directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Suriarachchi <amilasuriarach...@gmail.com>
Subject Re: Configuring Apache Directory studio with kerberos
Date Sat, 06 Feb 2010 05:28:15 GMT
that works. Thansks.

How can I start the KDCServer programatically? I start ldap server as
follows,

 public CarbonLdapServer(String workingDirectory) throws
DirectoryServerException {

        this.ldapServer = new LdapServer();


        // set server initial properties
        this.ldapServer.setAllowAnonymousAccess(false);
        this.ldapServer.setSearchBaseDn("ou=system");
        this.ldapServer.setMaxTimeLimit(15000);
        this.ldapServer.setMaxSizeLimit(1000);


        // adding the tcp transport
        TcpTransport tcpTransport = new TcpTransport();
        tcpTransport.setAddress("localhost");
        tcpTransport.setEnableSSL(false);
        tcpTransport.setPort(10389);
        tcpTransport.setBackLog(50);
        tcpTransport.setNbThreads(8);

        this.ldapServer.setTransports(tcpTransport);


        // add the directory service
        DefaultCarbonService defaultCarbonService = new
DefaultCarbonService();

this.ldapServer.setDirectoryService(defaultCarbonService.getDefaultDirectoryService(workingDirectory));

        // adding the sasl mechanisum handlers
        HashMap mechanisumHandlers = new HashMap();
        mechanisumHandlers.put("SIMPLE", new SimpleMechanismHandler());
        this.ldapServer.setSaslMechanismHandlers(mechanisumHandlers);


    }

    public void start() throws DirectoryServerException {
        try {
            ldapServer.start();
        } catch (Exception e) {
            throw new DirectoryServerException("Can not start the server ",
e);
        }
    }


is there a similar way to start the KDC as well?

thanks,
Amila.

On Sat, Feb 6, 2010 at 8:58 AM, Amila Suriarachchi <
amilasuriarachchi@gmail.com> wrote:

>
>
> On Wed, Feb 3, 2010 at 2:14 AM, Stefan Seelmann <seelmann@apache.org>wrote:
>
>> Amila Suriarachchi wrote:
>>
>>> I tried to do the authentication with the following values. (after
>>> following the given tutorial )
>>>
>>> Bind DN or user : hnelson@EXAMPLE.COM <mailto:hnelson@EXAMPLE.COM>
>>>
>>> Bind Password : secret
>>>
>>> At kerborose settings
>>>
>>> set : Obtain TGT from KDC
>>> set : Use Native System Configuration
>>>
>>
>> That's ok.
>>
>>
>>  Then tried to Authenticate and got the following exception at client side
>>>
>>> The authentication failed
>>>  - Request: 1 cancelled
>>>  javax.naming.CommunicationException: Request: 1 cancelled
>>>
>> snip
>>
>>  And following at server side.
>>>
>>> [18:41:16] WARN
>>> [org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] -
>>> Additional pre-authentication required (25)
>>> [18:41:16] WARN
>>> [org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] -
>>> No server entry found for kerberos principal name ldap/
>>> localhost@EXAMPLE.COM
>>>
>>
>> Sorry, there was a small bug in the server.xml. Please set the
>> searchBaseDn of ldapServer:
>>
>>  <ldapServer ...
>>            saslHost="localhost"
>>            saslPrincipal="ldap/localhost@EXAMPLE.COM"
>>            searchBaseDn="ou=users,dc=example,dc=com"
>>            ...>
>>
>
> thanks for info.
> I'll have a look with this change.
>
> thanks,
> Amila.
>
>>
>>
>> Kind Regards,
>> Stefan
>>
>>
>>
>>
>
>
> --
> Amila Suriarachchi
> WSO2 Inc.
> blog: http://amilachinthaka.blogspot.com/
>



-- 
Amila Suriarachchi
WSO2 Inc.
blog: http://amilachinthaka.blogspot.com/

Mime
View raw message