directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kiran Ayyagari (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRKRB-100) Active Directory support for KdcConnection
Date Fri, 28 Feb 2014 10:51:20 GMT

    [ https://issues.apache.org/jira/browse/DIRKRB-100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13915660#comment-13915660
] 

Kiran Ayyagari commented on DIRKRB-100:
---------------------------------------

bq. 1) RC4_HMAC_MD5 decryption doesn't work
         the current JIRA issue is open to track this

bq. 2) Encryption type negotiation doesn't work
bq. 3) KdcConnection does not have default encryption types (minor issue)
both are fixed in DIRKRB-101

> Active Directory support for KdcConnection
> ------------------------------------------
>
>                 Key: DIRKRB-100
>                 URL: https://issues.apache.org/jira/browse/DIRKRB-100
>             Project: Directory Kerberos
>          Issue Type: Improvement
>            Reporter: Eirik Bjorsnos
>            Assignee: Emmanuel Lecharny
>
> I'm testing KdcConnection.getTgt() with Microsoft Active Directory.
> My first test failed with AD responding with first saying KRB5KRB_ERR_PREAUTH_REQUIRED
(expected), then KRB5KRB_ERR_PREAUTH_FAILED (not expected).
> Since PREAUTH_FAILED is what you'll also get if your password is wrong, I enabled "Do
not use pre authentication" for the account being tested and verified via kinit on OS X that
no pre authentication was sent there.
> When testing getTgt with no preauth, I now get the following exception:
> Exception in thread "main" org.apache.directory.server.kerberos.changepwd.exceptions.ChangePasswordException:
Request failed due to being malformed.
> 	at org.apache.directory.server.kerberos.protocol.codec.KerberosDecoder.decodeEncTgsRepPart(KerberosDecoder.java:684)
> 	at org.apache.directory.kerberos.client.KdcConnection._getTgt(KdcConnection.java:329)
> 	at org.apache.directory.kerberos.client.KdcConnection.getTgt(KdcConnection.java:181)
> 	at org.apache.directory.kerberos.client.KdcConnection.getTgt(KdcConnection.java:145)



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message