directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kayyag...@apache.org
Subject svn commit: r1471363 - in /directory/apacheds/trunk/kerberos-client2/src: main/java/org/apache/directory/kerberos/client/ test/java/org/apache/directory/kerberos/client/
Date Wed, 24 Apr 2013 10:42:26 GMT
Author: kayyagari
Date: Wed Apr 24 10:42:25 2013
New Revision: 1471363

URL: http://svn.apache.org/r1471363
Log:
o moved the KDC configuration to a dedicated class and updated KdcConnection to use it and
fixed tests
o enabled the changepassword test

Added:
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConfig.java
Modified:
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java
    directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java
    directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcAsRepTest.java
    directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcConnectionTest.java

Added: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConfig.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConfig.java?rev=1471363&view=auto
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConfig.java
(added)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConfig.java
Wed Apr 24 10:42:25 2013
@@ -0,0 +1,185 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.apache.directory.kerberos.client;
+
+
+import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES128_CTS_HMAC_SHA1_96;
+import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES256_CTS_HMAC_SHA1_96;
+import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES3_CBC_SHA1_KD;
+import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES_CBC_MD5;
+import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.RC4_HMAC;
+
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.directory.shared.kerberos.KerberosUtils;
+import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
+
+
+/**
+ * Configuration class for KDC and changepassword servers.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ */
+public class KdcConfig
+{
+    /** host name of the Kerberos server */
+    private String hostName = "localhost";
+
+    /** port on which the Kerberos server is listening */
+    private int kdcPort = 88;
+
+    /** port on which the change password server is listening */
+    private int passwdPort = 464;
+
+    /** flag to indicate if the client should use UDP while connecting to Kerberos server
*/
+    private boolean useUdp = true;
+
+    /** flag to indicate if legacy protocol version 1 should be used while sending the change
password request. Default is false, we send version 0xFF80 of rfc3244 */
+    private boolean useLegacyChngPwdProtocol = false;
+
+    /** the timeout of the connection to the Kerberos server */
+    private int timeout = 60000; // default 1 min
+
+    /** the set of encryption types that the client can support */
+    private Set<EncryptionType> encryptionTypes;
+
+    /** the default encryption types, this includes <b>many</b> encryption types
*/
+    private static Set<EncryptionType> DEFAULT_ENCRYPTION_TYPES;
+
+    static
+    {
+        DEFAULT_ENCRYPTION_TYPES = new HashSet<EncryptionType>();
+
+        DEFAULT_ENCRYPTION_TYPES.add( AES128_CTS_HMAC_SHA1_96 );
+        DEFAULT_ENCRYPTION_TYPES.add( AES256_CTS_HMAC_SHA1_96 );
+        DEFAULT_ENCRYPTION_TYPES.add( DES_CBC_MD5 );
+        DEFAULT_ENCRYPTION_TYPES.add( DES3_CBC_SHA1_KD );
+        DEFAULT_ENCRYPTION_TYPES.add( RC4_HMAC );
+        //DEFAULT_ENCRYPTION_TYPES.add( RC4_HMAC_EXP );
+
+        DEFAULT_ENCRYPTION_TYPES = KerberosUtils.orderEtypesByStrength( DEFAULT_ENCRYPTION_TYPES
);
+    }
+
+
+    public KdcConfig()
+    {
+    }
+
+
+    public static KdcConfig getDefaultConfig()
+    {
+        return new KdcConfig();
+    }
+
+
+    public String getHostName()
+    {
+        return hostName;
+    }
+
+
+    public void setHostName( String hostName )
+    {
+        this.hostName = hostName;
+    }
+
+
+    public int getKdcPort()
+    {
+        return kdcPort;
+    }
+
+
+    public void setKdcPort( int kdcPort )
+    {
+        this.kdcPort = kdcPort;
+    }
+
+
+    public int getPasswdPort()
+    {
+        return passwdPort;
+    }
+
+
+    public void setPasswdPort( int passwdPort )
+    {
+        this.passwdPort = passwdPort;
+    }
+
+
+    public boolean isUseUdp()
+    {
+        return useUdp;
+    }
+
+
+    public void setUseUdp( boolean useUdp )
+    {
+        this.useUdp = useUdp;
+    }
+
+
+    public boolean isUseLegacyChngPwdProtocol()
+    {
+        return useLegacyChngPwdProtocol;
+    }
+
+
+    public void setUseLegacyChngPwdProtocol( boolean useLegacyChngPwdProtocol )
+    {
+        this.useLegacyChngPwdProtocol = useLegacyChngPwdProtocol;
+    }
+
+
+    public int getTimeout()
+    {
+        return timeout;
+    }
+
+
+    public void setTimeout( int timeout )
+    {
+        this.timeout = timeout;
+    }
+
+
+    public Set<EncryptionType> getEncryptionTypes()
+    {
+        return encryptionTypes;
+    }
+
+
+    public void setEncryptionTypes( Set<EncryptionType> encryptionTypes )
+    {
+        this.encryptionTypes = encryptionTypes;
+    }
+
+
+    @Override
+    public String toString()
+    {
+        return "KdcConfig [hostName=" + hostName + ", kdcPort=" + kdcPort + ", passwdPort="
+ passwdPort + ", useUdp="
+            + useUdp + ", useLegacyChngPwdProtocol=" + useLegacyChngPwdProtocol + ", timeout="
+ timeout
+            + ", encryptionTypes=" + encryptionTypes + "]";
+    }
+
+}

Modified: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java?rev=1471363&r1=1471362&r2=1471363&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java
(original)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/KdcConnection.java
Wed Apr 24 10:42:25 2013
@@ -20,19 +20,12 @@
 package org.apache.directory.kerberos.client;
 
 
-import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES128_CTS_HMAC_SHA1_96;
-import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES256_CTS_HMAC_SHA1_96;
-import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES3_CBC_SHA1_KD;
-import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES_CBC_MD5;
-
 import java.io.IOException;
 import java.net.InetAddress;
 import java.nio.ByteBuffer;
 import java.security.SecureRandom;
 import java.text.ParseException;
-import java.util.HashSet;
 import java.util.List;
-import java.util.Set;
 
 import javax.security.auth.kerberos.KerberosPrincipal;
 
@@ -54,7 +47,6 @@ import org.apache.directory.server.kerbe
 import org.apache.directory.server.kerberos.shared.crypto.encryption.KeyUsage;
 import org.apache.directory.server.kerberos.shared.crypto.encryption.RandomKeyFactory;
 import org.apache.directory.shared.kerberos.KerberosTime;
-import org.apache.directory.shared.kerberos.KerberosUtils;
 import org.apache.directory.shared.kerberos.codec.KerberosMessageContainer;
 import org.apache.directory.shared.kerberos.codec.options.ApOptions;
 import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
@@ -99,25 +91,10 @@ public class KdcConnection
 {
 
     private static final Logger LOG = LoggerFactory.getLogger( KdcConnection.class );
-    
-    /** host name of the Kerberos server */
-    private String host;
-
-    /** port on which the Kerberos server is listening */
-    private int port;
-
-    /** flag to indicate if the client should use UDP while connecting to Kerberos server
*/
-    private boolean useUdp;
-
-    /** the timeout of the connection to the Kerberos server */
-    private int timeout = 60000; // default 1 min
 
     /** a secure random number generator used for creating nonces */
     private SecureRandom nonceGenerator;
 
-    /** the set of encryption types that the client can support */
-    private Set<EncryptionType> encryptionTypes;
-    
     static final String TIME_OUT_ERROR = "TimeOut occured";
     
     /** the cipher text handler */
@@ -126,81 +103,27 @@ public class KdcConnection
     /** underlying network channel handler */
     private KerberosChannel channel;
     
-    /** the default encryption types, this includes <b>many</b> encryption types
*/
-    private static Set<EncryptionType> DEFAULT_ENCRYPTION_TYPES;
-    
-
-    static
-    {
-        DEFAULT_ENCRYPTION_TYPES = new HashSet<EncryptionType>();
-        
-        DEFAULT_ENCRYPTION_TYPES.add( AES128_CTS_HMAC_SHA1_96 );
-        DEFAULT_ENCRYPTION_TYPES.add( AES256_CTS_HMAC_SHA1_96 );
-        DEFAULT_ENCRYPTION_TYPES.add( DES_CBC_MD5 );
-        DEFAULT_ENCRYPTION_TYPES.add( DES3_CBC_SHA1_KD );
-//        DEFAULT_ENCRYPTION_TYPES.add( RC4_HMAC );
-//        DEFAULT_ENCRYPTION_TYPES.add( RC4_HMAC_EXP );
-        
-        DEFAULT_ENCRYPTION_TYPES = KerberosUtils.orderEtypesByStrength( DEFAULT_ENCRYPTION_TYPES
);
-    }
-    
+    private KdcConfig config;
     
     /**
      * 
      * Creates a new instance of KdcConnection.
      *
-     * @param host the host name of Kerberos server
-     * @param port the port on which Kerberos server is listening
-     * @param isUdp flag to indicate if UDP should be used instead of TCP
+     * @param config the configuration of KDC
      */
-    private KdcConnection( String host, int port, boolean isUdp )
+    public KdcConnection( KdcConfig config )
     {
-        this.host = host;
-        this.port = port;
-        this.useUdp = isUdp;
+        this.config = config;
         
         nonceGenerator = new SecureRandom( String.valueOf( System.currentTimeMillis() ).getBytes()
);
         cipherTextHandler = new CipherTextHandler();
         channel = new KerberosChannel();
-        encryptionTypes = DEFAULT_ENCRYPTION_TYPES;
     }
 
 
-    /**
-     * created a UDP based Kerberos client connection
-     * 
-     * @param host the host name of Kerberos server
-     * @param port the port on which Kerberos server is listening
-     * @return
-     * @throws Exception
-     */
-    public static KdcConnection createUdpConnection( String host, int port ) throws Exception
-    {
-        KdcConnection connection = new KdcConnection( host, port, true );
-        
-        return connection;
-    }
-
-
-    /**
-     * created a TCP based Kerberos client connection
-     * 
-     * @param host the host name of Kerberos server
-     * @param port the port on which Kerberos server is listening
-     * @return
-     * @throws Exception
-     */
-    public static KdcConnection createTcpConnection( String host, int port ) throws Exception
-    {
-        KdcConnection connection = new KdcConnection( host, port, false );
-        
-        return connection;
-    }
-
-    
     private void connect() throws IOException
     {
-        channel.openConnection( host, port, timeout, useUdp );
+        channel.openConnection( config.getHostName(), config.getKdcPort(), config.getTimeout(),
config.isUseUdp() );
     }
     
     
@@ -237,7 +160,7 @@ public class KdcConnection
         TgtRequest clientTgtReq = new TgtRequest();
         clientTgtReq.setClientPrincipal( clientPrincipal );
         clientTgtReq.setPassword( password );
-
+        
         TgTicket tgt = getTgt( clientTgtReq );
         
         return getServiceTicket( new ServiceTicketRequest( tgt, serverPrincipal ) );
@@ -269,7 +192,7 @@ public class KdcConnection
             {
                 if ( ke.getErrorCode() == ErrorType.KDC_ERR_PREAUTH_REQUIRED.getValue() )
                 {
-                    encryptionTypes = KdcClientUtil.getEtypesFromError( ke.getError() );
+                    clientTgtReq.setETypes( KdcClientUtil.getEtypesFromError( ke.getError()
) );
                     clientTgtReq.setPreAuthEnabled( true );
                 }
             }
@@ -295,6 +218,11 @@ public class KdcConnection
             clientTgtReq.setServerPrincipal( serverPrincipal );
         }
 
+        if( clientTgtReq.getETypes() == null )
+        {
+            clientTgtReq.setETypes( config.getEncryptionTypes() );
+        }
+        
         KdcReqBody body = new KdcReqBody();
         
         body.setFrom( new KerberosTime( clientTgtReq.getStartTime() ) );
@@ -316,7 +244,7 @@ public class KdcConnection
         body.setTill( new KerberosTime( clientTgtReq.getExpiryTime() ) );
         int currentNonce = nonceGenerator.nextInt();
         body.setNonce( currentNonce );
-        body.setEType( encryptionTypes );
+        body.setEType( clientTgtReq.getETypes() );
         body.setKdcOptions( clientTgtReq.getOptions() );
         
         List<HostAddress> lstAddresses = clientTgtReq.getHostAddresses();
@@ -331,7 +259,7 @@ public class KdcConnection
             body.setAddresses( addresses );
         }
         
-        EncryptionType encryptionType = encryptionTypes.iterator().next();
+        EncryptionType encryptionType = clientTgtReq.getETypes().iterator().next();
         usedEType = encryptionType;
         EncryptionKey clientKey = KerberosKeyFactory.string2Key( clientTgtReq.getClientPrincipal(),
clientTgtReq.getPassword(), encryptionType );
 
@@ -508,7 +436,7 @@ public class KdcConnection
         tgsReqBody.setTill( getDefaultTill() );
         int currentNonce = nonceGenerator.nextInt();
         tgsReqBody.setNonce( currentNonce );
-        tgsReqBody.setEType( encryptionTypes );
+        tgsReqBody.setEType( config.getEncryptionTypes() );
         
         PrincipalName principalName = new PrincipalName( KdcClientUtil.extractName( serverPrincipal
), KerberosPrincipal.KRB_NT_SRV_HST );
         tgsReqBody.setSName( principalName );
@@ -589,7 +517,7 @@ public class KdcConnection
     }
     
     
-    public ChangePasswordResult changePassword( String clientPrincipal, String oldPassword,
String newPassword, String host, int port, boolean isUdp, boolean useRfc3244Structure ) throws
ChangePasswordException
+    public ChangePasswordResult changePassword( String clientPrincipal, String oldPassword,
String newPassword ) throws ChangePasswordException
     {
         KerberosChannel channel = null;
         
@@ -630,20 +558,21 @@ public class KdcConnection
             part.setSeqNumber( authenticator.getSeqNumber() );
             part.setTimestamp( authenticator.getCtime() );
 
-            short changePwdPVNO = ChangePasswordRequest.OLD_PVNO;
+            short changePwdPVNO = ChangePasswordRequest.PVNO;
             
-            if( useRfc3244Structure )
+            if( config.isUseLegacyChngPwdProtocol() )
+            {
+                part.setUserData( Strings.getBytesUtf8( newPassword ) );
+                changePwdPVNO = ChangePasswordRequest.OLD_PVNO;
+            }
+            else
             {
                 ChangePasswdData chngPwdData = new ChangePasswdData();
                 chngPwdData.setNewPasswd( Strings.getBytesUtf8( newPassword ) );
                 //chngPwdData.setTargName( new PrincipalName( clientPrincipal, PrincipalNameType.KRB_NT_PRINCIPAL
) );
                 //chngPwdData.setTargRealm( clientTgtReq.getRealm() );
-                part.setUserData( getEncoded( chngPwdData ) );
-                changePwdPVNO = ChangePasswordRequest.PVNO;
-            }
-            else
-            {
-                part.setUserData( Strings.getBytesUtf8( newPassword ) );
+                byte[] data = getEncoded( chngPwdData );
+                part.setUserData( data );
             }
             
             EncryptedData encKrbPrivPartData = cipherTextHandler.encrypt( subKey, getEncoded(
part ), KeyUsage.KRB_PRIV_ENC_PART_CHOSEN_KEY );
@@ -652,7 +581,7 @@ public class KdcConnection
             ChangePasswordRequest req = new ChangePasswordRequest( changePwdPVNO, apReq,
privateMessage );
             
             channel = new KerberosChannel();
-            channel.openConnection( host, port, timeout, isUdp );
+            channel.openConnection( config.getHostName(), config.getPasswdPort(), config.getTimeout(),
config.isUseUdp() );
             
             AbstractPasswordMessage reply = sendAndReceiveChngPwdMsg( req, channel );
             
@@ -728,30 +657,7 @@ public class KdcConnection
         return new KerberosTime( System.currentTimeMillis() + ( KerberosTime.MINUTE * 60
) );
     }
     
-    
-    public Set<EncryptionType> getEncryptionTypes()
-    {
-        return encryptionTypes;
-    }
-
-
-    public void setEncryptionTypes( Set<EncryptionType> encryptionTypes )
-    {
-        this.encryptionTypes = KerberosUtils.orderEtypesByStrength( encryptionTypes );
-    }
-
 
-    public long getTimeout()
-    {
-        return timeout;
-    }
-
-
-    public void setTimeout( int timeout )
-    {
-        this.timeout = timeout;
-    }
-    
     private KerberosMessage sendAndReceiveKrbMsg( KerberosMessage req ) throws Exception
     {
         ByteBuffer encodedBuf = KerberosEncoder.encode( req, channel.isUseTcp() );

Modified: directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java?rev=1471363&r1=1471362&r2=1471363&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java
(original)
+++ directory/apacheds/trunk/kerberos-client2/src/main/java/org/apache/directory/kerberos/client/TgtRequest.java
Wed Apr 24 10:42:25 2013
@@ -24,8 +24,10 @@ import java.net.InetAddress;
 import java.net.UnknownHostException;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Set;
 
 import org.apache.directory.shared.kerberos.codec.options.KdcOptions;
+import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
 import org.apache.directory.shared.kerberos.components.HostAddress;
 
 
@@ -48,6 +50,9 @@ public class TgtRequest
 
     private boolean preAuthEnabled = false;
 
+    /** the set of encryption types that the server replied */
+    private Set<EncryptionType> eTypes;
+
     public TgtRequest()
     {
         startTime = System.currentTimeMillis();
@@ -210,6 +215,19 @@ public class TgtRequest
         return KdcClientUtil.extractName( clientPrincipal );
     }
 
+    
+    public Set<EncryptionType> getETypes()
+    {
+        return eTypes;
+    }
+
+
+    public void setETypes( Set<EncryptionType> eTypes )
+    {
+        this.eTypes = eTypes;
+    }
+
+
     private void setOrClear( int pos, boolean set )
     {
         if ( set )

Modified: directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcAsRepTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcAsRepTest.java?rev=1471363&r1=1471362&r2=1471363&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcAsRepTest.java
(original)
+++ directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcAsRepTest.java
Wed Apr 24 10:42:25 2013
@@ -54,7 +54,7 @@ import org.junit.runner.RunWith;
 
 
 @RunWith(FrameworkRunner.class)
-@CreateDS(name = "KerberosTcpIT-class", enableChangeLog = false,
+@CreateDS(name = "KdcAsRepTest-class", enableChangeLog = false,
     partitions =
         {
             @CreatePartition(
@@ -133,8 +133,12 @@ public class KdcAsRepTest extends Abstra
         
         if ( conn == null )
         {
-            conn = KdcConnection.createTcpConnection( "localhost", kdcServer.getTcpPort()
);
-            conn.setTimeout( Integer.MAX_VALUE );
+            KdcConfig config = KdcConfig.getDefaultConfig();
+            config.setUseUdp( false );
+            config.setKdcPort( kdcServer.getTcpPort() );
+            config.setEncryptionTypes( kdcServer.getConfig().getEncryptionTypes() );
+            config.setTimeout( Integer.MAX_VALUE );
+            conn = new KdcConnection( config );
         }
     }
     

Modified: directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcConnectionTest.java
URL: http://svn.apache.org/viewvc/directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcConnectionTest.java?rev=1471363&r1=1471362&r2=1471363&view=diff
==============================================================================
--- directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcConnectionTest.java
(original)
+++ directory/apacheds/trunk/kerberos-client2/src/test/java/org/apache/directory/kerberos/client/KdcConnectionTest.java
Wed Apr 24 10:42:25 2013
@@ -20,6 +20,7 @@
 package org.apache.directory.kerberos.client;
 
 
+import static org.apache.directory.kerberos.client.ChangePasswordResultCode.KRB5_KPASSWD_SUCCESS;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertTrue;
@@ -43,13 +44,11 @@ import org.apache.directory.server.proto
 import org.apache.directory.server.protocol.shared.transport.UdpTransport;
 import org.apache.directory.shared.kerberos.exceptions.KerberosException;
 import org.junit.Before;
-import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
-import static org.apache.directory.kerberos.client.ChangePasswordResultCode.*;
 
 @RunWith(FrameworkRunner.class)
-@CreateDS(name = "KerberosTcpIT-class", enableChangeLog = false,
+@CreateDS(name = "KdcConnectionTest-class", enableChangeLog = false,
     partitions =
         {
             @CreatePartition(
@@ -146,21 +145,26 @@ public class KdcConnectionTest extends A
     
     private String serverPrincipal = "ldap/localhost@EXAMPLE.COM";
 
+    
     @Before
     public void setup() throws Exception
     {
+        kdcServer.setSearchBaseDn( USERS_DN );
         if ( session == null )
         {
-            kdcServer.setSearchBaseDn( USERS_DN );
             session = kdcServer.getDirectoryService().getAdminSession();
             createPrincipal( "will", userPassword, principalName );
         }
         
         if ( conn == null )
         {
-            conn = KdcConnection.createTcpConnection( "localhost", kdcServer.getTcpPort()
);
-            conn.setEncryptionTypes( kdcServer.getConfig().getEncryptionTypes() );
-            conn.setTimeout( Integer.MAX_VALUE );
+            KdcConfig config = KdcConfig.getDefaultConfig();
+            config.setUseUdp( false );
+            config.setKdcPort( kdcServer.getTcpPort() );
+            config.setPasswdPort( kdcServer.getChangePwdServer().getTcpPort() );
+            config.setEncryptionTypes( kdcServer.getConfig().getEncryptionTypes() );
+            config.setTimeout( Integer.MAX_VALUE );
+            conn = new KdcConnection( config );
         }
     }
     
@@ -177,9 +181,11 @@ public class KdcConnectionTest extends A
     @Test
     public void testGettingInitialTicketUdp() throws Exception
     {
-        KdcConnection udpConn = KdcConnection.createUdpConnection( "localhost", getUdpPort()
);
-        udpConn.setEncryptionTypes( kdcServer.getConfig().getEncryptionTypes() );
-        udpConn.setTimeout( Integer.MAX_VALUE );
+        KdcConfig config = new KdcConfig();
+        config.setKdcPort( getUdpPort() );
+        config.setEncryptionTypes( kdcServer.getConfig().getEncryptionTypes() );
+        config.setTimeout( Integer.MAX_VALUE );
+        KdcConnection udpConn = new KdcConnection( config );
         
         TgTicket tgt = udpConn.getTgt( principalName, userPassword );
         assertNotNull( tgt );
@@ -210,19 +216,21 @@ public class KdcConnectionTest extends A
     
     
     @Test
-    @Ignore("Failing with NPE in public ChangePasswdErrorType getResultCode()")
     public void testChangePassword() throws Exception
     {
+        String uid = "kayyagari";
+        String principal = uid + "@EXAMPLE.COM";
+        createPrincipal( uid, userPassword, principal );
+        
         String newPassword = "newPassword";
-        int port = kdcServer.getChangePwdServer().getTcpPort();
         
-        ChangePasswordResult result = conn.changePassword( principalName, userPassword, newPassword,
"localhost", port, false, false );
+        ChangePasswordResult result = conn.changePassword( principal, userPassword, newPassword
);
         assertNotNull( result );
         assertTrue( KRB5_KPASSWD_SUCCESS.getVal() == result.getCode().getVal() );
         
         try
         {
-            conn.getTgt( principalName, userPassword );
+            conn.getTgt( principal, userPassword );
             fail( "should fail with kerberos exception cause of invalid password" );
         }
         catch( KerberosException e )
@@ -230,7 +238,7 @@ public class KdcConnectionTest extends A
             e.printStackTrace();
         }
         
-        TgTicket tgt = conn.getTgt( principalName, newPassword );
+        TgTicket tgt = conn.getTgt( principal, newPassword );
         assertNotNull( tgt );
     }
     



Mime
View raw message