directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Spark Shen" <smallsmallor...@gmail.com>
Subject [kerberos] How to add client/server information into kerberos database
Date Thu, 29 Nov 2007 07:29:20 GMT
Hi,

I am playing around with apacheds kerberos features these days. As you may
notice
leo and I have some posts in the past few weeks. And thanks for your great
help. :-)

I configured apacheds[1] according to [2], and experimented with the short
form of 'Kerberos client components' [3].
Here below is my short form class:
public class SampleClient {

    public static void main(String[] args) throws UnknownHostException,
            IOException, KdcConnectionException {

        KerberosPrincipal clientPrincipal = new KerberosPrincipal(
                "spark@EXAMPLE.COM");
        String userPassword = <passwd>;
        String hostname = <ip>;
        int port = 88;
        KdcConnection con = new KdcConnection(hostname + ":" + port);
        KerberosTicket tgt = con.getTicketGrantingTicket(clientPrincipal,
                userPassword);
        System.out.println(tgt);
    }

}

And the output:
log4j:WARN No appenders could be found for logger (
org.apache.mina.filter.executor.ExecutorFilter).
log4j:WARN Please initialize the log4j system properly.
Exception in thread "main"
org.apache.directory.client.kerberos.KdcConnectionException: Client not
found in Kerberos database (6)
    at
org.apache.directory.client.kerberos.GetTicketGrantingTicket.processError(
GetTicketGrantingTicket.java:167)
    at org.apache.directory.client.kerberos.GetTicketGrantingTicket.execute(
GetTicketGrantingTicket.java:153)
    at
org.apache.directory.client.kerberos.KdcConnection.getTicketGrantingTicket(
KdcConnection.java:118)
    at
org.apache.directory.client.kerberos.KdcConnection.getTicketGrantingTicket(
KdcConnection.java:101)
    at kerberos.SampleClient.main(SampleClient.java:42)

I did not find document about how to add client/server information to kdc
server ,
would any one give me a hand? Thanks in advance.

I did not find a verbose kerberos  administration instruction on the web
site
(I believe it's under development), so I have to come here to take some of
your precious time.

[1] My modification to <apacheds>\instances\default\conf\server.xml
<bean id="*environment*" ...>
  <property name="*properties*">
    <props>
      <prop key="*kdc.entryBaseDn*">ou=users,dc=example,dc=com</prop>
...
</bean>
   <bean id="*kdcConfiguration*" class="*
org.apache.directory.server.kerberos.kdc.KdcConfiguration*" lazy-init="*
default*" autowire="*default*" dependency-check="*default*">
        <property name="*enabled*" value="*true*" />
       <property name="*ipPort*" value="*88*" />
</bean>
<bean id="*configuration*" ...>
  ...
  <property name="*kdcConfiguration*" ref="*kdcConfiguration*" />
  ...
</bean>

[2]
http://directory.apache.org/apacheds/1.5/kerberos-protocol-configuration.html

[3]
http://cwiki.apache.org/confluence/display/DIRxSBOX/Draft+-+Kerberos+client+components
-- 
Spark Shen
China Software Development Lab, IBM

Mime
View raw message