directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eirik Bjørsnøs <eir...@gmail.com>
Subject State of Kerberos in 1.5.4
Date Sun, 07 Jun 2009 11:49:27 GMT
Hi guys,

I'm currently looking into creating a JUnit integration test of some
Kerberos/SPNego code in SVNSearch[1].

I had great success in the past using ApacheDS for the same purpose
when testing LDAP integration. The Kerberos support is giving me some
trouble though. The documentation[2] seems to be somewhat lacking and
out of sync with 1.5.4.

Anyway, what I've done so far is:

o Created a unit test that starts ApacheDS with a KdcServer and a
KeyDerivationInterceptor, pretty much copying SaslGssapiBindITest.java
in 1.5.4
o Added kdcConfig.setIpPort(8888); kdcConfig.start(); (Seems like I
need this to make the KDC server start)
o Configured my Mac to use localhost:8888 as the KDC for EXAMPLE.COM
o Run kinit hnelson@EXAMPLE.COM form the Terminal
o Got the error message: "Kerberos Login Failed: Client not found in
Kerberos database"
o Enabling debug logging in the Kerberos code I noticed that "Client
not found in Kerberos database" was actually caused by a
NotImplementedException thrown at
DirectoryPrincipalStore.getPrincipal(DirectoryPrincipalStore.java:95)

Is the Kerberos server actually not implemented in 1.5.4? Or is there
something wrong in the SaslGssapiBindITest setup code?

What are my alternatives? Use an earlier version of ApacheDS or wait
for the next release?

Thanks,
Eirik.

[1] http://svnsearch.org
[2] http://directory.apache.org/apacheds/1.5/54-kerberos-protocol-provider.html

Mime
View raw message