directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amila Suriarachchi <amilasuriarach...@gmail.com>
Subject Re: Configuring Apache Directory studio with kerberos
Date Sun, 07 Feb 2010 09:22:37 GMT
On Sat, Feb 6, 2010 at 2:29 PM, Stefan Seelmann <seelmann@apache.org> wrote:

> Amila Suriarachchi schrieb:
>
>  that works. Thansks.
>>
>> How can I start the KDCServer programatically? I start ldap server as
>> follows,
>>
>
> Sure you can, see the following test case [1].
>

thanks it worked.

All these samples uses EXAMPLE.COM as the domain. on the dc=example,dc=com
partition.

Can I configure more the one domain in one kerborse server?

I tried to add a different partition and same set of user by editing the
lidf file. please see the attachments.

but get this exception when try to log with hnelson@WSO2.COM.



[14:49:47] DEBUG
[org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /
127.0.0.1:51219 CREATED:  datagram
[14:49:47] DEBUG
[org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /
127.0.0.1:51219 OPENED
[14:49:47] DEBUG
[org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /
127.0.0.1:51219 RCVD:
org.apache.directory.server.kerberos.shared.messages.KdcRequest@2f49f041
[14:49:47] DEBUG
[org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService]
- Received Authentication Service (AS) request:
    messageType:           AS_REQ
    protocolVersionNumber: 5
    clientAddress:         127.0.0.1
    nonce:                 1265534387
    kdcOptions:
    clientPrincipal:       hnelson@WSO2.COM
    serverPrincipal:       krbtgt/WSO2.COM@WSO2.COM
    encryptionType:        des-cbc-md5 (3), aes256-cts-hmac-sha1-96 (18),
des3-cbc-sha1-kd (16), des-cbc-crc (1), aes128-cts-hmac-sha1-96 (17),
rc4-hmac (23)
    realm:                 WSO2.COM
    from time:             null
    till time:             19700101000000Z
    renew-till time:       null
    hostAddresses:         null
[14:49:47] DEBUG
[org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService]
- Session will use encryption type des-cbc-md5 (3).
[14:49:47] WARN
[org.apache.directory.server.kerberos.shared.store.operations.StoreUtils] -
No server entry found for kerberos principal name hnelson@WSO2.COM
[14:49:47] WARN
[org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] -
Client not found in Kerberos database (6)
org.apache.directory.server.kerberos.shared.exceptions.KerberosException:
Client not found in Kerberos database
    at
org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.getEntry(AuthenticationService.java:747)
    at
org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.getClientEntry(AuthenticationService.java:152)
    at
org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.execute(AuthenticationService.java:103)
    at
org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler.messageReceived(KerberosProtocolHandler.java:145)
    at
org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:721)
    at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
    at
org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
    at
org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
    at
org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:375)
    at
org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:229)
    at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
    at
org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47)
    at
org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:801)
    at
org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
    at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:433)
    at
org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:425)
    at
org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.readHandle(AbstractPollingConnectionlessIoAcceptor.java:436)
    at
org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.processReadySessions(AbstractPollingConnectionlessIoAcceptor.java:407)
    at
org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor.access$600(AbstractPollingConnectionlessIoAcceptor.java:56)
    at
org.apache.mina.core.polling.AbstractPollingConnectionlessIoAcceptor$Acceptor.run(AbstractPollingConnectionlessIoAcceptor.java:360)
    at
org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
    at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
    at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
    at java.lang.Thread.run(Thread.java:619)
Caused by: java.lang.NullPointerException
    at
org.apache.directory.server.kerberos.shared.store.operations.GetPrincipal.getEntry(GetPrincipal.java:97)
    at
org.apache.directory.server.kerberos.shared.store.operations.GetPrincipal.execute(GetPrincipal.java:81)
    at
org.apache.directory.server.kerberos.shared.store.SingleBaseSearch.getPrincipal(SingleBaseSearch.java:63)
    at
org.apache.directory.server.kerberos.shared.store.DirectoryPrincipalStore.getPrincipal(DirectoryPrincipalStore.java:71)
    at
org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService.getEntry(AuthenticationService.java:743)
    ... 23 more
[14:49:47] DEBUG
[org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] -
Responding to request with error:
    explanatory text:      Client not found in Kerberos database
    error code:            6
    clientPrincipal:       null
    client time:           null
    serverPrincipal:       krbtgt/EXAMPLE.COM@EXAMPLE.COM
    server time:           20100207091947Z
[14:49:47] DEBUG
[org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /
127.0.0.1:51219 SENT:
org.apache.directory.server.kerberos.shared.messages.ErrorMessage@67de0c09
[14:50:47] DEBUG
[org.apache.directory.server.kerberos.protocol.KerberosProtocolHandler] - /
127.0.0.1:51219 CLOSED

thanks,
Amila.




>
> Kind Regards,
> Stefan
>
>
>
> [1]
> http://svn.apache.org/repos/asf/directory/apacheds/tags/1.5.5/protocol-kerberos/src/test/java/org/apache/directory/server/kerberos/kdc/SaslGssapiBindITest.java
>
>
>


-- 
Amila Suriarachchi
WSO2 Inc.
blog: http://amilachinthaka.blogspot.com/

Mime
View raw message