directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <elecha...@gmail.com>
Subject Re: [kerberos]How to use org.apache.directory.server.kerberos.shared.io.decoder.ApplicationRequestDecoder.decode?
Date Tue, 13 Nov 2007 10:07:13 GMT
Hi Leo,

I have no idea where the data you are trying to decode are coming from, 
but this is certainly not a AP-REQ : it should start with a 0x6E.

Here is your data and some analysis :

0x60 0x82 0x01 0xCB // ??? with a 0x01CB length
  0x06 0x09 0x2A 0x86 0x48 0x86 0xF7 0x12 0x01 0x02 0x02 // 
ObjectIdentifier : 1.2.1608.423698.1.2.2
  0x01 0x00 // Null length boolean...
  0x6E 0x82 0x01 0xBA // AP-Request, 442 bytes long
    0x30 0x82 0x010xB6 // Sequence, length 438 bytes
      0xA0 0x03 0x02 0x01 0x05 // pvno
      0xA1 0x03 0x02 0x01 0x0E // messageType : Application Request
      0xA2 0x07 0x03 0x05 0x00 0x20 0x00 0x00 0x00 // ap-options
      0xA3 0x81 0xF7 // Ticket, length 247 bytes
...

Leo Li wrote:
> Hi, all
>        I would like to use the ApplicationRequestDecoder.decode() to 
> decode a message token between kerberos client and server, but it 
> fails. I found that the first several bytes should be treated and 
> discarded before it is decoded, but how can I find the example ? 
> Furthermore, does Apache DS has support for treat with the issues 
> about the communication between client and server after client got TGS 
> from KDC?
>  
> Thanks in advacne.
>  
>  
>      Here is the code:
>  
>      //The byte array of the token sent from client to server as an 
> ApplicationRequest.
>      byte[] token = new byte[] { 96, -126, 1, -53, 6, 9, 42, -122, 72, 
> -122,
>     -9, 18, 1, 2, 2, 1, 0, 110, -126, 1, -70, 48, -126, 1, -74,
>     -96, 3, 2, 1, 5, -95, 3, 2, 1, 14, -94, 7, 3, 5, 0, 32, 0, 0,
>     0, -93, -127, -9, 97, -127, -12, 48, -127, -15, -96, 3, 2, 1,
>     5, -95, 13, 27, 11, 69, 88, 65, 77, 80, 76, 69, 46, 67, 79, 77,
>     -94, 49, 48, 47, -96, 3, 2, 1, 0, -95, 40, 48, 38, 27, 11, 115,
>     101, 114, 118, 105, 99, 101, 116, 101, 115, 116, 27, 23, 119,
>     107, 115, 49, 48, 55, 57, 48, 52, 119, 115, 115, 46, 99, 110,
>     46, 105, 98, 109, 46, 99, 111, 109, -93, -127, -89, 48, -127,
>     -92, -96, 3, 2, 1, 16, -95, 3, 2, 1, 1, -94, -127, -105, 4,
>     -127, -108, 50, -17, -15, -80, 69, -71, 92, -67, -61, -71, 55,
>     -49, 23, 112, -113, 93, -54, 115, 68, 21, 65, 72, -15, 45, -30,
>     72, 29, 61, 123, -54, 22, 77, 71, 99, -82, 58, 92, -106, 22,
>     40, -41, 80, -55, 32, 6, 36, 91, -11, 59, 55, -95, -41, 117,
>     -68, -107, -18, 121, -117, 61, -82, 46, -40, 5, -108, -99, 100,
>     122, 107, 37, -95, -71, 48, -60, 98, -44, 124, 84, 115, -92,
>     -15, -44, -85, 75, -109, -10, 75, 5, -71, -38, 38, 71, 123, -2,
>     -66, -54, -89, 101, -68, 122, 97, -33, -98, 4, -112, -51, 1,
>     24, 46, 97, -16, -107, -122, -76, -65, -79, -25, 72, -11, -108,
>     93, 59, 27, -32, -54, -80, 51, 114, -25, 65, -77, 5, -61, -123,
>     -99, 70, -77, 26, -74, -120, -48, -80, -69, -91, -83, 45, 53,
>     -60, -40, -92, -127, -90, 48, -127, -93, -96, 3, 2, 1, 1, -94,
>     -127, -101, 4, -127, -104, -100, 84, -28, 91, 21, -87, 42, -52,
>     -112, -117, 52, 111, 103, -61, 123, 61, 3, -53, -37, 22, 123,
>     51, -65, -22, -51, 120, 76, -76, -119, -126, 24, -54, 94, 123,
>     57, 22, -44, 124, 15, 82, 87, -85, 47, 91, -76, 127, -6, 0, 53,
>     8, -114, -128, 87, -95, 70, 20, 32, 86, -36, 22, -80, 75, 78,
>     -89, -42, 53, 76, 71, -74, -112, 55, -15, 62, -17, 40, 90, 73,
>     -59, 79, -125, -56, 110, -125, -121, 10, -118, 63, -119, -19,
>     91, -46, -26, -110, -13, -104, 82, 65, 123, 20, -30, -62, 28,
>     -125, 55, 11, -47, 87, -126, -94, 11, 112, 41, 44, -9, 113,
>     -33, 75, -15, -44, -90, 14, -60, -89, 105, 119, -68, -51, -29,
>     45, 118, -35, -26, 60, -58, -14, -78, -37, 12, 100, 125, -42,
>     114, -5, 18, 47, 115, 96, 56, -86, -69, 66, -14 };
>  
>     ApplicationRequest applicationRequest  = new 
> ApplicationRequestDecoder().decode(token);
>  
>     And it fails with stacktrace:
>  
>     Exception in thread "main" java.lang.ClassCastException: 
> org.apache.directory.shared.asn1.der.DERObjectIdentifier
>    at 
> org.apache.directory.server.kerberos.shared.io.decoder.ApplicationRequestDecoder.decode

> (ApplicationRequestDecoder.java:57)
>    at Test.main(Test.java:53)
>    
> -- 
> Leo Li
> China Software Development Lab, IBM


-- 
--
cordialement, regards,
Emmanuel L├ęcharny
www.iktek.com
directory.apache.org



Mime
View raw message