+
+
+    public List<HostAddress> getHostAddresses()
+    {
+        return hostAddresses;
+    }
+
+
+    public void setForwardable( boolean forwardable )
+    {
+        setOrClear( KdcOptions.FORWARDABLE, forwardable );
+    }
+
+
+    public void setProxiable( boolean proxiable )
+    {
+        setOrClear( KdcOptions.PROXIABLE, proxiable );
+    }
+
+
+    public void setAllowPostdate( boolean allowPostdate )
+    {
+        setOrClear( KdcOptions.ALLOW_POSTDATE, allowPostdate );
+    }
+
+
+    public void setPostdated( boolean postdated )
+    {
+        setOrClear( KdcOptions.POSTDATED, postdated );
+    }
+
+    
+    public void setRenewableOk( boolean renewableOk )
+    {
+        setOrClear( KdcOptions.RENEWABLE_OK, renewableOk );
+    }
+
+    
+    public void setRenewable( boolean renewable )
+    {
+        setOrClear( KdcOptions.RENEWABLE, renewable );
+    }
+
+
+    public KdcOptions getOptions()
+    {
+        return options;
+    }
+
+    
+    public boolean isPreAuthEnabled()
+    {
+        return preAuthEnabled;
+    }
+
+
+    public void setPreAuthEnabled( boolean preAuthEnabled )
+    {
+        this.preAuthEnabled = preAuthEnabled;
+    }
+
+
+    private void setOrClear( int pos, boolean set )
+    {
+        if ( set )
+        {
+            options.setBit( pos );
+        }
+        else
+        {
+            options.clearBit( pos );
+        }
+    }
+}



Mime
View raw message