directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From plusplusjia...@apache.org
Subject [20/36] directory-kerby git commit: Rename 1.0.0-RC1-APIs to 1.0.0-rc1.
Date Mon, 15 Feb 2016 02:42:44 GMT
Rename 1.0.0-RC1-APIs to 1.0.0-rc1.


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/5ae35e26
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/5ae35e26
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/5ae35e26

Branch: refs/heads/kadmin-remote
Commit: 5ae35e263619bb8ce50a60cd113d75e766425743
Parents: 84a982d
Author: plusplusjiajia <jiajia.li@intel.com>
Authored: Tue Jan 26 15:42:13 2016 +0800
Committer: plusplusjiajia <jiajia.li@intel.com>
Committed: Tue Jan 26 15:42:13 2016 +0800

----------------------------------------------------------------------
 docs/1.0.0-RC1-APIs/1.0.0-RC1-release-note.md |  67 ----
 docs/1.0.0-RC1-APIs/kadmin.md                 |  77 ----
 docs/1.0.0-RC1-APIs/kdcserver.md              |  71 ----
 docs/1.0.0-RC1-APIs/kerby-asn1.md             | 302 ----------------
 docs/1.0.0-RC1-APIs/krbclient.md              |  51 ---
 docs/1.0.0-RC1-APIs/simplekdc.md              |  84 -----
 docs/1.0.0-RC2-APIs/1.0.0-RC2-release-note.md |  42 ---
 docs/1.0.0-RC2-APIs/kadmin.md                 |  81 -----
 docs/1.0.0-RC2-APIs/kdcserver.md              |  71 ----
 docs/1.0.0-RC2-APIs/kerby-asn1.md             | 388 ---------------------
 docs/1.0.0-RC2-APIs/krbclient.md              | 106 ------
 docs/1.0.0-RC2-APIs/simplekdc.md              |  85 -----
 docs/1.0.0-rc1/1.0.0-RC1-release-note.md      |  67 ++++
 docs/1.0.0-rc1/kadmin.md                      |  77 ++++
 docs/1.0.0-rc1/kdcserver.md                   |  71 ++++
 docs/1.0.0-rc1/kerby-asn1.md                  | 302 ++++++++++++++++
 docs/1.0.0-rc1/krbclient.md                   |  51 +++
 docs/1.0.0-rc1/simplekdc.md                   |  84 +++++
 docs/1.0.0-rc2/1.0.0-RC2-release-note.md      |  42 +++
 docs/1.0.0-rc2/kadmin.md                      |  81 +++++
 docs/1.0.0-rc2/kdcserver.md                   |  71 ++++
 docs/1.0.0-rc2/kerby-asn1.md                  | 388 +++++++++++++++++++++
 docs/1.0.0-rc2/krbclient.md                   | 106 ++++++
 docs/1.0.0-rc2/simplekdc.md                   |  85 +++++
 24 files changed, 1425 insertions(+), 1425 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC1-APIs/1.0.0-RC1-release-note.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC1-APIs/1.0.0-RC1-release-note.md b/docs/1.0.0-RC1-APIs/1.0.0-RC1-release-note.md
deleted file mode 100644
index c8603e6..0000000
--- a/docs/1.0.0-RC1-APIs/1.0.0-RC1-release-note.md
+++ /dev/null
@@ -1,67 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-Apache Kerby 1.0.0-RC1 Release Note
-===================================
-
-In this release 236 JIRA issues were resolved and the following features are supported:
-
-1. Kerberos libraries:
-  - Client
-  - KDC server
-  - Kadmin
-  - Credential cache and keytab utilities
-
-2. Standalone KDC server .
-
-3. Support for various identity backends:
-  - In-memory
-  - JSON
-  - LDAP
-  - Mavibot(MVCC BTree)
-  - Zookeeper
-
-4. Embedded KDC server allows easy integration into products for unit tests or production deployment.
-
-5. FAST/Preauthentication framework to allow popular and useful authentication mechanisms.
-
-6. Token Preauth mechanism to allow clients to request tickets using JWT tokens.
-
-7. Client can request a TGT with:
-  - User plain password credential
-  - User keyTab
-  - User token credential
-
-8. Client can request a service ticket with:
-  - user TGT credential for a server
-  - user AccessToken credential for a server
-
-9. Network support including UDP and TCP transport with two implementations:
-  - Default implementation based on the JRE without depending on other libraries.
-  - Netty based implementation for better throughput, lower latency.
-
-10. Tools:
-  - kdcinit: Initialize and prepare KDC, like choose storage type, setting up necessary principals (tgs, kadmin) etc.
-  - kadmin: Command-line interfaces to administration system.
-  - kinit: Obtains and caches an initial ticket-granting ticket for principal.
-  - klist: Lists the Kerby principal and tickets held in a credentials cache, or the keys held in a keytab file.
-
-11. Support for JAAS, GSSAPI and SASL frameworks that applications can leverage the authentication mechanisms provided by Kerby.
-
-12. Building support: checking style and find bugs.

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC1-APIs/kadmin.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC1-APIs/kadmin.md b/docs/1.0.0-RC1-APIs/kadmin.md
deleted file mode 100644
index eebb949..0000000
--- a/docs/1.0.0-RC1-APIs/kadmin.md
+++ /dev/null
@@ -1,77 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-kerb-admin
-============
-
-### Initiate a Kadmin
-* Initiate a Kadmin with confDir.
-<pre>
-Kadmin kadmin = new Kadmin(confDir);
-</pre>
-* Initiate a Kadmin with kdcSetting and backend.
-<pre>
-Kadmin kadmin = new Kadmin(kdcSetting, backend);
-</pre>
-
-### Principal operating
-* Add principle with principal name.
-<pre>
-addPrincipal(principal);
-</pre>
-* Add principle with principal name and password.
-<pre>
-addPrincipal(principal, password);
-</pre>
-* Add principle with principal name and kOptions.
-<pre>
-addPrincipal(principal, kOptions);
-</pre>
-* Add principle with principal name, password and kOptions.
-<pre>
-addPrincipal(principal, password kOptions);
-</pre>
-* Delete principle with principal name.
-<pre>
-deletePrincipal(principal);
-</pre>
-* Modify principle with principal name and kOptions.
-<pre>
-modifyPrincipal(principal, kOptions);
-</pre>
-* Rename principle.
-<pre>
-renamePrincipal(oldPrincipalName, newPrincipalName);
-</pre>
-* Get principle with principal name.
-<pre>
-getPrincipal(principalName);
-</pre>
-* Get all the principles.
-<pre>
-getPrincipals();
-</pre>
-* Update password with principal name and new password.
-<pre>
-updatePassword(principal, newPassword);
-</pre>
-* Export all identity keys to the specified keytab file.
-<pre>
-exportKeyTab(keyTabFile);
-</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC1-APIs/kdcserver.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC1-APIs/kdcserver.md b/docs/1.0.0-RC1-APIs/kdcserver.md
deleted file mode 100644
index 76f2310..0000000
--- a/docs/1.0.0-RC1-APIs/kdcserver.md
+++ /dev/null
@@ -1,71 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-kerb-server
-============
-
-### Initiate kdc server
-* Initiate a kdc server with prepared confDir.
-<pre>
-KdcServer server = new KdcServer(confDir);
-</pre>
-
-### Start and set kdc server
-* Start kdc server.
-<pre>
-start();
-</pre>
-* Set KDC realm for ticket request
-<pre>
-setKdcRealm(realm);
-</pre>
-* Set KDC host.
-<pre>
-setKdcHost(kdcHost);
-</pre>
-* Set KDC tcp port.
-<pre>
-setKdcTcpPort(kdcTcpPort);
-</pre>
-* Set KDC udp port. Only makes sense when allowUdp is set.
-<pre>
-setKdcUdpPort(kdcUdpPort);
-</pre>
-* Set to allow TCP or not.
-<pre>
-setAllowTcp(allowTcp);
-</pre>
-* Set to allow UDP or not.
-<pre>
-setAllowUdp(allowUdp);
-</pre>
-* Allow to debug so have more logs.
-<pre>
-enableDebug();
-</pre>
-* Allow to hook customized kdc implementation.
-<pre>
-setInnerKdcImpl(innerKdcImpl);
-</pre>
-
-### Stop kdc server
-* Start kdc server.
-<pre>
-stop();
-</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC1-APIs/kerby-asn1.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC1-APIs/kerby-asn1.md b/docs/1.0.0-RC1-APIs/kerby-asn1.md
deleted file mode 100644
index 5ca2e17..0000000
--- a/docs/1.0.0-RC1-APIs/kerby-asn1.md
+++ /dev/null
@@ -1,302 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-kerby-asn1
-=========
-
-### A ASN1 parser with easy and simple API
-
-```
-// encoding
-Asn1Integer aValue = new Asn1Integer(8899);
-byte[] encoded = aValue.encode();
-
-// decoding
-byte[] contentToDecode = ...
-Asn1Integer decodedValue = new Asn1Integer();
-decodedValue.decode(contentToDecode);
-Integer value = decodedValue.getValue();
-```
-
-### Data-driven ASN1 encoding/decoding framework and parser
-
-With the following definition from Kerberos protocol
-```
- AuthorizationData ::= SEQUENCE OF SEQUENCE {
-     ad-type         [0] Int32,
-     ad-data         [1] OCTET STRING
- }
- ```
-
-You can model AuthzDataEntry as follows
-```java
-public class AuthzDataEntry extends Asn1SequenceType {
-    static int AD_TYPE = 0;
-    static int AD_DATA = 1;
-
-    public AuthzDataEntry() {
-        super(new Asn1FieldInfo[] {
-                new Asn1FieldInfo(AD_TYPE, Asn1Integer.class),
-                new Asn1FieldInfo(AD_DATA, Asn1OctetString.class)
-        });
-    }
-
-    public int getAuthzType() {
-        Integer value = getFieldAsInteger(AD_TYPE);
-        return value;
-    }
-
-    public byte[] getAuthzData() {
-        return getFieldAsOctetBytes(AD_DATA);
-    }
-}
-```
-
-And then define AuthorizationData simply
-```java
-public class AuthorizationData extends Asn1SequenceOf<AuthzDataEntry> {
-
-}
-```
-
-Then you can process with above definitions, encode and decode, without caring about the details.
-
-Think about how to implement the following more complex and pratical sample from [ITU-T Rec. X.680 ISO/IEC 8824-1](http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf):
-```
-A.1 ASN.1 description of the record structure
-The structure of the hypothetical personnel record is formally described below using ASN.1 specified in
-ITU-T Rec. X.680 | ISO/IEC 8824-1 for defining types.
-
-PersonnelRecord ::= [APPLICATION 0] IMPLICIT SET {
-    Name Name,
-    title [0] VisibleString,
-    number EmployeeNumber,
-    dateOfHire [1] Date,
-    nameOfSpouse [2] Name,
-    children [3] IMPLICIT
-    SEQUENCE OF ChildInformation DEFAULT {}
-}
-
-ChildInformation ::= SET {
-    name Name,
-    dateOfBirth [0] Date
-}
-
-Name ::= [APPLICATION 1] IMPLICIT SEQUENCE {
-    givenName VisibleString,
-    initial VisibleString,
-    familyName VisibleString
-}
-
-EmployeeNumber ::= [APPLICATION 2] IMPLICIT INTEGER
-Date ::= [APPLICATION 3] IMPLICIT VisibleString -- YYYYMMDD
-```
-Similarly as above, we can have (from the unit test codes):
-```java
-public class PersonnelRecord extends TaggingSet {
-    private static int NAME = 0;
-    private static int TITLE = 1;
-    private static int NUMBER = 2;
-    private static int DATEOFHIRE= 3;
-    private static int NAMEOFSPOUSE = 4;
-    private static int CHILDREN = 5;
-
-    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
-            new Asn1FieldInfo(NAME, -1, Name.class),
-            new Asn1FieldInfo(TITLE, 0, Asn1VisibleString.class),
-            new Asn1FieldInfo(NUMBER, -1, EmployeeNumber.class),
-            new Asn1FieldInfo(DATEOFHIRE, 1, Date.class),
-            new Asn1FieldInfo(NAMEOFSPOUSE, 2, Name.class),
-            new Asn1FieldInfo(CHILDREN, 3, Children.class, true)
-    };
-
-    public PersonnelRecord() {
-        super(0, fieldInfos, true);
-        setEncodingOption(EncodingOption.IMPLICIT);
-    }
-
-    public void setName(Name name) {
-        setFieldAs(NAME, name);
-    }
-
-    public Name getName() {
-        return getFieldAs(NAME, Name.class);
-    }
-
-    public void setTitle(String title) {
-        setFieldAs(TITLE, new Asn1VisibleString(title));
-    }
-
-    public String getTitle() {
-        return getFieldAsString(TITLE);
-    }
-
-    public void setEmployeeNumber(EmployeeNumber employeeNumber) {
-        setFieldAs(NUMBER, employeeNumber);
-    }
-
-    public EmployeeNumber getEmployeeNumber() {
-        return getFieldAs(NUMBER, EmployeeNumber.class);
-    }
-
-    public void setDateOfHire(Date dateOfHire) {
-        setFieldAs(DATEOFHIRE, dateOfHire);
-    }
-
-    public Date getDateOfHire() {
-        return getFieldAs(DATEOFHIRE, Date.class);
-    }
-
-    public void setNameOfSpouse(Name spouse) {
-        setFieldAs(NAMEOFSPOUSE, spouse);
-    }
-
-    public Name getNameOfSpouse() {
-        return getFieldAs(NAMEOFSPOUSE, Name.class);
-    }
-
-    public void setChildren(Children children) {
-        setFieldAs(CHILDREN, children);
-    }
-
-    public Children getChildren() {
-        return getFieldAs(CHILDREN, Children.class);
-    }
-
-    public static class Children extends Asn1SequenceOf<ChildInformation> {
-        public Children(ChildInformation ... children) {
-            super();
-            for (ChildInformation child : children) {
-                addElement(child);
-            }
-        }
-
-        public Children() {
-            super();
-        }
-    }
-
-    public static class ChildInformation extends Asn1SetType {
-        private static int NAME = 0;
-        private static int DATEOFBIRTH = 1;
-
-        static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
-                new Asn1FieldInfo(NAME, -1, Name.class),
-                new Asn1FieldInfo(DATEOFBIRTH, 0, Date.class)
-        };
-
-        public ChildInformation() {
-            super(tags);
-        }
-
-        public void setName(Name name) {
-            setFieldAs(NAME, name);
-        }
-
-        public Name getName() {
-            return getFieldAs(NAME, Name.class);
-        }
-
-        public void setDateOfBirth(Date date) {
-            setFieldAs(DATEOFBIRTH, date);
-        }
-
-        public Date getDateOfBirth() {
-            return getFieldAs(DATEOFBIRTH, Date.class);
-        }
-    }
-
-    public static class Name extends TaggingSequence {
-        private static int GIVENNAME = 0;
-        private static int INITIAL = 1;
-        private static int FAMILYNAME = 2;
-
-        static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
-                new Asn1FieldInfo(GIVENNAME, -1, Asn1VisibleString.class),
-                new Asn1FieldInfo(INITIAL, -1, Asn1VisibleString.class),
-                new Asn1FieldInfo(FAMILYNAME, -1, Asn1VisibleString.class)
-        };
-
-        public Name() {
-            super(1, tags, true);
-            setEncodingOption(EncodingOption.IMPLICIT);
-        }
-
-        public Name(String givenName, String initial, String familyName) {
-            this();
-            setGivenName(givenName);
-            setInitial(initial);
-            setFamilyName(familyName);
-        }
-
-        public void setGivenName(String givenName) {
-            setFieldAs(GIVENNAME, new Asn1VisibleString(givenName));
-        }
-
-        public String getGivenName() {
-            return getFieldAsString(GIVENNAME);
-        }
-
-        public void setInitial(String initial) {
-            setFieldAs(INITIAL, new Asn1VisibleString(initial));
-        }
-
-        public String getInitial() {
-            return getFieldAsString(INITIAL);
-        }
-
-        public void setFamilyName(String familyName) {
-            setFieldAs(FAMILYNAME, new Asn1VisibleString(familyName));
-        }
-
-        public String getFamilyName() {
-            return getFieldAsString(FAMILYNAME);
-        }
-    }
-
-    public static class EmployeeNumber extends Asn1Tagging<Asn1Integer> {
-        public EmployeeNumber(Integer value) {
-            super(2, new Asn1Integer(value), true);
-            setEncodingOption(EncodingOption.IMPLICIT);
-        }
-        public EmployeeNumber() {
-            this(null);
-        }
-    }
-
-    public static class Date extends Asn1Tagging<Asn1VisibleString> {
-        public Date(String value) {
-            super(3, new Asn1VisibleString(value), true);
-            setEncodingOption(EncodingOption.IMPLICIT);
-        }
-        public Date() {
-            this(null);
-        }
-    }
-}
-```
-### Notes
-* 90% tests coverage for DER encoding
-* For BER & CER encoding, to be fully supported
-* No extra dependency
-
-### License
-Apache V2 License
-
-
-

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC1-APIs/krbclient.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC1-APIs/krbclient.md b/docs/1.0.0-RC1-APIs/krbclient.md
deleted file mode 100644
index 14a4972..0000000
--- a/docs/1.0.0-RC1-APIs/krbclient.md
+++ /dev/null
@@ -1,51 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-kerb-client
-============
-
-### Initiate a KrbClient
-* Initiate a KrbClient with prepared KrbConfig.
-<pre>
-KrbClient krbClient = new KrbClient(krbConfig);
-</pre>
-* Initiate a KrbClient with with conf dir.
-<pre>
-KrbClient krbClient = new KrbClient(confDir);
-</pre>
-
-### Request a TGT
-* Request a TGT with user plain password credential
-<pre>
-requestTgtWithPassword(principal, password);
-</pre>
-* Request a TGT with user token credential
-<pre>
-requestTgtWithToken(token, armorCache);
-</pre>
-
-### Request a service ticket
-* Request a service ticket with user TGT credential for a server
-<pre>
-requestServiceTicketWithTgt(tgt, serverPrincipal);
-</pre>
-* Request a service ticket with user AccessToken credential for a server
-<pre>
-requestServiceTicketWithAccessToken(accessToken, serverPrincipal, armorCache);
-</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC1-APIs/simplekdc.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC1-APIs/simplekdc.md b/docs/1.0.0-RC1-APIs/simplekdc.md
deleted file mode 100644
index 08c03ee..0000000
--- a/docs/1.0.0-RC1-APIs/simplekdc.md
+++ /dev/null
@@ -1,84 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-kerb-simplekdc
-============
-
-### Kdc server
-</pre>
-* Start simple kdc server.
-<pre>
-start();
-</pre>
-* Set KDC realm for ticket request
-<pre>
-setKdcRealm(realm);
-</pre>
-* Set KDC host.
-<pre>
-setKdcHost(kdcHost);
-</pre>
-* Set KDC tcp port.
-<pre>
-setKdcTcpPort(kdcTcpPort);
-</pre>
-* Set KDC udp port. Only makes sense when allowUdp is set.
-<pre>
-setKdcUdpPort(kdcUdpPort);
-</pre>
-* Set to allow TCP or not.
-<pre>
-setAllowTcp(allowTcp);
-</pre>
-* Set to allow UDP or not.
-<pre>
-setAllowUdp(allowUdp);
-
-### Kadmin
-</pre>
-* Create principle with principal name.
-<pre>
-createPrincipal(principal);
-</pre>
-* Add principle with principal name and password.
-<pre>
-createPrincipal(principal, password);
-</pre>
-* Create principles with principal names.
-<pre>
-createPrincipals(principals);
-</pre>
-* Creates principals and export their keys to the specified keytab file.
-<pre>
-createAndExportPrincipals(keytabFile principals);
-</pre>
-* Delete principle with principal name.
-<pre>
-deletePrincipal(principal);
-</pre>
-</pre>
-* Delete principles with principal names.
-<pre>
-deletePrincipals(principals);
-</pre>
-</pre>
-* Export principles to keytab file.
-<pre>
-exportPrincipals(keytabFile);
-</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC2-APIs/1.0.0-RC2-release-note.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC2-APIs/1.0.0-RC2-release-note.md b/docs/1.0.0-RC2-APIs/1.0.0-RC2-release-note.md
deleted file mode 100644
index f9b9b61..0000000
--- a/docs/1.0.0-RC2-APIs/1.0.0-RC2-release-note.md
+++ /dev/null
@@ -1,42 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-Apache Kerby 1.0.0-RC2 Release Note
-===================================
-
-105 JIRA issues were resolved and with the following Features and important changes since 1.0.0-RC1:
-
-- 1. Anonymous PKINIT support(BETA): allows a client to obtain anonymous credentials without authenticating as any particular principal.
-- 2. PKINIT in RSA case (75%).
-- 3. Finished token support:
-  - Add ability to encrypt and sign using non-RSA keys;
-  - Get the verify key for signed JWT token from kdc config;
-  - Token issuer must be trusted as one of preconfigured issuers;
-  - Add support for decrypting JWT tokens in the KDC.
-- 4. PKIX CMS/X509 support.
-- 5. Full BER encoding support.
-- 6. Improved the ASN1 framework:
-  - Separate Asn1 parser;
-  - Support decoding of primitive but constructed encoded types;
-  - Allow to define explicit and implicit fields more easily for collection types;
-  - Providing an API to use some useful ASN1 functions by consolidating existing utilities
-- 7. Dump support for Asn1.
-  - provide an ASN1 dumping tool for troubleshooting
-  - Including built-in ASN1 types and user defined types.
-- 8. Separate KrbClient, KrbTokenClient, and KrbPkinitClient APIs.

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC2-APIs/kadmin.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC2-APIs/kadmin.md b/docs/1.0.0-RC2-APIs/kadmin.md
deleted file mode 100644
index e8533b9..0000000
--- a/docs/1.0.0-RC2-APIs/kadmin.md
+++ /dev/null
@@ -1,81 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-kerb-admin
-============
-## Local mode
-### Initiate a LocalKadminImpl
-* Initiate a LocalKadminImpl with prepared KdcConfig and BackendConfig.
-<pre>
-LocalKadmin kadmin = new LocalKadminImpl(kdcConfig, backendConfig);
-</pre>
-* Initiate a LocalKadmin with confDir.
-<pre>
-LocalKadmin kadmin = new LocalKadminImpl(confDir);
-</pre>
-* Initiate a LocalKadmin with kdcSetting and backend.
-<pre>
-LocalKadmin kadmin = new LocalKadminImpl(kdcSetting, backend);
-</pre>
-
-### Principal operating
-* Add principle with principal name.
-<pre>
-addPrincipal(principal);
-</pre>
-* Add principle with principal name and password.
-<pre>
-addPrincipal(principal, password);
-</pre>
-* Add principle with principal name and kOptions.
-<pre>
-addPrincipal(principal, kOptions);
-</pre>
-* Add principle with principal name, password and kOptions.
-<pre>
-addPrincipal(principal, password kOptions);
-</pre>
-* Delete principle with principal name.
-<pre>
-deletePrincipal(principal);
-</pre>
-* Modify principle with principal name and kOptions.
-<pre>
-modifyPrincipal(principal, kOptions);
-</pre>
-* Rename principle.
-<pre>
-renamePrincipal(oldPrincipalName, newPrincipalName);
-</pre>
-* Get principle with principal name.
-<pre>
-getPrincipal(principalName);
-</pre>
-* Get all the principles.
-<pre>
-getPrincipals();
-</pre>
-* Update password with principal name and new password.
-<pre>
-updatePassword(principal, newPassword);
-</pre>
-* Export all identity keys to the specified keytab file.
-<pre>
-exportKeyTab(keyTabFile);
-</pre>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC2-APIs/kdcserver.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC2-APIs/kdcserver.md b/docs/1.0.0-RC2-APIs/kdcserver.md
deleted file mode 100644
index 76f2310..0000000
--- a/docs/1.0.0-RC2-APIs/kdcserver.md
+++ /dev/null
@@ -1,71 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-kerb-server
-============
-
-### Initiate kdc server
-* Initiate a kdc server with prepared confDir.
-<pre>
-KdcServer server = new KdcServer(confDir);
-</pre>
-
-### Start and set kdc server
-* Start kdc server.
-<pre>
-start();
-</pre>
-* Set KDC realm for ticket request
-<pre>
-setKdcRealm(realm);
-</pre>
-* Set KDC host.
-<pre>
-setKdcHost(kdcHost);
-</pre>
-* Set KDC tcp port.
-<pre>
-setKdcTcpPort(kdcTcpPort);
-</pre>
-* Set KDC udp port. Only makes sense when allowUdp is set.
-<pre>
-setKdcUdpPort(kdcUdpPort);
-</pre>
-* Set to allow TCP or not.
-<pre>
-setAllowTcp(allowTcp);
-</pre>
-* Set to allow UDP or not.
-<pre>
-setAllowUdp(allowUdp);
-</pre>
-* Allow to debug so have more logs.
-<pre>
-enableDebug();
-</pre>
-* Allow to hook customized kdc implementation.
-<pre>
-setInnerKdcImpl(innerKdcImpl);
-</pre>
-
-### Stop kdc server
-* Start kdc server.
-<pre>
-stop();
-</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC2-APIs/kerby-asn1.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC2-APIs/kerby-asn1.md b/docs/1.0.0-RC2-APIs/kerby-asn1.md
deleted file mode 100644
index f8717e3..0000000
--- a/docs/1.0.0-RC2-APIs/kerby-asn1.md
+++ /dev/null
@@ -1,388 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-kerby-asn1
-=========
-
-### A ASN1 parser with easy and simple API
-
-```
-// encoding
-Asn1Integer aValue = new Asn1Integer(8899);
-byte[] encoded = aValue.encode();
-
-// decoding
-byte[] contentToDecode = ...
-Asn1Integer decodedValue = new Asn1Integer();
-decodedValue.decode(contentToDecode);
-Integer value = decodedValue.getValue();
-```
-
-### Data-driven ASN1 encoding/decoding framework and parser
-
-With the following definition from Kerberos protocol
-```
- AuthorizationData ::= SEQUENCE OF SEQUENCE {
-     ad-type         [0] Int32,
-     ad-data         [1] OCTET STRING
- }
- ```
-
-You can model AuthzDataEntry as follows
-```java
-public class AuthorizationDataEntry extends KrbSequenceType {
-    /**
-     * The possible fields
-     */
-    protected enum AuthorizationDataEntryField implements EnumType {
-        AD_TYPE,
-        AD_DATA;
-
-        /**
-         * {@inheritDoc}
-         */
-        @Override
-        public int getValue() {
-            return ordinal();
-        }
-
-        /**
-         * {@inheritDoc}
-         */
-        @Override
-        public String getName() {
-            return name();
-        }
-    }
-
-    /** The AuthorizationDataEntry's fields */
-    private static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
-            new ExplicitField(AuthorizationDataEntryField.AD_TYPE, Asn1Integer.class),
-            new ExplicitField(AuthorizationDataEntryField.AD_DATA, Asn1OctetString.class)
-    };
-
-    /**
-     * Creates an AuthorizationDataEntry instance
-     */
-    public AuthorizationDataEntry() {
-        super(fieldInfos);
-    }
-
-    /**
-     * @return The AuthorizationType (AD_TYPE) field
-     */
-    public AuthorizationType getAuthzType() {
-        Integer value = getFieldAsInteger(AuthorizationDataEntryField.AD_TYPE);
-        return AuthorizationType.fromValue(value);
-    }
-
-    /**
-     * Sets the AuthorizationType (AD_TYPE) field
-     * @param authzType The AuthorizationType to set
-     */
-    public void setAuthzType(AuthorizationType authzType) {
-        setFieldAsInt(AuthorizationDataEntryField.AD_TYPE, authzType.getValue());
-    }
-
-    /**
-     * @return The AuthorizationType (AD_DATA) field
-     */
-    public byte[] getAuthzData() {
-        return getFieldAsOctets(AuthorizationDataEntryField.AD_DATA);
-    }
-
-    /**
-     * Sets the AuthorizationData (AD_DATA) field
-     * @param authzData The AuthorizationData to set
-     */
-    public void setAuthzData(byte[] authzData) {
-        setFieldAsOctets(AuthorizationDataEntryField.AD_DATA, authzData);
-    }
-}
-```
-
-And then define AuthorizationData simply
-```java
-public class AuthorizationData extends KrbSequenceOfType<AuthorizationDataEntry> {
-
-}
-```
-
-Then you can process with above definitions, encode and decode, without caring about the details.
-
-Think about how to implement the following more complex and pratical sample from [ITU-T Rec. X.680 ISO/IEC 8824-1](http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf):
-```
-A.1 ASN.1 description of the record structure
-The structure of the hypothetical personnel record is formally described below using ASN.1 specified in
-ITU-T Rec. X.680 | ISO/IEC 8824-1 for defining types.
-
-PersonnelRecord ::= [APPLICATION 0] IMPLICIT SET {
-    Name Name,
-    title [0] VisibleString,
-    number EmployeeNumber,
-    dateOfHire [1] Date,
-    nameOfSpouse [2] Name,
-    children [3] IMPLICIT
-    SEQUENCE OF ChildInformation DEFAULT {}
-}
-
-ChildInformation ::= SET {
-    name Name,
-    dateOfBirth [0] Date
-}
-
-Name ::= [APPLICATION 1] IMPLICIT SEQUENCE {
-    givenName VisibleString,
-    initial VisibleString,
-    familyName VisibleString
-}
-
-EmployeeNumber ::= [APPLICATION 2] IMPLICIT INTEGER
-Date ::= [APPLICATION 3] IMPLICIT VisibleString -- YYYYMMDD
-```
-Similarly as above, we can have (from the unit test codes):
-```java
-public class PersonnelRecord extends Asn1TaggingSet {
-    protected enum PersonnelRecordField implements EnumType {
-        NAME,
-        TITLE,
-        NUMBER,
-        DATE_OF_HIRE,
-        NAME_OF_SPOUSE,
-        CHILDREN;
-
-        @Override
-        public int getValue() {
-            return ordinal();
-        }
-
-        @Override
-        public String getName() {
-            return name();
-        }
-    }
-
-    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
-            new ExplicitField(PersonnelRecordField.NAME, -1, Name.class),
-            new ExplicitField(PersonnelRecordField.TITLE, 0, Asn1VisibleString.class),
-            new ExplicitField(PersonnelRecordField.NUMBER, -1, EmployeeNumber.class),
-            new ExplicitField(PersonnelRecordField.DATE_OF_HIRE, 1, Date.class),
-            new ExplicitField(PersonnelRecordField.NAME_OF_SPOUSE, 2, Name.class),
-            new ImplicitField(PersonnelRecordField.CHILDREN, 3, Children.class)
-    };
-
-    public PersonnelRecord() {
-        super(0, fieldInfos, true, true);
-    }
-
-    public void setName(Name name) {
-        setFieldAs(PersonnelRecordField.NAME, name);
-    }
-
-    public Name getName() {
-        return getFieldAs(PersonnelRecordField.NAME, Name.class);
-    }
-
-    public void setTitle(String title) {
-        setFieldAs(PersonnelRecordField.TITLE, new Asn1VisibleString(title));
-    }
-
-    public String getTitle() {
-        return getFieldAsString(PersonnelRecordField.TITLE);
-    }
-
-    public void setEmployeeNumber(EmployeeNumber employeeNumber) {
-        setFieldAs(PersonnelRecordField.NUMBER, employeeNumber);
-    }
-
-    public EmployeeNumber getEmployeeNumber() {
-        return getFieldAs(PersonnelRecordField.NUMBER, EmployeeNumber.class);
-    }
-
-    public void setDateOfHire(Date dateOfHire) {
-        setFieldAs(PersonnelRecordField.DATE_OF_HIRE, dateOfHire);
-    }
-
-    public Date getDateOfHire() {
-        return getFieldAs(PersonnelRecordField.DATE_OF_HIRE, Date.class);
-    }
-
-    public void setNameOfSpouse(Name spouse) {
-        setFieldAs(PersonnelRecordField.NAME_OF_SPOUSE, spouse);
-    }
-
-    public Name getNameOfSpouse() {
-        return getFieldAs(PersonnelRecordField.NAME_OF_SPOUSE, Name.class);
-    }
-
-    public void setChildren(Children children) {
-        setFieldAs(PersonnelRecordField.CHILDREN, children);
-    }
-
-    public Children getChildren() {
-        return getFieldAs(PersonnelRecordField.CHILDREN, Children.class);
-    }
-
-    public static class Children extends Asn1SequenceOf<ChildInformation> {
-        public Children(ChildInformation ... children) {
-            super();
-            for (ChildInformation child : children) {
-                addElement(child);
-            }
-        }
-
-        public Children() {
-            super();
-        }
-    }
-
-    public static class ChildInformation extends Asn1SetType {
-        protected enum ChildInformationField implements EnumType {
-            CHILD_NAME,
-            DATE_OF_BIRTH;
-
-            @Override
-            public int getValue() {
-                return ordinal();
-            }
-
-            @Override
-            public String getName() {
-                return name();
-            }
-        }
-
-        static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
-                new ExplicitField(ChildInformationField.CHILD_NAME, -1, Name.class),
-                new ExplicitField(ChildInformationField.DATE_OF_BIRTH, 0, Date.class)
-        };
-
-        public ChildInformation() {
-            super(tags);
-        }
-
-        public void setName(Name name) {
-            setFieldAs(ChildInformationField.CHILD_NAME, name);
-        }
-
-        public Name getName() {
-            return getFieldAs(ChildInformationField.CHILD_NAME, Name.class);
-        }
-
-        public void setDateOfBirth(Date date) {
-            setFieldAs(ChildInformationField.DATE_OF_BIRTH, date);
-        }
-
-        public Date getDateOfBirth() {
-            return getFieldAs(ChildInformationField.DATE_OF_BIRTH, Date.class);
-        }
-    }
-
-    public static class Name extends Asn1TaggingSequence {
-
-        protected enum NameField implements EnumType {
-            GIVENNAME,
-            INITIAL,
-            FAMILYNAME;
-
-            @Override
-            public int getValue() {
-                return ordinal();
-            }
-
-            @Override
-            public String getName() {
-                return name();
-            }
-        }
-
-        static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
-                new ExplicitField(NameField.GIVENNAME, -1, Asn1VisibleString.class),
-                new ExplicitField(NameField.INITIAL, -1, Asn1VisibleString.class),
-                new ExplicitField(NameField.FAMILYNAME, -1, Asn1VisibleString.class)
-        };
-
-        public Name() {
-            super(1, tags, true, true);
-        }
-
-        public Name(String givenName, String initial, String familyName) {
-            this();
-            setGivenName(givenName);
-            setInitial(initial);
-            setFamilyName(familyName);
-        }
-
-        public void setGivenName(String givenName) {
-            setFieldAs(NameField.GIVENNAME, new Asn1VisibleString(givenName));
-        }
-
-        public String getGivenName() {
-            return getFieldAsString(NameField.GIVENNAME);
-        }
-
-        public void setInitial(String initial) {
-            setFieldAs(NameField.INITIAL, new Asn1VisibleString(initial));
-        }
-
-        public String getInitial() {
-            return getFieldAsString(NameField.INITIAL);
-        }
-
-        public void setFamilyName(String familyName) {
-            setFieldAs(NameField.FAMILYNAME, new Asn1VisibleString(familyName));
-        }
-
-        public String getFamilyName() {
-            return getFieldAsString(NameField.FAMILYNAME);
-        }
-    }
-
-    public static class EmployeeNumber extends Asn1Tagging<Asn1Integer> {
-        public EmployeeNumber(Integer value) {
-            super(2, new Asn1Integer(value), true, true);
-        }
-
-        public EmployeeNumber() {
-            super(2, new Asn1Integer(), true, true);
-        }
-    }
-
-    public static class Date extends Asn1Tagging<Asn1VisibleString> {
-        public Date(String value) {
-            super(3, new Asn1VisibleString(value), true, true);
-        }
-        public Date() {
-            this(null);
-        }
-    }
-}
-```
-### Asn1 API and parsing/dumping facilities
-* ASN1 dumping tool to help analyze ASN1 encoding stream or packet. It can be used to exercise the framework with all kinds of testing binary inputs.
-* The shortcut API for ASN1 parser, encoding, decoding.
-
-### Notes
-* Extensive tests coverage for BER & DER encoding and decoding
-* Fully self-contained, no extra dependency
-
-### License
-Apache V2 License
-
-
-

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC2-APIs/krbclient.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC2-APIs/krbclient.md b/docs/1.0.0-RC2-APIs/krbclient.md
deleted file mode 100644
index ab5a48c..0000000
--- a/docs/1.0.0-RC2-APIs/krbclient.md
+++ /dev/null
@@ -1,106 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-kerb-client
-============
-
-## 1. KrbClient
-### Initiate a KrbClient
-* Initiate a KrbClient with prepared KrbConfig.
-<pre>
-KrbClient krbClient = new KrbClient(krbConfig);
-</pre>
-* Initiate a KrbClient with conf dir.
-<pre>
-KrbClient krbClient = new KrbClient(confDir);
-</pre>
-
-### Request a TGT
-* Request a TGT with using well prepared requestOptions.
-<pre>
-requestTgt(requestOptions);
-</pre>
-* Request a TGT with user plain password credential
-<pre>
-requestTgt(principal, password);
-</pre>
-* Request a TGT with user plain keytab credential
-<pre>
-requestTgt(principal, keytabFile);
-</pre>
-
-### Request a service ticket
-* Request a service ticket with a TGT targeting for a server
-<pre>
-requestSgt(tgt, serverPrincipal);
-</pre>
-* Request a service ticket provided request options
-<pre>
-requestSgt(requestOptions);
-</pre>
-
-## 2. KrbTokenClient
-### Initiate a KrbTokenClient
-* Initiate a KrbTokenClient with prepared KrbConfig.
-<pre>
-KrbTokenClient krbTokenClient = new KrbTokenClient(krbConfig);
-</pre>
-* Initiate a KrbTokenClient with conf dir.
-<pre>
-KrbTokenClient krbTokenClient = new KrbTokenClient(confDir);
-</pre>
-* Initiate a KrbTokenClient with prepared KrbClient.
-<pre>
-KrbTokenClient krbTokenClient = new KrbTokenClient(krbClient);
-</pre>
-
-### Request a TGT
-* Request a TGT with user token credential
-<pre>
-requestTgtWithToken(token, armorCache);
-</pre>
-
-### Request a service ticket
-</pre>
-* Request a service ticket with user AccessToken credential for a server
-<pre>
-requestSgt(accessToken, serverPrincipal, armorCache);
-</pre>
-
-## 3. KrbPkinitClient
-### Initiate a KrbPkinitClient
-* Initiate a KrbPkinitClient with prepared KrbConfig.
-<pre>
-KrbPkinitClient krbPkinitClient = new KrbPkinitClient(krbConfig);
-</pre>
-* Initiate a KrbPkinitClient with conf dir.
-<pre>
-KrbPkinitClient krbPkinitClient = new KrbPkinitClient(confDir);
-</pre>
-* Initiate a KrbPkinitClient with prepared KrbClient.
-<pre>
-KrbPkinitClient krbPkinitClient = new KrbPkinitClient(krbClient);
-</pre>
-
-### Request a TGT
-* Request a TGT with using Anonymous PKINIT
-<pre>
-requestTgt();
-</pre>
-

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-RC2-APIs/simplekdc.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-RC2-APIs/simplekdc.md b/docs/1.0.0-RC2-APIs/simplekdc.md
deleted file mode 100644
index 85e79ca..0000000
--- a/docs/1.0.0-RC2-APIs/simplekdc.md
+++ /dev/null
@@ -1,85 +0,0 @@
-<!--
-  Licensed to the Apache Software Foundation (ASF) under one
-  or more contributor license agreements.  See the NOTICE file
-  distributed with this work for additional information
-  regarding copyright ownership.  The ASF licenses this file
-  to you under the Apache License, Version 2.0 (the
-  "License"); you may not use this file except in compliance
-  with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing,
-  software distributed under the License is distributed on an
-  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-  KIND, either express or implied.  See the License for the
-  specific language governing permissions and limitations
-  under the License.
--->
-
-kerb-simplekdc
-============
-
-### Kdc server
-</pre>
-* Start simple kdc server.
-<pre>
-start();
-</pre>
-* Set KDC realm for ticket request
-<pre>
-setKdcRealm(realm);
-</pre>
-* Set KDC host.
-<pre>
-setKdcHost(kdcHost);
-</pre>
-* Set KDC tcp port.
-<pre>
-setKdcTcpPort(kdcTcpPort);
-</pre>
-* Set KDC udp port. Only makes sense when allowUdp is set.
-<pre>
-setKdcUdpPort(kdcUdpPort);
-</pre>
-* Set to allow TCP or not.
-<pre>
-setAllowTcp(allowTcp);
-</pre>
-* Set to allow UDP or not.
-<pre>
-setAllowUdp(allowUdp);
-
-### Kadmin
-</pre>
-* Create principle with principal name.
-<pre>
-createPrincipal(principal);
-</pre>
-* Add principle with principal name and password.
-<pre>
-createPrincipal(principal, password);
-</pre>
-* Create principles with principal names.
-<pre>
-createPrincipals(principals);
-</pre>
-* Creates principals and export their keys to the specified keytab file.
-<pre>
-createAndExportPrincipals(keytabFile principals);
-</pre>
-* Delete principle with principal name.
-<pre>
-deletePrincipal(principal);
-</pre>
-</pre>
-* Delete principles with principal names.
-<pre>
-deletePrincipals(principals);
-</pre>
-</pre>
-* Export principles to keytab file.
-<pre>
-exportPrincipals(keytabFile);
-</pre>
-

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc1/1.0.0-RC1-release-note.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc1/1.0.0-RC1-release-note.md b/docs/1.0.0-rc1/1.0.0-RC1-release-note.md
new file mode 100644
index 0000000..c8603e6
--- /dev/null
+++ b/docs/1.0.0-rc1/1.0.0-RC1-release-note.md
@@ -0,0 +1,67 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+Apache Kerby 1.0.0-RC1 Release Note
+===================================
+
+In this release 236 JIRA issues were resolved and the following features are supported:
+
+1. Kerberos libraries:
+  - Client
+  - KDC server
+  - Kadmin
+  - Credential cache and keytab utilities
+
+2. Standalone KDC server .
+
+3. Support for various identity backends:
+  - In-memory
+  - JSON
+  - LDAP
+  - Mavibot(MVCC BTree)
+  - Zookeeper
+
+4. Embedded KDC server allows easy integration into products for unit tests or production deployment.
+
+5. FAST/Preauthentication framework to allow popular and useful authentication mechanisms.
+
+6. Token Preauth mechanism to allow clients to request tickets using JWT tokens.
+
+7. Client can request a TGT with:
+  - User plain password credential
+  - User keyTab
+  - User token credential
+
+8. Client can request a service ticket with:
+  - user TGT credential for a server
+  - user AccessToken credential for a server
+
+9. Network support including UDP and TCP transport with two implementations:
+  - Default implementation based on the JRE without depending on other libraries.
+  - Netty based implementation for better throughput, lower latency.
+
+10. Tools:
+  - kdcinit: Initialize and prepare KDC, like choose storage type, setting up necessary principals (tgs, kadmin) etc.
+  - kadmin: Command-line interfaces to administration system.
+  - kinit: Obtains and caches an initial ticket-granting ticket for principal.
+  - klist: Lists the Kerby principal and tickets held in a credentials cache, or the keys held in a keytab file.
+
+11. Support for JAAS, GSSAPI and SASL frameworks that applications can leverage the authentication mechanisms provided by Kerby.
+
+12. Building support: checking style and find bugs.

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc1/kadmin.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc1/kadmin.md b/docs/1.0.0-rc1/kadmin.md
new file mode 100644
index 0000000..eebb949
--- /dev/null
+++ b/docs/1.0.0-rc1/kadmin.md
@@ -0,0 +1,77 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+kerb-admin
+============
+
+### Initiate a Kadmin
+* Initiate a Kadmin with confDir.
+<pre>
+Kadmin kadmin = new Kadmin(confDir);
+</pre>
+* Initiate a Kadmin with kdcSetting and backend.
+<pre>
+Kadmin kadmin = new Kadmin(kdcSetting, backend);
+</pre>
+
+### Principal operating
+* Add principle with principal name.
+<pre>
+addPrincipal(principal);
+</pre>
+* Add principle with principal name and password.
+<pre>
+addPrincipal(principal, password);
+</pre>
+* Add principle with principal name and kOptions.
+<pre>
+addPrincipal(principal, kOptions);
+</pre>
+* Add principle with principal name, password and kOptions.
+<pre>
+addPrincipal(principal, password kOptions);
+</pre>
+* Delete principle with principal name.
+<pre>
+deletePrincipal(principal);
+</pre>
+* Modify principle with principal name and kOptions.
+<pre>
+modifyPrincipal(principal, kOptions);
+</pre>
+* Rename principle.
+<pre>
+renamePrincipal(oldPrincipalName, newPrincipalName);
+</pre>
+* Get principle with principal name.
+<pre>
+getPrincipal(principalName);
+</pre>
+* Get all the principles.
+<pre>
+getPrincipals();
+</pre>
+* Update password with principal name and new password.
+<pre>
+updatePassword(principal, newPassword);
+</pre>
+* Export all identity keys to the specified keytab file.
+<pre>
+exportKeyTab(keyTabFile);
+</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc1/kdcserver.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc1/kdcserver.md b/docs/1.0.0-rc1/kdcserver.md
new file mode 100644
index 0000000..76f2310
--- /dev/null
+++ b/docs/1.0.0-rc1/kdcserver.md
@@ -0,0 +1,71 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+kerb-server
+============
+
+### Initiate kdc server
+* Initiate a kdc server with prepared confDir.
+<pre>
+KdcServer server = new KdcServer(confDir);
+</pre>
+
+### Start and set kdc server
+* Start kdc server.
+<pre>
+start();
+</pre>
+* Set KDC realm for ticket request
+<pre>
+setKdcRealm(realm);
+</pre>
+* Set KDC host.
+<pre>
+setKdcHost(kdcHost);
+</pre>
+* Set KDC tcp port.
+<pre>
+setKdcTcpPort(kdcTcpPort);
+</pre>
+* Set KDC udp port. Only makes sense when allowUdp is set.
+<pre>
+setKdcUdpPort(kdcUdpPort);
+</pre>
+* Set to allow TCP or not.
+<pre>
+setAllowTcp(allowTcp);
+</pre>
+* Set to allow UDP or not.
+<pre>
+setAllowUdp(allowUdp);
+</pre>
+* Allow to debug so have more logs.
+<pre>
+enableDebug();
+</pre>
+* Allow to hook customized kdc implementation.
+<pre>
+setInnerKdcImpl(innerKdcImpl);
+</pre>
+
+### Stop kdc server
+* Start kdc server.
+<pre>
+stop();
+</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc1/kerby-asn1.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc1/kerby-asn1.md b/docs/1.0.0-rc1/kerby-asn1.md
new file mode 100644
index 0000000..5ca2e17
--- /dev/null
+++ b/docs/1.0.0-rc1/kerby-asn1.md
@@ -0,0 +1,302 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+kerby-asn1
+=========
+
+### A ASN1 parser with easy and simple API
+
+```
+// encoding
+Asn1Integer aValue = new Asn1Integer(8899);
+byte[] encoded = aValue.encode();
+
+// decoding
+byte[] contentToDecode = ...
+Asn1Integer decodedValue = new Asn1Integer();
+decodedValue.decode(contentToDecode);
+Integer value = decodedValue.getValue();
+```
+
+### Data-driven ASN1 encoding/decoding framework and parser
+
+With the following definition from Kerberos protocol
+```
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+     ad-type         [0] Int32,
+     ad-data         [1] OCTET STRING
+ }
+ ```
+
+You can model AuthzDataEntry as follows
+```java
+public class AuthzDataEntry extends Asn1SequenceType {
+    static int AD_TYPE = 0;
+    static int AD_DATA = 1;
+
+    public AuthzDataEntry() {
+        super(new Asn1FieldInfo[] {
+                new Asn1FieldInfo(AD_TYPE, Asn1Integer.class),
+                new Asn1FieldInfo(AD_DATA, Asn1OctetString.class)
+        });
+    }
+
+    public int getAuthzType() {
+        Integer value = getFieldAsInteger(AD_TYPE);
+        return value;
+    }
+
+    public byte[] getAuthzData() {
+        return getFieldAsOctetBytes(AD_DATA);
+    }
+}
+```
+
+And then define AuthorizationData simply
+```java
+public class AuthorizationData extends Asn1SequenceOf<AuthzDataEntry> {
+
+}
+```
+
+Then you can process with above definitions, encode and decode, without caring about the details.
+
+Think about how to implement the following more complex and pratical sample from [ITU-T Rec. X.680 ISO/IEC 8824-1](http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf):
+```
+A.1 ASN.1 description of the record structure
+The structure of the hypothetical personnel record is formally described below using ASN.1 specified in
+ITU-T Rec. X.680 | ISO/IEC 8824-1 for defining types.
+
+PersonnelRecord ::= [APPLICATION 0] IMPLICIT SET {
+    Name Name,
+    title [0] VisibleString,
+    number EmployeeNumber,
+    dateOfHire [1] Date,
+    nameOfSpouse [2] Name,
+    children [3] IMPLICIT
+    SEQUENCE OF ChildInformation DEFAULT {}
+}
+
+ChildInformation ::= SET {
+    name Name,
+    dateOfBirth [0] Date
+}
+
+Name ::= [APPLICATION 1] IMPLICIT SEQUENCE {
+    givenName VisibleString,
+    initial VisibleString,
+    familyName VisibleString
+}
+
+EmployeeNumber ::= [APPLICATION 2] IMPLICIT INTEGER
+Date ::= [APPLICATION 3] IMPLICIT VisibleString -- YYYYMMDD
+```
+Similarly as above, we can have (from the unit test codes):
+```java
+public class PersonnelRecord extends TaggingSet {
+    private static int NAME = 0;
+    private static int TITLE = 1;
+    private static int NUMBER = 2;
+    private static int DATEOFHIRE= 3;
+    private static int NAMEOFSPOUSE = 4;
+    private static int CHILDREN = 5;
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new Asn1FieldInfo(NAME, -1, Name.class),
+            new Asn1FieldInfo(TITLE, 0, Asn1VisibleString.class),
+            new Asn1FieldInfo(NUMBER, -1, EmployeeNumber.class),
+            new Asn1FieldInfo(DATEOFHIRE, 1, Date.class),
+            new Asn1FieldInfo(NAMEOFSPOUSE, 2, Name.class),
+            new Asn1FieldInfo(CHILDREN, 3, Children.class, true)
+    };
+
+    public PersonnelRecord() {
+        super(0, fieldInfos, true);
+        setEncodingOption(EncodingOption.IMPLICIT);
+    }
+
+    public void setName(Name name) {
+        setFieldAs(NAME, name);
+    }
+
+    public Name getName() {
+        return getFieldAs(NAME, Name.class);
+    }
+
+    public void setTitle(String title) {
+        setFieldAs(TITLE, new Asn1VisibleString(title));
+    }
+
+    public String getTitle() {
+        return getFieldAsString(TITLE);
+    }
+
+    public void setEmployeeNumber(EmployeeNumber employeeNumber) {
+        setFieldAs(NUMBER, employeeNumber);
+    }
+
+    public EmployeeNumber getEmployeeNumber() {
+        return getFieldAs(NUMBER, EmployeeNumber.class);
+    }
+
+    public void setDateOfHire(Date dateOfHire) {
+        setFieldAs(DATEOFHIRE, dateOfHire);
+    }
+
+    public Date getDateOfHire() {
+        return getFieldAs(DATEOFHIRE, Date.class);
+    }
+
+    public void setNameOfSpouse(Name spouse) {
+        setFieldAs(NAMEOFSPOUSE, spouse);
+    }
+
+    public Name getNameOfSpouse() {
+        return getFieldAs(NAMEOFSPOUSE, Name.class);
+    }
+
+    public void setChildren(Children children) {
+        setFieldAs(CHILDREN, children);
+    }
+
+    public Children getChildren() {
+        return getFieldAs(CHILDREN, Children.class);
+    }
+
+    public static class Children extends Asn1SequenceOf<ChildInformation> {
+        public Children(ChildInformation ... children) {
+            super();
+            for (ChildInformation child : children) {
+                addElement(child);
+            }
+        }
+
+        public Children() {
+            super();
+        }
+    }
+
+    public static class ChildInformation extends Asn1SetType {
+        private static int NAME = 0;
+        private static int DATEOFBIRTH = 1;
+
+        static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
+                new Asn1FieldInfo(NAME, -1, Name.class),
+                new Asn1FieldInfo(DATEOFBIRTH, 0, Date.class)
+        };
+
+        public ChildInformation() {
+            super(tags);
+        }
+
+        public void setName(Name name) {
+            setFieldAs(NAME, name);
+        }
+
+        public Name getName() {
+            return getFieldAs(NAME, Name.class);
+        }
+
+        public void setDateOfBirth(Date date) {
+            setFieldAs(DATEOFBIRTH, date);
+        }
+
+        public Date getDateOfBirth() {
+            return getFieldAs(DATEOFBIRTH, Date.class);
+        }
+    }
+
+    public static class Name extends TaggingSequence {
+        private static int GIVENNAME = 0;
+        private static int INITIAL = 1;
+        private static int FAMILYNAME = 2;
+
+        static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
+                new Asn1FieldInfo(GIVENNAME, -1, Asn1VisibleString.class),
+                new Asn1FieldInfo(INITIAL, -1, Asn1VisibleString.class),
+                new Asn1FieldInfo(FAMILYNAME, -1, Asn1VisibleString.class)
+        };
+
+        public Name() {
+            super(1, tags, true);
+            setEncodingOption(EncodingOption.IMPLICIT);
+        }
+
+        public Name(String givenName, String initial, String familyName) {
+            this();
+            setGivenName(givenName);
+            setInitial(initial);
+            setFamilyName(familyName);
+        }
+
+        public void setGivenName(String givenName) {
+            setFieldAs(GIVENNAME, new Asn1VisibleString(givenName));
+        }
+
+        public String getGivenName() {
+            return getFieldAsString(GIVENNAME);
+        }
+
+        public void setInitial(String initial) {
+            setFieldAs(INITIAL, new Asn1VisibleString(initial));
+        }
+
+        public String getInitial() {
+            return getFieldAsString(INITIAL);
+        }
+
+        public void setFamilyName(String familyName) {
+            setFieldAs(FAMILYNAME, new Asn1VisibleString(familyName));
+        }
+
+        public String getFamilyName() {
+            return getFieldAsString(FAMILYNAME);
+        }
+    }
+
+    public static class EmployeeNumber extends Asn1Tagging<Asn1Integer> {
+        public EmployeeNumber(Integer value) {
+            super(2, new Asn1Integer(value), true);
+            setEncodingOption(EncodingOption.IMPLICIT);
+        }
+        public EmployeeNumber() {
+            this(null);
+        }
+    }
+
+    public static class Date extends Asn1Tagging<Asn1VisibleString> {
+        public Date(String value) {
+            super(3, new Asn1VisibleString(value), true);
+            setEncodingOption(EncodingOption.IMPLICIT);
+        }
+        public Date() {
+            this(null);
+        }
+    }
+}
+```
+### Notes
+* 90% tests coverage for DER encoding
+* For BER & CER encoding, to be fully supported
+* No extra dependency
+
+### License
+Apache V2 License
+
+
+

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc1/krbclient.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc1/krbclient.md b/docs/1.0.0-rc1/krbclient.md
new file mode 100644
index 0000000..14a4972
--- /dev/null
+++ b/docs/1.0.0-rc1/krbclient.md
@@ -0,0 +1,51 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+kerb-client
+============
+
+### Initiate a KrbClient
+* Initiate a KrbClient with prepared KrbConfig.
+<pre>
+KrbClient krbClient = new KrbClient(krbConfig);
+</pre>
+* Initiate a KrbClient with with conf dir.
+<pre>
+KrbClient krbClient = new KrbClient(confDir);
+</pre>
+
+### Request a TGT
+* Request a TGT with user plain password credential
+<pre>
+requestTgtWithPassword(principal, password);
+</pre>
+* Request a TGT with user token credential
+<pre>
+requestTgtWithToken(token, armorCache);
+</pre>
+
+### Request a service ticket
+* Request a service ticket with user TGT credential for a server
+<pre>
+requestServiceTicketWithTgt(tgt, serverPrincipal);
+</pre>
+* Request a service ticket with user AccessToken credential for a server
+<pre>
+requestServiceTicketWithAccessToken(accessToken, serverPrincipal, armorCache);
+</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc1/simplekdc.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc1/simplekdc.md b/docs/1.0.0-rc1/simplekdc.md
new file mode 100644
index 0000000..08c03ee
--- /dev/null
+++ b/docs/1.0.0-rc1/simplekdc.md
@@ -0,0 +1,84 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+kerb-simplekdc
+============
+
+### Kdc server
+</pre>
+* Start simple kdc server.
+<pre>
+start();
+</pre>
+* Set KDC realm for ticket request
+<pre>
+setKdcRealm(realm);
+</pre>
+* Set KDC host.
+<pre>
+setKdcHost(kdcHost);
+</pre>
+* Set KDC tcp port.
+<pre>
+setKdcTcpPort(kdcTcpPort);
+</pre>
+* Set KDC udp port. Only makes sense when allowUdp is set.
+<pre>
+setKdcUdpPort(kdcUdpPort);
+</pre>
+* Set to allow TCP or not.
+<pre>
+setAllowTcp(allowTcp);
+</pre>
+* Set to allow UDP or not.
+<pre>
+setAllowUdp(allowUdp);
+
+### Kadmin
+</pre>
+* Create principle with principal name.
+<pre>
+createPrincipal(principal);
+</pre>
+* Add principle with principal name and password.
+<pre>
+createPrincipal(principal, password);
+</pre>
+* Create principles with principal names.
+<pre>
+createPrincipals(principals);
+</pre>
+* Creates principals and export their keys to the specified keytab file.
+<pre>
+createAndExportPrincipals(keytabFile principals);
+</pre>
+* Delete principle with principal name.
+<pre>
+deletePrincipal(principal);
+</pre>
+</pre>
+* Delete principles with principal names.
+<pre>
+deletePrincipals(principals);
+</pre>
+</pre>
+* Export principles to keytab file.
+<pre>
+exportPrincipals(keytabFile);
+</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc2/1.0.0-RC2-release-note.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc2/1.0.0-RC2-release-note.md b/docs/1.0.0-rc2/1.0.0-RC2-release-note.md
new file mode 100644
index 0000000..f9b9b61
--- /dev/null
+++ b/docs/1.0.0-rc2/1.0.0-RC2-release-note.md
@@ -0,0 +1,42 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+Apache Kerby 1.0.0-RC2 Release Note
+===================================
+
+105 JIRA issues were resolved and with the following Features and important changes since 1.0.0-RC1:
+
+- 1. Anonymous PKINIT support(BETA): allows a client to obtain anonymous credentials without authenticating as any particular principal.
+- 2. PKINIT in RSA case (75%).
+- 3. Finished token support:
+  - Add ability to encrypt and sign using non-RSA keys;
+  - Get the verify key for signed JWT token from kdc config;
+  - Token issuer must be trusted as one of preconfigured issuers;
+  - Add support for decrypting JWT tokens in the KDC.
+- 4. PKIX CMS/X509 support.
+- 5. Full BER encoding support.
+- 6. Improved the ASN1 framework:
+  - Separate Asn1 parser;
+  - Support decoding of primitive but constructed encoded types;
+  - Allow to define explicit and implicit fields more easily for collection types;
+  - Providing an API to use some useful ASN1 functions by consolidating existing utilities
+- 7. Dump support for Asn1.
+  - provide an ASN1 dumping tool for troubleshooting
+  - Including built-in ASN1 types and user defined types.
+- 8. Separate KrbClient, KrbTokenClient, and KrbPkinitClient APIs.

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc2/kadmin.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc2/kadmin.md b/docs/1.0.0-rc2/kadmin.md
new file mode 100644
index 0000000..e8533b9
--- /dev/null
+++ b/docs/1.0.0-rc2/kadmin.md
@@ -0,0 +1,81 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+kerb-admin
+============
+## Local mode
+### Initiate a LocalKadminImpl
+* Initiate a LocalKadminImpl with prepared KdcConfig and BackendConfig.
+<pre>
+LocalKadmin kadmin = new LocalKadminImpl(kdcConfig, backendConfig);
+</pre>
+* Initiate a LocalKadmin with confDir.
+<pre>
+LocalKadmin kadmin = new LocalKadminImpl(confDir);
+</pre>
+* Initiate a LocalKadmin with kdcSetting and backend.
+<pre>
+LocalKadmin kadmin = new LocalKadminImpl(kdcSetting, backend);
+</pre>
+
+### Principal operating
+* Add principle with principal name.
+<pre>
+addPrincipal(principal);
+</pre>
+* Add principle with principal name and password.
+<pre>
+addPrincipal(principal, password);
+</pre>
+* Add principle with principal name and kOptions.
+<pre>
+addPrincipal(principal, kOptions);
+</pre>
+* Add principle with principal name, password and kOptions.
+<pre>
+addPrincipal(principal, password kOptions);
+</pre>
+* Delete principle with principal name.
+<pre>
+deletePrincipal(principal);
+</pre>
+* Modify principle with principal name and kOptions.
+<pre>
+modifyPrincipal(principal, kOptions);
+</pre>
+* Rename principle.
+<pre>
+renamePrincipal(oldPrincipalName, newPrincipalName);
+</pre>
+* Get principle with principal name.
+<pre>
+getPrincipal(principalName);
+</pre>
+* Get all the principles.
+<pre>
+getPrincipals();
+</pre>
+* Update password with principal name and new password.
+<pre>
+updatePassword(principal, newPassword);
+</pre>
+* Export all identity keys to the specified keytab file.
+<pre>
+exportKeyTab(keyTabFile);
+</pre>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc2/kdcserver.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc2/kdcserver.md b/docs/1.0.0-rc2/kdcserver.md
new file mode 100644
index 0000000..76f2310
--- /dev/null
+++ b/docs/1.0.0-rc2/kdcserver.md
@@ -0,0 +1,71 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+kerb-server
+============
+
+### Initiate kdc server
+* Initiate a kdc server with prepared confDir.
+<pre>
+KdcServer server = new KdcServer(confDir);
+</pre>
+
+### Start and set kdc server
+* Start kdc server.
+<pre>
+start();
+</pre>
+* Set KDC realm for ticket request
+<pre>
+setKdcRealm(realm);
+</pre>
+* Set KDC host.
+<pre>
+setKdcHost(kdcHost);
+</pre>
+* Set KDC tcp port.
+<pre>
+setKdcTcpPort(kdcTcpPort);
+</pre>
+* Set KDC udp port. Only makes sense when allowUdp is set.
+<pre>
+setKdcUdpPort(kdcUdpPort);
+</pre>
+* Set to allow TCP or not.
+<pre>
+setAllowTcp(allowTcp);
+</pre>
+* Set to allow UDP or not.
+<pre>
+setAllowUdp(allowUdp);
+</pre>
+* Allow to debug so have more logs.
+<pre>
+enableDebug();
+</pre>
+* Allow to hook customized kdc implementation.
+<pre>
+setInnerKdcImpl(innerKdcImpl);
+</pre>
+
+### Stop kdc server
+* Start kdc server.
+<pre>
+stop();
+</pre>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/5ae35e26/docs/1.0.0-rc2/kerby-asn1.md
----------------------------------------------------------------------
diff --git a/docs/1.0.0-rc2/kerby-asn1.md b/docs/1.0.0-rc2/kerby-asn1.md
new file mode 100644
index 0000000..f8717e3
--- /dev/null
+++ b/docs/1.0.0-rc2/kerby-asn1.md
@@ -0,0 +1,388 @@
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements.  See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership.  The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied.  See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+kerby-asn1
+=========
+
+### A ASN1 parser with easy and simple API
+
+```
+// encoding
+Asn1Integer aValue = new Asn1Integer(8899);
+byte[] encoded = aValue.encode();
+
+// decoding
+byte[] contentToDecode = ...
+Asn1Integer decodedValue = new Asn1Integer();
+decodedValue.decode(contentToDecode);
+Integer value = decodedValue.getValue();
+```
+
+### Data-driven ASN1 encoding/decoding framework and parser
+
+With the following definition from Kerberos protocol
+```
+ AuthorizationData ::= SEQUENCE OF SEQUENCE {
+     ad-type         [0] Int32,
+     ad-data         [1] OCTET STRING
+ }
+ ```
+
+You can model AuthzDataEntry as follows
+```java
+public class AuthorizationDataEntry extends KrbSequenceType {
+    /**
+     * The possible fields
+     */
+    protected enum AuthorizationDataEntryField implements EnumType {
+        AD_TYPE,
+        AD_DATA;
+
+        /**
+         * {@inheritDoc}
+         */
+        @Override
+        public int getValue() {
+            return ordinal();
+        }
+
+        /**
+         * {@inheritDoc}
+         */
+        @Override
+        public String getName() {
+            return name();
+        }
+    }
+
+    /** The AuthorizationDataEntry's fields */
+    private static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new ExplicitField(AuthorizationDataEntryField.AD_TYPE, Asn1Integer.class),
+            new ExplicitField(AuthorizationDataEntryField.AD_DATA, Asn1OctetString.class)
+    };
+
+    /**
+     * Creates an AuthorizationDataEntry instance
+     */
+    public AuthorizationDataEntry() {
+        super(fieldInfos);
+    }
+
+    /**
+     * @return The AuthorizationType (AD_TYPE) field
+     */
+    public AuthorizationType getAuthzType() {
+        Integer value = getFieldAsInteger(AuthorizationDataEntryField.AD_TYPE);
+        return AuthorizationType.fromValue(value);
+    }
+
+    /**
+     * Sets the AuthorizationType (AD_TYPE) field
+     * @param authzType The AuthorizationType to set
+     */
+    public void setAuthzType(AuthorizationType authzType) {
+        setFieldAsInt(AuthorizationDataEntryField.AD_TYPE, authzType.getValue());
+    }
+
+    /**
+     * @return The AuthorizationType (AD_DATA) field
+     */
+    public byte[] getAuthzData() {
+        return getFieldAsOctets(AuthorizationDataEntryField.AD_DATA);
+    }
+
+    /**
+     * Sets the AuthorizationData (AD_DATA) field
+     * @param authzData The AuthorizationData to set
+     */
+    public void setAuthzData(byte[] authzData) {
+        setFieldAsOctets(AuthorizationDataEntryField.AD_DATA, authzData);
+    }
+}
+```
+
+And then define AuthorizationData simply
+```java
+public class AuthorizationData extends KrbSequenceOfType<AuthorizationDataEntry> {
+
+}
+```
+
+Then you can process with above definitions, encode and decode, without caring about the details.
+
+Think about how to implement the following more complex and pratical sample from [ITU-T Rec. X.680 ISO/IEC 8824-1](http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf):
+```
+A.1 ASN.1 description of the record structure
+The structure of the hypothetical personnel record is formally described below using ASN.1 specified in
+ITU-T Rec. X.680 | ISO/IEC 8824-1 for defining types.
+
+PersonnelRecord ::= [APPLICATION 0] IMPLICIT SET {
+    Name Name,
+    title [0] VisibleString,
+    number EmployeeNumber,
+    dateOfHire [1] Date,
+    nameOfSpouse [2] Name,
+    children [3] IMPLICIT
+    SEQUENCE OF ChildInformation DEFAULT {}
+}
+
+ChildInformation ::= SET {
+    name Name,
+    dateOfBirth [0] Date
+}
+
+Name ::= [APPLICATION 1] IMPLICIT SEQUENCE {
+    givenName VisibleString,
+    initial VisibleString,
+    familyName VisibleString
+}
+
+EmployeeNumber ::= [APPLICATION 2] IMPLICIT INTEGER
+Date ::= [APPLICATION 3] IMPLICIT VisibleString -- YYYYMMDD
+```
+Similarly as above, we can have (from the unit test codes):
+```java
+public class PersonnelRecord extends Asn1TaggingSet {
+    protected enum PersonnelRecordField implements EnumType {
+        NAME,
+        TITLE,
+        NUMBER,
+        DATE_OF_HIRE,
+        NAME_OF_SPOUSE,
+        CHILDREN;
+
+        @Override
+        public int getValue() {
+            return ordinal();
+        }
+
+        @Override
+        public String getName() {
+            return name();
+        }
+    }
+
+    static Asn1FieldInfo[] fieldInfos = new Asn1FieldInfo[] {
+            new ExplicitField(PersonnelRecordField.NAME, -1, Name.class),
+            new ExplicitField(PersonnelRecordField.TITLE, 0, Asn1VisibleString.class),
+            new ExplicitField(PersonnelRecordField.NUMBER, -1, EmployeeNumber.class),
+            new ExplicitField(PersonnelRecordField.DATE_OF_HIRE, 1, Date.class),
+            new ExplicitField(PersonnelRecordField.NAME_OF_SPOUSE, 2, Name.class),
+            new ImplicitField(PersonnelRecordField.CHILDREN, 3, Children.class)
+    };
+
+    public PersonnelRecord() {
+        super(0, fieldInfos, true, true);
+    }
+
+    public void setName(Name name) {
+        setFieldAs(PersonnelRecordField.NAME, name);
+    }
+
+    public Name getName() {
+        return getFieldAs(PersonnelRecordField.NAME, Name.class);
+    }
+
+    public void setTitle(String title) {
+        setFieldAs(PersonnelRecordField.TITLE, new Asn1VisibleString(title));
+    }
+
+    public String getTitle() {
+        return getFieldAsString(PersonnelRecordField.TITLE);
+    }
+
+    public void setEmployeeNumber(EmployeeNumber employeeNumber) {
+        setFieldAs(PersonnelRecordField.NUMBER, employeeNumber);
+    }
+
+    public EmployeeNumber getEmployeeNumber() {
+        return getFieldAs(PersonnelRecordField.NUMBER, EmployeeNumber.class);
+    }
+
+    public void setDateOfHire(Date dateOfHire) {
+        setFieldAs(PersonnelRecordField.DATE_OF_HIRE, dateOfHire);
+    }
+
+    public Date getDateOfHire() {
+        return getFieldAs(PersonnelRecordField.DATE_OF_HIRE, Date.class);
+    }
+
+    public void setNameOfSpouse(Name spouse) {
+        setFieldAs(PersonnelRecordField.NAME_OF_SPOUSE, spouse);
+    }
+
+    public Name getNameOfSpouse() {
+        return getFieldAs(PersonnelRecordField.NAME_OF_SPOUSE, Name.class);
+    }
+
+    public void setChildren(Children children) {
+        setFieldAs(PersonnelRecordField.CHILDREN, children);
+    }
+
+    public Children getChildren() {
+        return getFieldAs(PersonnelRecordField.CHILDREN, Children.class);
+    }
+
+    public static class Children extends Asn1SequenceOf<ChildInformation> {
+        public Children(ChildInformation ... children) {
+            super();
+            for (ChildInformation child : children) {
+                addElement(child);
+            }
+        }
+
+        public Children() {
+            super();
+        }
+    }
+
+    public static class ChildInformation extends Asn1SetType {
+        protected enum ChildInformationField implements EnumType {
+            CHILD_NAME,
+            DATE_OF_BIRTH;
+
+            @Override
+            public int getValue() {
+                return ordinal();
+            }
+
+            @Override
+            public String getName() {
+                return name();
+            }
+        }
+
+        static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
+                new ExplicitField(ChildInformationField.CHILD_NAME, -1, Name.class),
+                new ExplicitField(ChildInformationField.DATE_OF_BIRTH, 0, Date.class)
+        };
+
+        public ChildInformation() {
+            super(tags);
+        }
+
+        public void setName(Name name) {
+            setFieldAs(ChildInformationField.CHILD_NAME, name);
+        }
+
+        public Name getName() {
+            return getFieldAs(ChildInformationField.CHILD_NAME, Name.class);
+        }
+
+        public void setDateOfBirth(Date date) {
+            setFieldAs(ChildInformationField.DATE_OF_BIRTH, date);
+        }
+
+        public Date getDateOfBirth() {
+            return getFieldAs(ChildInformationField.DATE_OF_BIRTH, Date.class);
+        }
+    }
+
+    public static class Name extends Asn1TaggingSequence {
+
+        protected enum NameField implements EnumType {
+            GIVENNAME,
+            INITIAL,
+            FAMILYNAME;
+
+            @Override
+            public int getValue() {
+                return ordinal();
+            }
+
+            @Override
+            public String getName() {
+                return name();
+            }
+        }
+
+        static Asn1FieldInfo[] tags = new Asn1FieldInfo[] {
+                new ExplicitField(NameField.GIVENNAME, -1, Asn1VisibleString.class),
+                new ExplicitField(NameField.INITIAL, -1, Asn1VisibleString.class),
+                new ExplicitField(NameField.FAMILYNAME, -1, Asn1VisibleString.class)
+        };
+
+        public Name() {
+            super(1, tags, true, true);
+        }
+
+        public Name(String givenName, String initial, String familyName) {
+            this();
+            setGivenName(givenName);
+            setInitial(initial);
+            setFamilyName(familyName);
+        }
+
+        public void setGivenName(String givenName) {
+            setFieldAs(NameField.GIVENNAME, new Asn1VisibleString(givenName));
+        }
+
+        public String getGivenName() {
+            return getFieldAsString(NameField.GIVENNAME);
+        }
+
+        public void setInitial(String initial) {
+            setFieldAs(NameField.INITIAL, new Asn1VisibleString(initial));
+        }
+
+        public String getInitial() {
+            return getFieldAsString(NameField.INITIAL);
+        }
+
+        public void setFamilyName(String familyName) {
+            setFieldAs(NameField.FAMILYNAME, new Asn1VisibleString(familyName));
+        }
+
+        public String getFamilyName() {
+            return getFieldAsString(NameField.FAMILYNAME);
+        }
+    }
+
+    public static class EmployeeNumber extends Asn1Tagging<Asn1Integer> {
+        public EmployeeNumber(Integer value) {
+            super(2, new Asn1Integer(value), true, true);
+        }
+
+        public EmployeeNumber() {
+            super(2, new Asn1Integer(), true, true);
+        }
+    }
+
+    public static class Date extends Asn1Tagging<Asn1VisibleString> {
+        public Date(String value) {
+            super(3, new Asn1VisibleString(value), true, true);
+        }
+        public Date() {
+            this(null);
+        }
+    }
+}
+```
+### Asn1 API and parsing/dumping facilities
+* ASN1 dumping tool to help analyze ASN1 encoding stream or packet. It can be used to exercise the framework with all kinds of testing binary inputs.
+* The shortcut API for ASN1 parser, encoding, decoding.
+
+### Notes
+* Extensive tests coverage for BER & DER encoding and decoding
+* Fully self-contained, no extra dependency
+
+### License
+Apache V2 License
+
+
+


Mime
View raw message