directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject [01/26] directory-kerby git commit: Add some java doc.
Date Mon, 10 Aug 2015 05:15:42 GMT
Repository: directory-kerby
Updated Branches:
  refs/heads/pkinit-support 1508c8889 -> 3976c5ab0


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
index a4abf75..367c8c2 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/AsRequest.java
@@ -50,6 +50,9 @@ public class AsRequest extends KdcRequest {
         super(asReq, kdcContext);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     protected void checkClient() throws KrbException {
         KdcReq request = getKdcReq();
@@ -94,6 +97,9 @@ public class AsRequest extends KdcRequest {
         }
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     protected void issueTicket() throws KrbException {
         TickertIssuer issuer = new TgtTickertIssuer(this);
@@ -101,6 +107,9 @@ public class AsRequest extends KdcRequest {
         setTicket(newTicket);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     protected void makeReply() throws KrbException {
 
@@ -123,6 +132,9 @@ public class AsRequest extends KdcRequest {
         setReply(reply);
     }
 
+    /**
+     * Make EncKdcRepPart.
+     */
     protected EncKdcRepPart makeEncKdcRepPart() {
         KdcReq request = getKdcReq();
         Ticket ticket = getTicket();

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
index 3581aac..059eee0 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/KdcRequest.java
@@ -6,16 +6,16 @@
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
- *  
+ *
  *    http://www.apache.org/licenses/LICENSE-2.0
- *  
+ *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
- *  under the License. 
- *  
+ *  under the License.
+ *
  */
 package org.apache.kerby.kerberos.kerb.server.request;
 
@@ -94,10 +94,16 @@ public abstract class KdcRequest {
     private Boolean isToken = false;
     private EncryptionKey sessionKey;
 
+    /**
+     * Get session key.
+     */
     public EncryptionKey getSessionKey() {
         return sessionKey;
     }
 
+    /**
+     * Set session key.
+     */
     public void setSessionKey(EncryptionKey sessionKey) {
         this.sessionKey = sessionKey;
     }
@@ -111,18 +117,30 @@ public abstract class KdcRequest {
         this.fastContext = new KdcFastContext();
     }
 
+    /**
+     * Get kdc context.
+     */
     public KdcContext getKdcContext() {
         return kdcContext;
     }
 
+    /**
+     * Get KdcReq.
+     */
     public KdcReq getKdcReq() {
         return kdcReq;
     }
 
+    /**
+     * Get preauth context.
+     */
     public PreauthContext getPreauthContext() {
         return preauthContext;
     }
 
+    /**
+     * Process the kdcrequest from client and issue the ticket.
+     */
     public void process() throws KrbException {
         checkVersion();
         checkTgsEntry();
@@ -142,11 +160,17 @@ public abstract class KdcRequest {
         makeReply();
     }
 
+    /**
+     * Check the tgs entry.
+     */
     private void checkTgsEntry() throws KrbException {
         KrbIdentity tgsEntry = getEntry(getTgsPrincipal().getName());
         setTgsEntry(tgsEntry);
     }
 
+    /**
+     * Find the fast from padata.
+     */
     private void kdcFindFast() throws KrbException {
 
         PaData paData = getKdcReq().getPaData();
@@ -154,14 +178,14 @@ public abstract class KdcRequest {
             if (paEntry.getPaDataType() == PaDataType.FX_FAST) {
                 LOG.info("Found fast padata and start to process it.");
                 KrbFastArmoredReq fastArmoredReq = KrbCodec.decode(paEntry.getPaDataValue(),
-                    KrbFastArmoredReq.class);
+                        KrbFastArmoredReq.class);
                 KrbFastArmor fastArmor = fastArmoredReq.getArmor();
                 armorApRequest(fastArmor);
 
                 EncryptedData encryptedData = fastArmoredReq.getEncryptedFastReq();
                 KrbFastReq fastReq = KrbCodec.decode(
-                    EncryptionHandler.decrypt(encryptedData, getArmorKey(), KeyUsage.FAST_ENC),
-                    KrbFastReq.class);
+                        EncryptionHandler.decrypt(encryptedData, getArmorKey(), KeyUsage.FAST_ENC),
+                        KrbFastReq.class);
                 innerBodyout = fastReq.getKdcReqBody().encode();
 
                 // TODO: get checksumed data in stream
@@ -171,11 +195,14 @@ public abstract class KdcRequest {
                     throw new KrbException(KrbErrorCode.KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED);
                 }
                 CheckSumHandler.verifyWithKey(checkSum, getKdcReq().getReqBody().encode(),
-                    getArmorKey().getKeyData(), KeyUsage.FAST_REQ_CHKSUM);
+                        getArmorKey().getKeyData(), KeyUsage.FAST_REQ_CHKSUM);
             }
         }
     }
 
+    /**
+     * Get the armor key.
+     */
     private void armorApRequest(KrbFastArmor fastArmor) throws KrbException {
         if (fastArmor.getArmorType() == ArmorType.ARMOR_AP_REQUEST) {
             ApReq apReq = KrbCodec.decode(fastArmor.getArmorValue(), ApReq.class);
@@ -188,131 +215,212 @@ public abstract class KdcRequest {
             }
 
             EncTicketPart encPart = EncryptionUtil.unseal(ticket.getEncryptedEncPart(),
-                tgsKey, KeyUsage.KDC_REP_TICKET, EncTicketPart.class);
+                    tgsKey, KeyUsage.KDC_REP_TICKET, EncTicketPart.class);
             ticket.setEncPart(encPart);
 
             EncryptionKey encKey = ticket.getEncPart().getKey();
             setSessionKey(encKey);
 
             Authenticator authenticator = EncryptionUtil.unseal(apReq.getEncryptedAuthenticator(),
-                encKey, KeyUsage.AP_REQ_AUTH, Authenticator.class);
+                    encKey, KeyUsage.AP_REQ_AUTH, Authenticator.class);
 
             EncryptionKey armorKey = FastUtil.cf2(authenticator.getSubKey(), "subkeyarmor",
-                encKey, "ticketarmor");
+                    encKey, "ticketarmor");
             setArmorKey(armorKey);
         }
     }
 
+    /**
+     * Get tgs entry.
+     */
     public KrbIdentity getTgsEntry() {
         return tgsEntry;
     }
 
+    /**
+     * Set tgs entry .
+     */
     public void setTgsEntry(KrbIdentity tgsEntry) {
         this.tgsEntry = tgsEntry;
     }
 
+    /**
+     * Get whether is tcp.
+     */
     public boolean isTcp() {
         return isTcp;
     }
 
+    /**
+     * Set use tcp.
+     */
     public void isTcp(boolean isTcp) {
         this.isTcp = isTcp;
     }
 
+    /**
+     * Get the reply message.
+     */
     public KrbMessage getReply() {
         return reply;
     }
 
+    /**
+     * Set kdc reply.
+     */
     public void setReply(KdcRep reply) {
         this.reply = reply;
     }
 
+    /**
+     * Get client address.
+     */
     public InetAddress getClientAddress() {
         return clientAddress;
     }
 
+    /**
+     * Set client address.
+     */
     public void setClientAddress(InetAddress clientAddress) {
         this.clientAddress = clientAddress;
     }
 
+    /**
+     * Get encryption type.
+     */
     public EncryptionType getEncryptionType() {
         return encryptionType;
     }
 
+    /**
+     * Set encryption type.
+     */
     public void setEncryptionType(EncryptionType encryptionType) {
         this.encryptionType = encryptionType;
     }
 
+    /**
+     * Get ticket.
+     */
     public Ticket getTicket() {
         return ticket;
     }
 
+    /**
+     * Set ticket.
+     */
     public void setTicket(Ticket ticket) {
         this.ticket = ticket;
     }
 
+    /**
+     * Get whether pre-authenticated.
+     */
     public boolean isPreAuthenticated() {
         return isPreAuthenticated;
     }
 
+    /**
+     * Set whether pre-authenticated.
+     */
     public void setPreAuthenticated(boolean isPreAuthenticated) {
         this.isPreAuthenticated = isPreAuthenticated;
     }
 
+    /**
+     * Get server entry.
+     */
     public KrbIdentity getServerEntry() {
         return serverEntry;
     }
 
+    /**
+     * Set server entry.
+     */
     public void setServerEntry(KrbIdentity serverEntry) {
         this.serverEntry = serverEntry;
     }
 
+    /**
+     * Get client entry.
+     */
     public KrbIdentity getClientEntry() {
         return clientEntry;
     }
 
+    /**
+     * Set client entry.
+     */
     public void setClientEntry(KrbIdentity clientEntry) {
         this.clientEntry = clientEntry;
     }
 
+    /**
+     * Get client key with entryption type.
+     */
     public EncryptionKey getClientKey(EncryptionType encType) throws KrbException {
         return getClientEntry().getKey(encType);
     }
 
+    /**
+     * Get client key.
+     */
     public EncryptionKey getClientKey() {
         return clientKey;
     }
 
+    /**
+     * Set client key.
+     */
     public void setClientKey(EncryptionKey clientKey) {
         this.clientKey = clientKey;
     }
 
+    /**
+     * Get server key.
+     */
     public EncryptionKey getServerKey() {
         return serverKey;
     }
 
+    /**
+     * Set server key.
+     */
     public void setServerKey(EncryptionKey serverKey) {
         this.serverKey = serverKey;
     }
 
+    /**
+     * Get tgs principal name.
+     */
     public PrincipalName getTgsPrincipal() {
         PrincipalName result = KrbUtil.makeTgsPrincipal(kdcContext.getKdcRealm());
         return result;
     }
 
+    /**
+     * Make reply.
+     */
     protected abstract void makeReply() throws KrbException;
 
+    /**
+     * Check Version.
+     */
     protected void checkVersion() throws KrbException {
         KdcReq request = getKdcReq();
 
         int kerberosVersion = request.getPvno();
         if (kerberosVersion != KrbConstant.KRB_V5) {
             LOG.warn("Kerberos version: " + kerberosVersion + " should equal to "
-                + KrbConstant.KRB_V5);
+                    + KrbConstant.KRB_V5);
             throw new KrbException(KrbErrorCode.KDC_ERR_BAD_PVNO);
         }
     }
 
+    /**
+     * Check policy.
+     */
     protected void checkPolicy() throws KrbException {
         KrbIdentity entry = getClientEntry();
 
@@ -334,8 +442,14 @@ public abstract class KdcRequest {
         }
     }
 
+    /**
+     * Check client.
+     */
     protected abstract void checkClient() throws KrbException;
 
+    /**
+     * Do the preatuh.
+     */
     protected void preauth() throws KrbException {
         KdcReq request = getKdcReq();
 
@@ -345,7 +459,7 @@ public abstract class KdcRequest {
             if (preAuthData == null || preAuthData.isEmpty()) {
                 LOG.info("The preauth data is empty.");
                 KrbError krbError = makePreAuthenticationError(kdcContext, request,
-                    KrbErrorCode.KDC_ERR_PREAUTH_REQUIRED);
+                        KrbErrorCode.KDC_ERR_PREAUTH_REQUIRED);
                 throw new KdcRecoverableException(krbError);
             } else {
                 getPreauthHandler().verify(this, preAuthData);
@@ -355,18 +469,30 @@ public abstract class KdcRequest {
         setPreAuthenticated(true);
     }
 
+    /**
+     * Set whether preauth required.
+     */
     protected void setPreauthRequired(boolean preauthRequired) {
         preauthContext.setPreauthRequired(preauthRequired);
     }
 
+    /**
+     * Get whether preauth required.
+     */
     protected boolean isPreauthRequired() {
         return preauthContext.isPreauthRequired();
     }
 
+    /**
+     * Get preauth handler.
+     */
     protected PreauthHandler getPreauthHandler() {
         return kdcContext.getPreauthHandler();
     }
 
+    /**
+     * Check encryption type.
+     */
     protected void checkEncryptionType() throws KrbException {
         List<EncryptionType> requestedTypes = getKdcReq().getReqBody().getEtypes();
 
@@ -381,13 +507,22 @@ public abstract class KdcRequest {
         setEncryptionType(bestType);
     }
 
+    /**
+     * Do some authenticate.
+     */
     protected void authenticate() throws KrbException {
         checkEncryptionType();
         checkPolicy();
     }
 
+    /**
+     * Issue ticket.
+     */
     protected abstract void issueTicket() throws KrbException;
 
+    /**
+     * Check server.
+     */
     private void checkServer() throws KrbException {
         KdcReq request = getKdcReq();
 
@@ -410,9 +545,17 @@ public abstract class KdcRequest {
         }
     }
 
+    /**
+     * Make preauthentication error.
+     *
+     * @param kdcContext
+     * @param request
+     * @param errorCode
+     * @return The krb error reply to client
+     */
     protected KrbError makePreAuthenticationError(KdcContext kdcContext, KdcReq request,
-                                                      KrbErrorCode errorCode)
-        throws KrbException {
+                                                  KrbErrorCode errorCode)
+            throws KrbException {
         List<EncryptionType> encryptionTypes = kdcContext.getConfig().getEncryptionTypes();
         List<EncryptionType> clientEtypes = request.getReqBody().getEtypes();
         boolean isNewEtype = true;
@@ -458,6 +601,9 @@ public abstract class KdcRequest {
         return krbError;
     }
 
+    /**
+     * Get identity entry with principal name.
+     */
     protected KrbIdentity getEntry(String principal) throws KrbException {
         KrbIdentity entry;
         entry = kdcContext.getIdentityService().getIdentity(principal);
@@ -469,38 +615,65 @@ public abstract class KdcRequest {
         return entry;
     }
 
+    /**
+     * Get request body.
+     */
     protected ByteBuffer getRequestBody() throws KrbException {
         return null;
     }
 
+    /**
+     * Get armor key.
+     */
     public EncryptionKey getArmorKey() throws KrbException {
         return fastContext.getArmorKey();
     }
 
+    /**
+     * Set armor key.
+     */
     protected void setArmorKey(EncryptionKey armorKey) {
         fastContext.setArmorKey(armorKey);
     }
 
+    /**
+     * Get server principal.
+     */
     public PrincipalName getServerPrincipal() {
         return serverPrincipal;
     }
 
+    /**
+     * Set server principal.
+     */
     public void setServerPrincipal(PrincipalName serverPrincipal) {
         this.serverPrincipal = serverPrincipal;
     }
 
+    /**
+     * Get innerbodyout.
+     */
     protected byte[] getInnerBodyout() {
         return innerBodyout;
     }
 
+    /**
+     * Get whether kdc request with token.
+     */
     protected boolean isToken() {
         return isToken;
     }
 
+    /**
+     * Set auth token.
+     */
     public void setToken(AuthToken authToken) {
         this.token = authToken;
     }
 
+    /**
+     * Get auth token.
+     */
     protected AuthToken getToken() {
         return token;
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TgsRequest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TgsRequest.java
b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TgsRequest.java
index 078f881..d654550 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TgsRequest.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/request/TgsRequest.java
@@ -6,16 +6,16 @@
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
- *  
+ *
  *    http://www.apache.org/licenses/LICENSE-2.0
- *  
+ *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License. 
- *  
+ *
  */
 package org.apache.kerby.kerberos.kerb.server.request;
 
@@ -63,23 +63,44 @@ public class TgsRequest extends KdcRequest {
         setPreauthRequired(true);
     }
 
+    /**
+     * Get tgt session key.
+     *
+     * @return The tgt session key
+     */
     public EncryptionKey getTgtSessionKey() {
         return tgtSessionKey;
     }
 
+    /**
+     * Set tgt session key.
+     *
+     * @param tgtSessionKey The tgt session key
+     */
     public void setTgtSessionKey(EncryptionKey tgtSessionKey) {
         this.tgtSessionKey = tgtSessionKey;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     protected void checkClient() throws KrbException {
         // Nothing to do at this phase because client couldn't be checked out yet.
     }
 
+    /**
+     * Get tgt ticket.
+     *
+     * @return The tgt ticket.
+     */
     protected Ticket getTgtTicket() {
         return tgtTicket;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     protected void issueTicket() throws KrbException {
         TickertIssuer issuer = new ServiceTickertIssuer(this);
@@ -87,6 +108,9 @@ public class TgsRequest extends KdcRequest {
         setTicket(newTicket);
     }
 
+    /**
+     * Verify authenticator.
+     */
     public void verifyAuthenticator(PaDataEntry paDataEntry) throws KrbException {
         ApReq apReq = KrbCodec.decode(paDataEntry.getPaDataValue(), ApReq.class);
 
@@ -106,7 +130,7 @@ public class TgsRequest extends KdcRequest {
         }
 
         EncTicketPart encPart = EncryptionUtil.unseal(tgtTicket.getEncryptedEncPart(),
-                tgsKey, KeyUsage.KDC_REP_TICKET, EncTicketPart.class);
+            tgsKey, KeyUsage.KDC_REP_TICKET, EncTicketPart.class);
         tgtTicket.setEncPart(encPart);
 
         EncryptionKey encKey = null;
@@ -117,7 +141,7 @@ public class TgsRequest extends KdcRequest {
             throw new KrbException(KrbErrorCode.KRB_AP_ERR_NOKEY);
         }
         Authenticator authenticator = EncryptionUtil.unseal(apReq.getEncryptedAuthenticator(),
-                encKey, KeyUsage.TGS_REQ_AUTH, Authenticator.class);
+            encKey, KeyUsage.TGS_REQ_AUTH, Authenticator.class);
 
         if (!authenticator.getCname().equals(tgtTicket.getEncPart().getCname())) {
             throw new KrbException(KrbErrorCode.KRB_AP_ERR_BADMATCH);
@@ -140,7 +164,7 @@ public class TgsRequest extends KdcRequest {
         setClientEntry(clientEntry);
 
         if (!authenticator.getCtime().isInClockSkew(
-                getKdcContext().getConfig().getAllowableClockSkew() * 1000)) {
+            getKdcContext().getConfig().getAllowableClockSkew() * 1000)) {
             throw new KrbException(KrbErrorCode.KRB_AP_ERR_SKEW);
         }
 
@@ -163,6 +187,9 @@ public class TgsRequest extends KdcRequest {
         setTgtSessionKey(tgtTicket.getEncPart().getKey());
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     protected void makeReply() throws KrbException {
         Ticket ticket = getTicket();
@@ -187,12 +214,15 @@ public class TgsRequest extends KdcRequest {
             sessionKey = getTgtSessionKey();
         }
         EncryptedData encryptedData = EncryptionUtil.seal(encKdcRepPart,
-                sessionKey, KeyUsage.TGS_REP_ENCPART_SESSKEY);
+            sessionKey, KeyUsage.TGS_REP_ENCPART_SESSKEY);
         reply.setEncryptedEncPart(encryptedData);
 
         setReply(reply);
     }
 
+    /**
+     * Make EncKdcRepPart.
+     */
     private EncKdcRepPart makeEncKdcRepPart() {
         KdcReq request = getKdcReq();
         Ticket ticket = getTicket();

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
index 393b006..f3b19b5 100644
--- a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
+++ b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
@@ -38,6 +38,9 @@ public class SimpleKdcServer extends KdcServer {
 
     private File workDir;
 
+    /**
+     * Default constructor.
+     */
     public SimpleKdcServer() throws KrbException {
         super();
         this.krbClnt = new KrbClient();
@@ -55,18 +58,27 @@ public class SimpleKdcServer extends KdcServer {
         return workDir;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setKdcRealm(String realm) {
         super.setKdcRealm(realm);
         krbClnt.setKdcRealm(realm);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setKdcHost(String kdcHost) {
         super.setKdcHost(kdcHost);
         krbClnt.setKdcHost(kdcHost);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setKdcTcpPort(int kdcTcpPort) {
         super.setKdcTcpPort(kdcTcpPort);
@@ -74,18 +86,27 @@ public class SimpleKdcServer extends KdcServer {
         setAllowTcp(true);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setAllowUdp(boolean allowUdp) {
         super.setAllowUdp(allowUdp);
         krbClnt.setAllowUdp(allowUdp);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setAllowTcp(boolean allowTcp) {
         super.setAllowTcp(allowTcp);
         krbClnt.setAllowTcp(allowTcp);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setKdcUdpPort(int kdcUdpPort) {
         super.setKdcUdpPort(kdcUdpPort);
@@ -93,6 +114,9 @@ public class SimpleKdcServer extends KdcServer {
         setAllowUdp(true);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void init() throws KrbException {
         super.init();
@@ -109,6 +133,9 @@ public class SimpleKdcServer extends KdcServer {
         }
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void start() throws KrbException {
         super.start();
@@ -116,27 +143,48 @@ public class SimpleKdcServer extends KdcServer {
         krbClnt.init();
     }
 
+    /**
+     * Get krb client.
+     * @return KrbClient
+     */
     public KrbClient getKrbClient() {
         return krbClnt;
     }
 
     /**
      * Get Kadmin operation interface.
-     * @return
+     * @return Kadmin
      */
     public Kadmin getKadmin() {
         return kadmin;
     }
 
+
+    /**
+     * Create principal with principal name.
+     *
+     * @param principal The principal name
+     */
     public void createPrincipal(String principal) throws KrbException {
         kadmin.addPrincipal(principal);
     }
 
+    /**
+     * Create principal with principal name and password.
+     *
+     * @param principal The principal name
+     * @param password The password to create keys
+     */
     public void createPrincipal(String principal,
                                 String password) throws KrbException {
         kadmin.addPrincipal(principal, password);
     }
 
+    /**
+     * Create principals.
+     *
+     * @param principals The principal list
+     */
     public void createPrincipals(String ... principals) throws KrbException {
         for (String principal : principals) {
             kadmin.addPrincipal(principal);
@@ -145,6 +193,9 @@ public class SimpleKdcServer extends KdcServer {
 
     /**
      * Creates principals and export their keys to the specified keytab file.
+     *
+     * @param keytabFile The keytab file to store principal keys
+     * @param principals The principals to be create
      */
     public void createAndExportPrincipals(File keytabFile,
                                 String ... principals) throws KrbException {
@@ -152,16 +203,31 @@ public class SimpleKdcServer extends KdcServer {
         exportPrincipals(keytabFile);
     }
 
+    /**
+     * Delete principals.
+     *
+     * @param principals The principals to be delete
+     */
     public void deletePrincipals(String ... principals) throws KrbException {
         for (String principal : principals) {
             deletePrincipal(principal);
         }
     }
 
+    /**
+     * Delete principal.
+     *
+     * @param principal The principal to be delete
+     */
     public void deletePrincipal(String principal) throws KrbException {
         kadmin.deletePrincipal(principal);
     }
 
+    /**
+     * Export principals to keytab file.
+     *
+     * @param keytabFile The keytab file
+     */
     public void exportPrincipals(File keytabFile) throws KrbException {
         kadmin.exportKeytab(keytabFile);
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java
b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java
index 151ab7e..0b66b16 100644
--- a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java
+++ b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtAuthToken.java
@@ -6,16 +6,16 @@
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
- *  
+ *
  *    http://www.apache.org/licenses/LICENSE-2.0
- *  
+ *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License. 
- *  
+ *
  */
 package org.apache.kerby.kerberos.provider.token;
 
@@ -64,101 +64,161 @@ public class JwtAuthToken implements AuthToken {
         return jwt;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String getSubject() {
         return jwtClaims.getSubject();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setSubject(String sub) {
         jwtClaims.setSubject(sub);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String getIssuer() {
         return jwtClaims.getIssuer();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setIssuer(String issuer) {
         jwtClaims.setIssuer(issuer);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public List<String> getAudiences() {
         return jwtClaims.getAudience();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setAudiences(List<String> audiences) {
         jwtClaims.setAudience(audiences);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public boolean isIdToken() {
         return isIdToken;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void isIdToken(boolean isIdToken) {
         this.isIdToken = isIdToken;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public boolean isAcToken() {
         return isAcToken;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void isAcToken(boolean isAcToken) {
         this.isAcToken = isAcToken;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public boolean isBearerToken() {
         return true;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public boolean isHolderOfKeyToken() {
         return false;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public Date getExpiredTime() {
         return jwtClaims.getExpirationTime();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setExpirationTime(Date exp) {
         jwtClaims.setExpirationTime(exp);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public Date getNotBeforeTime() {
         return jwtClaims.getNotBeforeTime();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setNotBeforeTime(Date nbt) {
         jwtClaims.setNotBeforeTime(nbt);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public Date getIssueTime() {
         return jwtClaims.getIssueTime();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setIssueTime(Date iat) {
         jwtClaims.setIssueTime(iat);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public Map<String, Object> getAttributes() {
         return jwtClaims.getAllClaims();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void addAttribute(String name, Object value) {
         jwtClaims.setCustomClaim(name, value);

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java
b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java
index c0a6eed..9c7eb5f 100644
--- a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java
+++ b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenDecoder.java
@@ -47,6 +47,9 @@ public class JwtTokenDecoder implements TokenDecoder {
     private RSAPublicKey verifyKey;
     private List<String> audiences = null;
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public AuthToken decodeFromBytes(byte[] content) throws IOException {
         String tokenStr = new String(content, Charset.forName("UTF-8"));
@@ -54,6 +57,9 @@ public class JwtTokenDecoder implements TokenDecoder {
         return decodeFromString(tokenStr);
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public AuthToken decodeFromString(String content) throws IOException {
        JWT jwt = null;

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java
b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java
index 5970441..707b231 100644
--- a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java
+++ b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenEncoder.java
@@ -6,16 +6,16 @@
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
- *  
+ *
  *    http://www.apache.org/licenses/LICENSE-2.0
- *  
+ *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License. 
- *  
+ *
  */
 package org.apache.kerby.kerberos.provider.token;
 
@@ -52,12 +52,18 @@ public class JwtTokenEncoder implements TokenEncoder {
     private RSAPublicKey encryptionKey;
     private RSAPrivateKey signKey;
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public byte[] encodeAsBytes(AuthToken token) throws KrbException {
         String tokenStr = encodeAsString(token);
         return tokenStr.getBytes(Charset.forName("UTF-8"));
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String encodeAsString(AuthToken token) throws KrbException {
         if (!(token instanceof JwtAuthToken)) {
@@ -86,8 +92,8 @@ public class JwtTokenEncoder implements TokenEncoder {
             if (encryptionKey != null) {
                 // Create JWE object with signedJWT as payload
                 JWEObject jweObject = new JWEObject(
-                    new JWEHeader.Builder(jweAlgorithm, encryptionMethod).contentType("JWT").build(),
-                    new Payload(signedJWT));
+                        new JWEHeader.Builder(jweAlgorithm, encryptionMethod).contentType("JWT").build(),
+                        new Payload(signedJWT));
                 try {
                     jweObject.encrypt(new RSAEncrypter(encryptionKey));
                 } catch (JOSEException e) {

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenProvider.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenProvider.java
b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenProvider.java
index 85f34c8..f40c0e5 100644
--- a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenProvider.java
+++ b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtTokenProvider.java
@@ -30,16 +30,25 @@ import org.apache.kerby.kerberos.kerb.spec.base.AuthToken;
  */
 public class JwtTokenProvider implements TokenProvider {
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public TokenEncoder createTokenEncoder() {
         return new JwtTokenEncoder();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public TokenDecoder createTokenDecoder() {
         return new JwtTokenDecoder();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public TokenFactory createTokenFactory() {
         return new TokenFactory() {

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtUtil.java
----------------------------------------------------------------------
diff --git a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtUtil.java
b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtUtil.java
index f79d217..17a7a10 100644
--- a/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtUtil.java
+++ b/kerby-provider/token-provider/src/main/java/org/apache/kerby/kerberos/provider/token/JwtUtil.java
@@ -8,6 +8,11 @@ import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
  */
 public class JwtUtil {
 
+    /**
+     * Get jwt claims set from read only jwt claims set
+     *
+     * @param readOnlyClaims
+     */
     public static JWTClaimsSet from(ReadOnlyJWTClaimsSet readOnlyClaims) {
         JWTClaimsSet result = new JWTClaimsSet(readOnlyClaims);
 

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
----------------------------------------------------------------------
diff --git a/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
b/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
index a0dc587..e7a7f8b 100644
--- a/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
+++ b/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/kinit/KinitOption.java
@@ -6,16 +6,16 @@
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
- *  
+ *
  *    http://www.apache.org/licenses/LICENSE-2.0
- *  
+ *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License. 
- *  
+ *
  */
 package org.apache.kerby.kerberos.tool.kinit;
 
@@ -74,31 +74,49 @@ public enum KinitOption implements KOption {
         this.type = type;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String getOptionName() {
         return name();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setType(KOptionType type) {
         this.type = type;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public KOptionType getType() {
         return this.type;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setName(String name) {
         this.name = name;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setDescription(String description) {
         this.description = description;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String getName() {
         if (name != null) {
@@ -107,21 +125,33 @@ public enum KinitOption implements KOption {
         return name();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String getDescription() {
         return this.description;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setValue(Object value) {
         this.value = value;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public Object getValue() {
         return value;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     public static KinitOption fromName(String name) {
         if (name != null) {
             for (KinitOption ko : values()) {

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/klist/KlistOption.java
----------------------------------------------------------------------
diff --git a/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/klist/KlistOption.java
b/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/klist/KlistOption.java
index d4e4d31..b4d9383 100644
--- a/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/klist/KlistOption.java
+++ b/kerby-tool/client-tool/src/main/java/org/apache/kerby/kerberos/tool/klist/KlistOption.java
@@ -74,21 +74,33 @@ public enum KlistOption implements KOption {
         return NONE;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String getOptionName() {
         return name();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public KOptionType getType() {
         return this.type;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setType(KOptionType type) {
         this.type = type;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String getName() {
         if (name != null) {
@@ -97,26 +109,41 @@ public enum KlistOption implements KOption {
         return name();
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setName(String name) {
         this.name = name;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public String getDescription() {
         return this.description;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setDescription(String description) {
         this.description = description;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public Object getValue() {
         return value;
     }
 
+    /**
+     * {@inheritDoc}
+     */
     @Override
     public void setValue(Object value) {
         this.value = value;

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/b9fc6d67/kerby-util/src/main/java/org/apache/kerby/KOption.java
----------------------------------------------------------------------
diff --git a/kerby-util/src/main/java/org/apache/kerby/KOption.java b/kerby-util/src/main/java/org/apache/kerby/KOption.java
index 3809232..1673395 100644
--- a/kerby-util/src/main/java/org/apache/kerby/KOption.java
+++ b/kerby-util/src/main/java/org/apache/kerby/KOption.java
@@ -6,36 +6,85 @@
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
- *  
+ *
  *    http://www.apache.org/licenses/LICENSE-2.0
- *  
+ *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License. 
- *  
+ *
  */
 package org.apache.kerby;
 
 public interface KOption {
 
+    /**
+     * Set koption type.
+     *
+     * @param type
+     */
     void setType(KOptionType type);
 
+    /**
+     * Get koption type.
+     *
+     * @return The koption type
+     */
     KOptionType getType();
 
+    /**
+     * Get option name.
+     *
+     * @return The koption name
+     */
     String getOptionName();
 
+
+    /**
+     * Set name.
+     *
+     * @param name The name
+     */
     void setName(String name);
 
+    /**
+     * Get name.
+     *
+     * @return The name
+     */
     String getName();
 
+
+    /**
+     * Set description.
+     *
+     * @param description The description
+     */
     void setDescription(String description);
 
+    /**
+     * Get description.
+     *
+     * @return The description
+     */
     String getDescription();
 
+
+    /**
+     * Set value.
+     *
+     * @param value The value
+     */
     void setValue(Object value);
 
+
+    /**
+     * Get value.
+     *
+     * @return The value
+     */
     Object getValue();
 }


Mime
View raw message