directory-kerby mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zheng, Kai" <kai.zh...@intel.com>
Subject RE: [1/2] directory-kerby git commit: Changes summary: 1) Enhanced SimpleKdcServer to integrate KrbClient and Kadmin APIs for easier integration tests; 2) Refined related codes; 3) Fixed some issues found in the effort.
Date Tue, 30 Jun 2015 05:00:22 GMT
Sorry this breaks GSS test and I will fix them ASAP.

Regards,
Kai

-----Original Message-----
From: drankye@apache.org [mailto:drankye@apache.org] 
Sent: Tuesday, June 30, 2015 11:48 AM
To: commits@directory.apache.org
Subject: [1/2] directory-kerby git commit: Changes summary: 1) Enhanced SimpleKdcServer to integrate KrbClient and Kadmin APIs for easier integration tests; 2) Refined related codes; 3) Fixed some issues found in the effort.

Repository: directory-kerby
Updated Branches:
  refs/heads/master 22d959b95 -> d49d73da3


Changes summary: 1) Enhanced SimpleKdcServer to integrate KrbClient and Kadmin APIs for easier integration tests; 2) Refined related codes; 3) Fixed some issues found in the effort.


Project: http://git-wip-us.apache.org/repos/asf/directory-kerby/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerby/commit/497e0303
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerby/tree/497e0303
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerby/diff/497e0303

Branch: refs/heads/master
Commit: 497e0303e2e5e28dee44775174b8072a4b4a4c76
Parents: 2446784
Author: drankye <kai.zheng@intel.com>
Authored: Tue Jun 30 11:46:16 2015 +0800
Committer: Drankye <drankye@gmail.com>
Committed: Tue Jun 30 11:46:16 2015 +0800

----------------------------------------------------------------------
 .../kerby/kerberos/kdc/GssInteropTestBase.java  | 54 +++++++----
 .../kerby/kerberos/kdc/GssTcpInteropTest.java   | 25 -----
 .../kerby/kerberos/kdc/GssUdpInteropTest.java   | 26 -----
 .../kerby/kerberos/kdc/JsonBackendKdcTest.java  |  7 +-
 .../apache/kerby/kerberos/kdc/KerbyKdcTest.java | 15 +--
 .../kdc/OnlyTcpForNettyKdcNetworkTest.java      | 12 ++-
 .../kdc/OnlyUdpForNettyKdcNetworkTest.java      | 12 ++-
 .../kerberos/kdc/WithAccessTokenKdcTest.java    |  2 +-
 .../kerberos/kdc/WithIdentityTokenKdcTest.java  |  6 +-
 .../kerberos/kdc/WithTokenKdcTestBase.java      | 13 +--
 .../kerberos/kdc/ZookeeperBackendKdcTest.java   |  7 +-
 kerby-kdc-test/src/test/resources/krb5-udp.conf |  8 --
 kerby-kdc-test/src/test/resources/krb5.conf     |  9 --
 .../kerby/kerberos/kdc/KerbyKdcServer.java      |  4 +-
 .../kerby/kerberos/kerb/client/ClientUtil.java  | 14 +--
 .../kerby/kerberos/kerb/client/KrbConfig.java   |  9 +-
 .../kerberos/kerb/client/KrbConfigKey.java      |  6 +-
 .../kerby/kerberos/kerb/client/KrbSetting.java  |  5 +
 .../kerb/client/KrbClientSettingTest.java       |  4 +-
 .../kerberos/kerb/common/KrbConfHelper.java     | 15 ++-
 .../kerby/kerberos/kerb/server/KdcTestBase.java | 99 ++++----------------
 .../kerberos/kerb/server/TestKdcServer.java     | 54 +++++++++++
 .../kerberos/kerb/server/GssInteropTest.java    | 21 ++---
 .../kerberos/kerb/server/KdcSettingTest.java    |  2 +-
 .../kerby/kerberos/kerb/server/KdcTest.java     |  6 +-
 .../kerb/server/MultiRequestsKdcTest.java       | 10 +-
 .../kerberos/kerb/server/OnlyTcpKdcTest.java    |  5 +
 .../kerberos/kerb/server/OnlyUdpKdcTest.java    |  5 +
 .../kerberos/kerb/server/TcpAndUdpKdcTest.java  |  5 +
 .../kerb-kdc-test/src/test/resources/krb5.conf  |  8 --
 .../kerby/kerberos/kerb/server/KdcConfig.java   | 25 +++--
 .../kerberos/kerb/server/KdcConfigKey.java      |  9 +-
 .../kerby/kerberos/kerb/server/KdcServer.java   | 13 ++-
 .../kerberos/kerb/server/KdcServerOption.java   |  1 +
 .../kerby/kerberos/kerb/server/KdcSetting.java  | 29 +++++-
 .../server/impl/AbstractInternalKdcServer.java  |  2 +-
 .../kerberos/kerb/server/SimpleKdcTest.java     | 26 +----
 .../kerberos/kerb/server/TestKdcConfigLoad.java |  4 +-
 kerby-kerb/kerb-simplekdc/pom.xml               |  5 +
 .../kerby/kerberos/kerb/server/Krb5Conf.java    | 53 +++++++++++
 .../kerberos/kerb/server/SimpleKdcServer.java   | 95 +++++++++++++++----
 .../kerb-simplekdc/src/main/resources/krb5.conf |  7 ++
 .../src/main/resources/krb5_udp.conf            |  8 ++
 .../org/apache/kerby/config/ConfigImpl.java     |  3 +-
 .../main/java/org/apache/kerby/util/IOUtil.java | 27 +++++-
 45 files changed, 465 insertions(+), 310 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssInteropTestBase.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssInteropTestBase.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssInteropTestBase.java
index 43b89df..bb0fb48 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssInteropTestBase.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssInteropTestBase.java
@@ -23,6 +23,7 @@ import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.server.KdcTestBase;
 import org.ietf.jgss.*;
 import org.junit.Assert;
+import org.junit.Before;
 import org.junit.Test;
 
 import javax.security.auth.Subject;
@@ -32,6 +33,7 @@ import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.kerberos.KerberosTicket;
 import javax.security.auth.login.LoginContext;
+import java.io.File;
 import java.io.IOException;
 import java.security.Principal;
 import java.security.PrivilegedExceptionAction;
@@ -41,17 +43,29 @@ import java.util.Set;
  * This is an interop test using the Java GSS APIs against the Kerby KDC
  */
 public abstract class GssInteropTestBase extends KdcTestBase {
-
     @Override
     protected void createPrincipals() throws KrbException {
-        kdcServer.createPrincipal(getClientPrincipal(), getClientPassword());
-        kdcServer.createPrincipal(getServerPrincipal(), getServerPassword());
+        getKdcServer().createPrincipal(getClientPrincipal(), getClientPassword());
+        getKdcServer().createPrincipal(getServerPrincipal(), getServerPassword());
     }
 
     private String getServerPassword() {
         return getClientPassword(); // Reuse the same password
     }
 
+    @Before
+    @Override
+    public void setUp() throws Exception {
+        super.setUp();
+
+        File file1 = new File(getClass().getResource("/kerberos.jaas").getPath());
+        String content1 = getFileContent(file1.getPath());
+        String path1 = writeToTestDir(content1, file1.getName());
+
+        // System.setProperty("sun.security.krb5.debug", "true");
+        System.setProperty("java.security.auth.login.config", path1);
+    }
+
     @Test
     public void testKdc() throws Exception {
         LoginContext loginContext = new LoginContext(getClientPrincipalName(),
@@ -80,8 +94,6 @@ public abstract class GssInteropTestBase extends KdcTestBase {
         loginContext.logout();
         
         validateServiceTicket(kerberosToken);
-        
-        kdcServer.stop();
     }
     
     private void validateServiceTicket(byte[] ticket) throws Exception {
@@ -121,17 +133,19 @@ public abstract class GssInteropTestBase extends KdcTestBase {
     }
     
     /**
-     * This class represents a PrivilegedExceptionAction implementation to obtain a service ticket from a Kerberos
-     * Key Distribution Center.
+     * This class represents a PrivilegedExceptionAction implementation to
+     * obtain a service ticket from a Kerberos Key Distribution Center.
      */
-    private static class KerberosClientExceptionAction implements PrivilegedExceptionAction<byte[]> {
+    private static class KerberosClientExceptionAction
+            implements PrivilegedExceptionAction<byte[]> {
 
         private static final String JGSS_KERBEROS_TICKET_OID = "1.2.840.113554.1.2.2";
         
         private Principal clientPrincipal;
         private String serviceName;
 
-        public KerberosClientExceptionAction(Principal clientPrincipal, String serviceName) { 
+        public KerberosClientExceptionAction(Principal clientPrincipal,
+                                             String serviceName) {
             this.clientPrincipal = clientPrincipal;
             this.serviceName = serviceName;
         }
@@ -139,12 +153,15 @@ public abstract class GssInteropTestBase extends KdcTestBase {
         public byte[] run() throws GSSException {
             GSSManager gssManager = GSSManager.getInstance();
 
-            GSSName gssService = gssManager.createName(serviceName, GSSName.NT_USER_NAME);
+            GSSName gssService = gssManager.createName(serviceName,
+                    GSSName.NT_USER_NAME);
             Oid oid = new Oid(JGSS_KERBEROS_TICKET_OID);
-            GSSName gssClient = gssManager.createName(clientPrincipal.getName(), GSSName.NT_USER_NAME);
+            GSSName gssClient = gssManager.createName(clientPrincipal.getName(),
+                    GSSName.NT_USER_NAME);
             GSSCredential credentials = 
                 gssManager.createCredential(
-                    gssClient, GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.INITIATE_ONLY
+                    gssClient, GSSCredential.DEFAULT_LIFETIME, oid,
+                        GSSCredential.INITIATE_ONLY
                 );
 
             GSSContext secContext =
@@ -166,7 +183,8 @@ public abstract class GssInteropTestBase extends KdcTestBase {
         }
     }
     
-    private static class KerberosServiceExceptionAction implements PrivilegedExceptionAction<byte[]> {
+    private static class KerberosServiceExceptionAction
+            implements PrivilegedExceptionAction<byte[]> {
 
         private static final String JGSS_KERBEROS_TICKET_OID = "1.2.840.113554.1.2.2";
 
@@ -179,16 +197,16 @@ public abstract class GssInteropTestBase extends KdcTestBase {
         }
 
         public byte[] run() throws GSSException {
-
             GSSManager gssManager = GSSManager.getInstance();
-
-            GSSContext secContext = null;
-            GSSName gssService = gssManager.createName(serviceName, GSSName.NT_USER_NAME);
+            GSSContext secContext;
+            GSSName gssService = gssManager.createName(serviceName,
+                    GSSName.NT_USER_NAME);
               
             Oid oid = new Oid(JGSS_KERBEROS_TICKET_OID);
             GSSCredential credentials = 
                 gssManager.createCredential(
-                    gssService, GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.ACCEPT_ONLY
+                    gssService, GSSCredential.DEFAULT_LIFETIME, oid,
+                        GSSCredential.ACCEPT_ONLY
                 );
             secContext = gssManager.createContext(credentials);
 

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssTcpInteropTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssTcpInteropTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssTcpInteropTest.java
index dca4f4d..c101d0d 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssTcpInteropTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssTcpInteropTest.java
@@ -19,36 +19,11 @@
  */
 package org.apache.kerby.kerberos.kdc;
 
-import java.io.File;
-
-import org.junit.Before;
-
 /**
  * This is an interop test using the Java GSS APIs against the Kerby KDC (using TCP)
  */
 public class GssTcpInteropTest extends GssInteropTestBase {
 
-    @Before
-    @Override
-    public void setUp() throws Exception {
-        super.setUp();
-
-        File file1 = new File(this.getClass().getResource("/kerberos.jaas").getPath());
-        String content1 = getFileContent(file1.getPath());
-        String path1 = writeToTestDir(content1, file1.getName());
-
-        // System.setProperty("sun.security.krb5.debug", "true");
-        System.setProperty("java.security.auth.login.config", path1);
-
-        // Read in krb5.conf and substitute in the correct port
-        File file2 = new File(this.getClass().getResource("/krb5.conf").getPath());
-        String content2 = getFileContent(file2.getPath());
-        content2 = content2.replaceAll("port", "" + getTcpPort());
-        String path2 = writeToTestDir(content2, file2.getName());
-
-        System.setProperty("java.security.krb5.conf", path2);
-    }
-
     @Override
     protected boolean allowUdp() {
         return false;

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssUdpInteropTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssUdpInteropTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssUdpInteropTest.java
index e2ccd31..a3e8c55 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssUdpInteropTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/GssUdpInteropTest.java
@@ -19,39 +19,13 @@
  */
 package org.apache.kerby.kerberos.kdc;
 
-import org.junit.Before;
-
-import java.io.File;
-
 /**
  * This is an interop test using the Java GSS APIs against the Kerby KDC (using UDP)
  */
 public class GssUdpInteropTest extends GssInteropTestBase {
 
-    @Before
-    @Override
-    public void setUp() throws Exception {
-        super.setUp();
-
-        File file1 = new File(getClass().getResource("/kerberos.jaas").getPath());
-        String content1 = getFileContent(file1.getPath());
-        String path1 = writeToTestDir(content1, file1.getName());
-
-        // System.setProperty("sun.security.krb5.debug", "true");
-        System.setProperty("java.security.auth.login.config", path1);
-
-        // Read in krb5.conf and substitute in the correct port
-        File file2 = new File(getClass().getResource("/krb5-udp.conf").getPath());
-        String content2 = getFileContent(file2.getPath());
-        content2 = content2.replaceAll("port", "" + getUdpPort());
-        String path2 = writeToTestDir(content2, file2.getName());
-
-        System.setProperty("java.security.krb5.conf", path2);
-    }
-
     @Override
     protected boolean allowUdp() {
         return true;
     }
-
 }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/JsonBackendKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/JsonBackendKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/JsonBackendKdcTest.java
index c5815d8..ad60ef4 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/JsonBackendKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/JsonBackendKdcTest.java
@@ -20,6 +20,7 @@
 package org.apache.kerby.kerberos.kdc;
 
 import org.apache.kerby.kerberos.kdc.identitybackend.JsonIdentityBackend;
+import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.server.BackendConfig;
 import org.apache.kerby.kerberos.kerb.server.KdcConfigKey;
 import org.junit.AfterClass;
@@ -31,14 +32,14 @@ public class JsonBackendKdcTest extends KerbyKdcTest {
     private static File jsonBackendFile;
 
     @Override
-    protected void prepareKdcServer() throws Exception {
-        super.prepareKdcServer();
+    protected void prepareKdc() throws KrbException {
+        super.prepareKdc();
 
         File testDir = new File(System.getProperty("test.dir", "target"));
         jsonBackendFile = new File(testDir, "json-backend-file");
         String jsonBackendFileString = jsonBackendFile.getAbsolutePath();
 
-        BackendConfig backendConfig = kdcServer.getBackendConfig();
+        BackendConfig backendConfig = getKdcServer().getBackendConfig();
         backendConfig.setString(
                 JsonIdentityBackend.JSON_IDENTITY_BACKEND_FILE, jsonBackendFileString);
         backendConfig.setString(KdcConfigKey.KDC_IDENTITY_BACKEND,

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/KerbyKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/KerbyKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/KerbyKdcTest.java
index 394c9ce..2f08601 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/KerbyKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/KerbyKdcTest.java
@@ -20,6 +20,7 @@
 package org.apache.kerby.kerberos.kdc;
 
 import org.apache.kerby.kerberos.kdc.impl.NettyKdcServerImpl;
+import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.server.KdcTestBase;
 import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
 import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
@@ -30,10 +31,10 @@ import static org.assertj.core.api.Assertions.assertThat;
 public abstract class KerbyKdcTest extends KdcTestBase {
 
     @Override
-    protected void prepareKdcServer() throws Exception {
-        super.prepareKdcServer();
-        kdcServer.setInnerKdcImpl(
-                new NettyKdcServerImpl(kdcServer.getSetting()));
+    protected void prepareKdc() throws KrbException {
+        super.prepareKdc();
+        getKdcServer().setInnerKdcImpl(
+                new NettyKdcServerImpl(getKdcServer().getKdcSetting()));
     }
 
     protected void performKdcTest() throws Exception {
@@ -41,11 +42,11 @@ public abstract class KerbyKdcTest extends KdcTestBase {
         ServiceTicket tkt;
 
         try {
-            tgt = krbClnt.requestTgtWithPassword(getClientPrincipal(),
-                    getClientPassword());
+            tgt = getKrbClient().requestTgtWithPassword(
+                    getClientPrincipal(), getClientPassword());
             assertThat(tgt).isNotNull();
 
-            tkt = krbClnt.requestServiceTicketWithTgt(tgt, getServerPrincipal());
+            tkt = getKrbClient().requestServiceTicketWithTgt(tgt, getServerPrincipal());
             assertThat(tkt).isNotNull();
         } catch (Exception e) {
             System.out.println("Exception occurred with good password");

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyTcpForNettyKdcNetworkTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyTcpForNettyKdcNetworkTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyTcpForNettyKdcNetworkTest.java
index 6b46e8e..86f5214 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyTcpForNettyKdcNetworkTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyTcpForNettyKdcNetworkTest.java
@@ -20,6 +20,7 @@
 package org.apache.kerby.kerberos.kdc;
 
 import org.apache.kerby.kerberos.kdc.identitybackend.JsonIdentityBackend;
+import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.server.BackendConfig;
 import org.junit.AfterClass;
 import org.junit.Test;
@@ -37,19 +38,24 @@ public class OnlyTcpForNettyKdcNetworkTest extends KerbyKdcTest {
     }
 
     @Override
+    protected boolean allowTcp() {
+        return true;
+    }
+
+    @Override
     protected boolean allowUdp() {
         return false;
     }
 
     @Override
-    protected void prepareKdcServer() throws Exception {
-        super.prepareKdcServer();
+    protected void prepareKdc() throws KrbException {
+        super.prepareKdc();
 
         File testDir = new File(System.getProperty("test.dir", "target"));
         jsonBackendFile = new File(testDir, "json-backend-file");
         String jsonBackendFileString = jsonBackendFile.getAbsolutePath();
 
-        BackendConfig backendConfig = kdcServer.getBackendConfig();
+        BackendConfig backendConfig = getKdcServer().getBackendConfig();
         backendConfig.setString(
                 JsonIdentityBackend.JSON_IDENTITY_BACKEND_FILE, jsonBackendFileString);
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyUdpForNettyKdcNetworkTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyUdpForNettyKdcNetworkTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyUdpForNettyKdcNetworkTest.java
index 0097eec..c844380 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyUdpForNettyKdcNetworkTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/OnlyUdpForNettyKdcNetworkTest.java
@@ -20,6 +20,7 @@
 package org.apache.kerby.kerberos.kdc;
 
 import org.apache.kerby.kerberos.kdc.identitybackend.JsonIdentityBackend;
+import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.server.BackendConfig;
 import org.junit.AfterClass;
 import org.junit.Test;
@@ -42,14 +43,19 @@ public class OnlyUdpForNettyKdcNetworkTest extends KerbyKdcTest {
     }
 
     @Override
-    protected void prepareKdcServer() throws Exception {
-        super.prepareKdcServer();
+    protected boolean allowUdp() {
+        return true;
+    }
+
+    @Override
+    protected void prepareKdc() throws KrbException {
+        super.prepareKdc();
 
         File testDir = new File(System.getProperty("test.dir", "target"));
         jsonBackendFile = new File(testDir, "json-backend-file");
         String jsonBackendFileString = jsonBackendFile.getAbsolutePath();
 
-        BackendConfig backendConfig = kdcServer.getBackendConfig();
+        BackendConfig backendConfig = getKdcServer().getBackendConfig();
         backendConfig.setString(
                 JsonIdentityBackend.JSON_IDENTITY_BACKEND_FILE,
                 jsonBackendFileString);

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithAccessTokenKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithAccessTokenKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithAccessTokenKdcTest.java
index cb23513..d815e37 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithAccessTokenKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithAccessTokenKdcTest.java
@@ -29,7 +29,7 @@ public class WithAccessTokenKdcTest extends WithTokenKdcTestBase {
         prepareToken(getServerPrincipal());
         createCredentialCache(getClientPrincipal(), getClientPassword());
 
-        ServiceTicket serviceTicket = krbClnt.requestServiceTicketWithAccessToken(
+        ServiceTicket serviceTicket = getKrbClient().requestServiceTicketWithAccessToken(
             getKrbToken(), getServerPrincipal(), getcCacheFile().getPath());
         verifyTicket(serviceTicket);
 

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithIdentityTokenKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithIdentityTokenKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithIdentityTokenKdcTest.java
index 2a78f01..045da51 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithIdentityTokenKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithIdentityTokenKdcTest.java
@@ -36,14 +36,16 @@ public class WithIdentityTokenKdcTest extends WithTokenKdcTestBase {
 
         TgtTicket tgt = null;
         try {
-            tgt = krbClnt.requestTgtWithToken(getKrbToken(), getcCacheFile().getPath());
+            tgt = getKrbClient().requestTgtWithToken(getKrbToken(),
+                    getcCacheFile().getPath());
         } catch (KrbException e) {
             assertThat(e.getMessage().contains("timeout")).isTrue();
             return;
         }
         verifyTicket(tgt);
 
-        ServiceTicket tkt = krbClnt.requestServiceTicketWithTgt(tgt, getServerPrincipal());
+        ServiceTicket tkt = getKrbClient().requestServiceTicketWithTgt(tgt,
+                getServerPrincipal());
         verifyTicket(tkt);
     }
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTestBase.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTestBase.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTestBase.java
index 3e97223..01f490c 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTestBase.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/WithTokenKdcTestBase.java
@@ -58,13 +58,13 @@ public class WithTokenKdcTestBase extends KdcTestBase {
     @Override
     protected void createPrincipals() throws KrbException {
         super.createPrincipals();
-        kdcServer.createPrincipal(getClientPrincipal(), clientPassword);
+        getKdcServer().createPrincipal(getClientPrincipal(), getClientPassword());
     }
 
     @Override
     protected void deletePrincipals() throws KrbException {
         super.deletePrincipals();
-        kdcServer.deletePrincipal(getClientPrincipal());
+        getKdcServer().deletePrincipal(getClientPrincipal());
     }
 
     protected AuthToken getKrbToken() {
@@ -104,14 +104,9 @@ public class WithTokenKdcTestBase extends KdcTestBase {
         return krbToken;
     }
 
-    @Override
-    protected void prepareKdcServer() throws Exception {
-        super.prepareKdcServer();
-    }
-
     protected File createCredentialCache(String principal,
                                        String password) throws Exception {
-        TgtTicket tgt = krbClnt.requestTgtWithPassword(principal, password);
+        TgtTicket tgt = getKrbClient().requestTgtWithPassword(principal, password);
         writeTgtToCache(tgt, principal);
         return cCacheFile;
     }
@@ -137,7 +132,7 @@ public class WithTokenKdcTestBase extends KdcTestBase {
 
     protected void verifyTicket(AbstractServiceTicket ticket) {
         assertThat(ticket).isNotNull();
-        assertThat(ticket.getRealm()).isEqualTo(kdcServer.getKdcRealm());
+        assertThat(ticket.getRealm()).isEqualTo(getKdcServer().getKdcSetting().getKdcRealm());
         assertThat(ticket.getTicket()).isNotNull();
         assertThat(ticket.getSessionKey()).isNotNull();
         assertThat(ticket.getEncKdcRepPart()).isNotNull();

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/ZookeeperBackendKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/ZookeeperBackendKdcTest.java b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/ZookeeperBackendKdcTest.java
index fda0f4b..2c62232 100644
--- a/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/ZookeeperBackendKdcTest.java
+++ b/kerby-kdc-test/src/test/java/org/apache/kerby/kerberos/kdc/ZookeeperBackendKdcTest.java
@@ -20,6 +20,7 @@
 package org.apache.kerby.kerberos.kdc;
 
 import org.apache.kerby.kerberos.kdc.identitybackend.ZKConfKey;
+import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.server.BackendConfig;
 import org.apache.kerby.kerberos.kerb.server.KdcConfigKey;
 import org.junit.AfterClass;
@@ -47,10 +48,10 @@ public class ZookeeperBackendKdcTest extends KerbyKdcTest {
     }
 
     @Override
-    protected void prepareKdcServer() throws Exception {
-        super.prepareKdcServer();
+    protected void prepareKdc() throws KrbException {
+        super.prepareKdc();
 
-        BackendConfig backendConfig = kdcServer.getBackendConfig();
+        BackendConfig backendConfig = getKdcServer().getBackendConfig();
 
         File testDir = new File(System.getProperty("test.dir", "target"));
         instanceDir = new File(testDir, "zookeeper");

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/resources/krb5-udp.conf
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/resources/krb5-udp.conf b/kerby-kdc-test/src/test/resources/krb5-udp.conf
deleted file mode 100644
index 1e878bd..0000000
--- a/kerby-kdc-test/src/test/resources/krb5-udp.conf
+++ /dev/null
@@ -1,8 +0,0 @@
-[libdefaults]
-    default_realm = TEST.COM
-    permitted_enctypes = des-cbc-crc aes128-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1-kd
-
-[realms]
-    TEST.COM = {
-        kdc = localhost:port
-    }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc-test/src/test/resources/krb5.conf
----------------------------------------------------------------------
diff --git a/kerby-kdc-test/src/test/resources/krb5.conf b/kerby-kdc-test/src/test/resources/krb5.conf
deleted file mode 100644
index d1361d9..0000000
--- a/kerby-kdc-test/src/test/resources/krb5.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-[libdefaults]
-    default_realm = TEST.COM
-    udp_preference_limit = 1
-    permitted_enctypes = des-cbc-crc aes128-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1-kd
-
-[realms]
-    TEST.COM = {
-        kdc = localhost:port
-    }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
index e088d5a..e07021c 100644
--- a/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
+++ b/kerby-kdc/src/main/java/org/apache/kerby/kerberos/kdc/KerbyKdcServer.java
@@ -33,14 +33,14 @@ public class KerbyKdcServer extends KdcServer {
     private Kadmin kadmin;
     public KerbyKdcServer(File confDir) throws KrbException {
         super(confDir);
-        setInnerKdcImpl(new NettyKdcServerImpl(getSetting()));
+        setInnerKdcImpl(new NettyKdcServerImpl(getKdcSetting()));
     }
 
     @Override
     public void init() throws KrbException {
         super.init();
 
-        kadmin = new Kadmin(getSetting(), getIdentityService());
+        kadmin = new Kadmin(getKdcSetting(), getIdentityService());
 
         kadmin.createBuiltinPrincipals();
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/ClientUtil.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/ClientUtil.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/ClientUtil.java
index 934a78b..c6244f5 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/ClientUtil.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/ClientUtil.java
@@ -46,7 +46,8 @@ public final class ClientUtil {
                 krbConfig.addIniConfig(confFile);
                 return krbConfig;
             } catch (IOException e) {
-                throw new KrbException("Failed to load krb config " + confFile.getAbsolutePath());
+                throw new KrbException("Failed to load krb config " +
+                        confFile.getAbsolutePath());
             }
         }
 
@@ -70,7 +71,8 @@ public final class ClientUtil {
         if (tmpEnv != null) {
             confFile = new File(tmpEnv);
             if (!confFile.exists()) {
-                throw new KrbException("krb5 conf not found. Invalid env " + krb5EnvName);
+                throw new KrbException("krb5 conf not found. Invalid env "
+                        + krb5EnvName);
             }
         } else {
             confDir = new File("/etc/"); // for Linux. TODO: fix for Win etc.
@@ -79,16 +81,16 @@ public final class ClientUtil {
             }
         }
 
+        KrbConfig krbConfig = new KrbConfig();
         if (confFile != null && confFile.exists()) {
-            KrbConfig krbConfig = new KrbConfig();
             try {
                 krbConfig.addIniConfig(confFile);
-                return krbConfig;
             } catch (IOException e) {
-                throw new KrbException("Failed to load krb config " + confFile.getAbsolutePath());
+                throw new KrbException("Failed to load krb config " +
+                        confFile.getAbsolutePath());
             }
         }
 
-        return null;
+        return krbConfig;
     }
 }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
index e1b2529..4bbfdfa 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfig.java
@@ -48,7 +48,10 @@ public class KrbConfig extends Conf {
      */
     public int getKdcPort() {
         Integer kdcPort = getInt(KrbConfigKey.KDC_PORT);
-        return kdcPort.shortValue();
+        if (kdcPort != null) {
+            return kdcPort.shortValue();
+        }
+        return -1;
     }
 
     /**
@@ -57,7 +60,7 @@ public class KrbConfig extends Conf {
      */
     public int getKdcTcpPort() {
         Integer kdcPort = getInt(KrbConfigKey.KDC_TCP_PORT);
-        if (kdcPort > 0) {
+        if (kdcPort != null && kdcPort > 0) {
             return kdcPort.shortValue();
         }
         return getKdcPort();
@@ -84,7 +87,7 @@ public class KrbConfig extends Conf {
      */
     public int getKdcUdpPort() {
         Integer kdcPort = getInt(KrbConfigKey.KDC_UDP_PORT);
-        if (kdcPort > 0) {
+        if (kdcPort != null && kdcPort > 0) {
             return kdcPort.shortValue();
         }
         return getKdcPort();

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
index e644825..75478a7 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbConfigKey.java
@@ -24,11 +24,11 @@ import org.apache.kerby.kerberos.kerb.common.SectionConfigKey;
 public enum KrbConfigKey implements SectionConfigKey {
     KRB_DEBUG(true),
     KDC_HOST("localhost"),
-    KDC_PORT(8015),
+    KDC_PORT(),
     KDC_ALLOW_UDP(true),
     KDC_ALLOW_TCP(true),
-    KDC_UDP_PORT(8016),
-    KDC_TCP_PORT(8015),
+    KDC_UDP_PORT(),
+    KDC_TCP_PORT(),
     KDC_DOMAIN("example.com"),
     KDC_REALM("EXAMPLE.COM", "libdefaults"),
     TGS_PRINCIPAL("krbtgt@EXAMPLE.COM"),

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbSetting.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbSetting.java b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbSetting.java
index 59689a1..da99df0 100644
--- a/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbSetting.java
+++ b/kerby-kerb/kerb-client/src/main/java/org/apache/kerby/kerberos/kerb/client/KrbSetting.java
@@ -33,6 +33,11 @@ public class KrbSetting {
         this.krbConfig = config;
     }
 
+    public KrbSetting(KrbConfig config) {
+        this.commonOptions = new KOptions();
+        this.krbConfig = config;
+    }
+
     public KrbConfig getKrbConfig() {
         return krbConfig;
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/KrbClientSettingTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/KrbClientSettingTest.java b/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/KrbClientSettingTest.java
index 9377d30..6ccf8bd 100644
--- a/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/KrbClientSettingTest.java
+++ b/kerby-kerb/kerb-client/src/test/java/org/apache/kerby/kerberos/kerb/client/KrbClientSettingTest.java
@@ -29,12 +29,12 @@ public class KrbClientSettingTest {
     @Test
     public void testKdcServerMannualSetting() throws KrbException {
         KrbClient krbClient = new KrbClient();
+
         krbClient.setKdcHost("localhost");
         krbClient.setKdcRealm("TEST2.COM");
+        krbClient.setAllowUdp(false);
         krbClient.setKdcTcpPort(12345);
 
-        krbClient.init();
-
         KrbSetting krbSetting = krbClient.getSetting();
         assertThat(krbSetting.getKdcHost()).isEqualTo("localhost");
         assertThat(krbSetting.getKdcTcpPort()).isEqualTo(12345);

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbConfHelper.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbConfHelper.java b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbConfHelper.java
index 54d57e3..0933b56 100644
--- a/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbConfHelper.java
+++ b/kerby-kerb/kerb-common/src/main/java/org/apache/kerby/kerberos/kerb/common/KrbConfHelper.java
@@ -42,34 +42,34 @@ public class KrbConfHelper {
         if (subConfig != null) {
             return subConfig.getString(key);
         } else {
-            return (String) conf.getString(key);
+            return conf.getString(key);
         }
     }
 
-    public static boolean getBooleanUnderSection(Conf conf, SectionConfigKey key) {
+    public static Boolean getBooleanUnderSection(Conf conf, SectionConfigKey key) {
         Config subConfig = conf.getConfig(key.getSectionName());
         if (subConfig != null) {
             return subConfig.getBoolean(key);
         } else {
-            return (Boolean) conf.getBoolean(key);
+            return conf.getBoolean(key);
         }
     }
 
-    public static long getLongUnderSection(Conf conf, SectionConfigKey key) {
+    public static Long getLongUnderSection(Conf conf, SectionConfigKey key) {
         Config subConfig = conf.getConfig(key.getSectionName());
         if (subConfig != null) {
             return subConfig.getLong(key);
         } else {
-            return (Long) conf.getLong(key);
+            return conf.getLong(key);
         }
     }
 
-    public static int getIntUnderSection(Conf conf, SectionConfigKey key) {
+    public static Integer getIntUnderSection(Conf conf, SectionConfigKey key) {
         Config subConfig = conf.getConfig(key.getSectionName());
         if (subConfig != null) {
             return subConfig.getInt(key);
         } else {
-            return (Integer) conf.getInt(key);
+            return conf.getInt(key);
         }
     }
 
@@ -103,5 +103,4 @@ public class KrbConfHelper {
         }
         return results;
     }
-
 }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
index ba06551..cdf65af 100644
--- a/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
+++ b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcTestBase.java
@@ -21,10 +21,7 @@ package org.apache.kerby.kerberos.kerb.server;
 
 import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.client.KrbClient;
-import org.apache.kerby.kerberos.kerb.client.KrbConfig;
-import org.apache.kerby.kerberos.kerb.client.KrbConfigKey;
 import org.apache.kerby.util.IOUtil;
-import org.apache.kerby.util.NetworkUtil;
 import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Before;
@@ -36,20 +33,16 @@ import java.io.IOException;
 public abstract class KdcTestBase {
     private static File testDir;
 
-    private final String kdcRealm = "TEST.COM";
-    protected final String clientPassword = "123456";
+    private final String clientPassword = "123456";
     private final String hostname = "localhost";
     private final String clientPrincipalName = "drankye";
-    private final String clientPrincipal = clientPrincipalName + "@" + kdcRealm;
+    private final String clientPrincipal =
+            clientPrincipalName + "@" + TestKdcServer.kdcRealm;
     private final String serverPrincipalName = "test-service";
     private final String serverPrincipal =
-            serverPrincipalName + "/" + hostname + "@" + kdcRealm;
+            serverPrincipalName + "/" + hostname + "@" + TestKdcServer.kdcRealm;
 
-    private int tcpPort = -1;
-    private int udpPort = -1;
-
-    protected SimpleKdcServer kdcServer;
-    protected KrbClient krbClnt;
+    private SimpleKdcServer kdcServer;
 
     @BeforeClass
     public static void createTestDir() throws IOException {
@@ -67,10 +60,18 @@ public abstract class KdcTestBase {
         testDir.delete();
     }
 
-    public File getTestDir() {
+    protected File getTestDir() {
         return testDir;
     }
 
+    protected SimpleKdcServer getKdcServer() {
+        return kdcServer;
+    }
+
+    protected KrbClient getKrbClient() {
+        return kdcServer.getKrbClient();
+    }
+
     protected String getClientPrincipalName() {
         return clientPrincipalName;
     }
@@ -99,14 +100,6 @@ public abstract class KdcTestBase {
         return true;
     }
 
-    protected int getTcpPort() {
-        return tcpPort;
-    }
-
-    protected int getUdpPort() {
-        return udpPort;
-    }
-
     protected String getFileContent(String path) throws IOException {
         return IOUtil.readFile(new File(path));
     }
@@ -123,14 +116,6 @@ public abstract class KdcTestBase {
 
     @Before
     public void setUp() throws Exception {
-        if (allowTcp()) {
-            tcpPort = NetworkUtil.getServerPort();
-        }
-
-        if (allowUdp()) {
-            udpPort = NetworkUtil.getServerPort();
-        }
-
         setUpKdcServer();
 
         createPrincipals();
@@ -138,65 +123,20 @@ public abstract class KdcTestBase {
         setUpClient();
     }
 
-    /**
-     * Prepare KrbClient startup options and config.
-     * @throws Exception
-     */
-    protected void prepareKrbClient() throws Exception {
-
-    }
-
-    /**
-     * Prepare KDC startup options and config.
-     * @throws Exception
-     */
-    protected void prepareKdcServer() throws Exception {
-        kdcServer.setKdcRealm(kdcRealm);
-        kdcServer.setKdcHost(hostname);
-        kdcServer.setAllowTcp(allowTcp());
-        if (tcpPort > 0) {
-            kdcServer.setKdcTcpPort(tcpPort);
-        }
-
-        kdcServer.setAllowUdp(allowUdp());
-        if (udpPort > 0) {
-            kdcServer.setKdcUdpPort(udpPort);
-        }
+    protected void prepareKdc() throws KrbException {
+        kdcServer.init();
     }
 
     protected void setUpKdcServer() throws Exception {
-        kdcServer = new SimpleKdcServer();
-
-        prepareKdcServer();
+        kdcServer = new TestKdcServer(allowTcp(), allowUdp());
+        kdcServer.setWorkDir(testDir);
 
-        kdcServer.init();
+        prepareKdc();
 
         kdcServer.start();
     }
 
     protected void setUpClient() throws Exception {
-        KrbConfig krbConfig = new KrbConfig();
-        krbConfig.setString(KrbConfigKey.PERMITTED_ENCTYPES,
-            "aes128-cts-hmac-sha1-96 des-cbc-crc des-cbc-md5 des3-cbc-sha1");
-
-        krbClnt = new KrbClient(krbConfig);
-
-        krbClnt.setKdcHost(hostname);
-        krbClnt.setAllowTcp(allowTcp());
-        if (tcpPort > 0) {
-            krbClnt.setKdcTcpPort(tcpPort);
-        }
-        krbClnt.setAllowUdp(allowUdp());
-        if (udpPort > 0) {
-            krbClnt.setKdcUdpPort(udpPort);
-        }
-
-        krbClnt.setTimeout(10 * 1000);
-        krbClnt.setKdcRealm(kdcServer.getKdcRealm());
-
-        prepareKrbClient();
-
-        krbClnt.init();
     }
 
     protected void createPrincipals() throws KrbException {
@@ -205,6 +145,7 @@ public abstract class KdcTestBase {
     }
 
     protected void deletePrincipals() throws KrbException {
+        kdcServer.getKadmin().deleteBuiltinPrincipals();
         kdcServer.deletePrincipals(serverPrincipal);
         kdcServer.deletePrincipal(clientPrincipal);
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
new file mode 100644
index 0000000..4395f4b
--- /dev/null
+++ b/kerby-kerb/kerb-kdc-test/src/main/java/org/apache/kerby/kerberos/kerb/server/TestKdcServer.java
@@ -0,0 +1,54 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.client.KrbClient;
+import org.apache.kerby.kerberos.kerb.client.KrbConfig;
+import org.apache.kerby.kerberos.kerb.client.KrbConfigKey;
+import org.apache.kerby.util.NetworkUtil;
+
+public class TestKdcServer extends SimpleKdcServer {
+    public final static String kdcRealm = "TEST.COM";
+    public final static String hostname = "localhost";
+
+    public TestKdcServer(boolean allowTcp, boolean allowUdp) throws KrbException {
+        super();
+
+        setKdcRealm(kdcRealm);
+        setKdcHost(hostname);
+        setAllowTcp(allowTcp);
+        setAllowUdp(allowUdp);
+
+        if (allowTcp) {
+            setKdcTcpPort(NetworkUtil.getServerPort());
+        }
+        if (allowUdp) {
+            setKdcUdpPort(NetworkUtil.getServerPort());
+        }
+
+        KrbClient krbClnt = getKrbClient();
+        KrbConfig krbConfig = krbClnt.getKrbConfig();
+        krbConfig.setString(KrbConfigKey.PERMITTED_ENCTYPES,
+                "aes128-cts-hmac-sha1-96 des-cbc-crc des-cbc-md5 des3-cbc-sha1");
+
+        krbClnt.setTimeout(10 * 1000);
+    }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/GssInteropTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/GssInteropTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/GssInteropTest.java
index 5968ce1..b6d1d8e 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/GssInteropTest.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/GssInteropTest.java
@@ -43,31 +43,28 @@ import java.util.Set;
  */
 public class GssInteropTest extends KdcTestBase {
 
+    protected boolean allowUdp() {
+        return false;
+    }
+
     @Before
     @Override
     public void setUp() throws Exception {
         super.setUp();
 
-        File file1 = new File(this.getClass().getResource("/kerberos.jaas").getPath());
+        File file1 = new File(this.getClass().getResource(
+                "/kerberos.jaas").getPath());
         String content1 = getFileContent(file1.getPath());
         String path1 = writeToTestDir(content1, file1.getName());
 
         // System.setProperty("sun.security.krb5.debug", "true");
         System.setProperty("java.security.auth.login.config", path1);
-
-        // Read in krb5.conf and substitute in the correct port
-        File file2 = new File(this.getClass().getResource("/krb5.conf").getPath());
-        String content2 = getFileContent(file2.getPath());
-        content2 = content2.replaceAll("port", "" + getTcpPort());
-        String path2 = writeToTestDir(content2, file2.getName());
-
-        System.setProperty("java.security.krb5.conf", path2);
     }
 
     @Override
     protected void createPrincipals() throws KrbException {
-        kdcServer.createPrincipal(getClientPrincipal(), getClientPassword());
-        kdcServer.createPrincipal(getServerPrincipal(), getServerPassword());
+        getKdcServer().createPrincipal(getClientPrincipal(), getClientPassword());
+        getKdcServer().createPrincipal(getServerPrincipal(), getServerPassword());
     }
 
     private String getServerPassword() {
@@ -132,7 +129,7 @@ public class GssInteropTest extends KdcTestBase {
                         pc.setPassword(getClientPassword().toCharArray());
                         break;
                     } else if (pc.getPrompt().contains(getServerPrincipalName())) {
-                        pc.setPassword(clientPassword.toCharArray());
+                        pc.setPassword(getClientPassword().toCharArray());
                         break;
                     }
                 }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcSettingTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcSettingTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcSettingTest.java
index 5ee75af..a48a20e 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcSettingTest.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcSettingTest.java
@@ -35,7 +35,7 @@ public class KdcSettingTest {
 
         kerbServer.init();
 
-        KdcSetting kdcSetting = kerbServer.getSetting();
+        KdcSetting kdcSetting = kerbServer.getKdcSetting();
         assertThat(kdcSetting.getKdcHost()).isEqualTo("localhost");
         assertThat(kdcSetting.getKdcTcpPort()).isEqualTo(12345);
         assertThat(kdcSetting.getKdcRealm()).isEqualTo("TEST2.COM");

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
index 80da80f..5fcc9fd 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/KdcTest.java
@@ -23,8 +23,6 @@ import org.apache.kerby.kerberos.kerb.spec.ticket.ServiceTicket;
 import org.apache.kerby.kerberos.kerb.spec.ticket.TgtTicket;
 import org.junit.Assert;
 
-import java.io.File;
-
 import static org.assertj.core.api.Assertions.assertThat;
 
 public abstract class KdcTest extends KdcTestBase {
@@ -34,11 +32,11 @@ public abstract class KdcTest extends KdcTestBase {
         ServiceTicket tkt;
 
         try {
-            tgt = krbClnt.requestTgtWithPassword(getClientPrincipal(),
+            tgt = getKrbClient().requestTgtWithPassword(getClientPrincipal(),
                     getClientPassword());
             assertThat(tgt).isNotNull();
 
-            tkt = krbClnt.requestServiceTicketWithTgt(tgt, getServerPrincipal());
+            tkt = getKrbClient().requestServiceTicketWithTgt(tgt, getServerPrincipal());
             assertThat(tkt).isNotNull();
         } catch (Exception e) {
             System.out.println("Exception occurred with good password");

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/MultiRequestsKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/MultiRequestsKdcTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/MultiRequestsKdcTest.java
index 81c48bb..82fa7dc 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/MultiRequestsKdcTest.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/MultiRequestsKdcTest.java
@@ -38,7 +38,7 @@ public class MultiRequestsKdcTest extends KdcTestBase {
     protected void createPrincipals() throws KrbException {
         super.createPrincipals();
         clientPrincipal = getClientPrincipal();
-        kdcServer.createPrincipal(clientPrincipal, password);
+        getKdcServer().createPrincipal(clientPrincipal, password);
     }
 
     @Test
@@ -48,11 +48,11 @@ public class MultiRequestsKdcTest extends KdcTestBase {
 
         // With good password
         try {
-            tgt = krbClnt.requestTgtWithPassword(clientPrincipal, password);
+            tgt = getKrbClient().requestTgtWithPassword(clientPrincipal, password);
             assertThat(tgt).isNotNull();
 
             serverPrincipal = getServerPrincipal();
-            tkt = krbClnt.requestServiceTicketWithTgt(tgt, serverPrincipal);
+            tkt = getKrbClient().requestServiceTicketWithTgt(tgt, serverPrincipal);
             assertThat(tkt).isNotNull();
         } catch (Exception e) {
             System.out.println("Exception occurred with good password");
@@ -70,10 +70,10 @@ public class MultiRequestsKdcTest extends KdcTestBase {
 
         // With good password again
         try {
-            tgt = krbClnt.requestTgtWithPassword(clientPrincipal, password);
+            tgt = getKrbClient().requestTgtWithPassword(clientPrincipal, password);
             assertThat(tgt).isNotNull();
 
-            tkt = krbClnt.requestServiceTicketWithTgt(tgt, serverPrincipal);
+            tkt = getKrbClient().requestServiceTicketWithTgt(tgt, serverPrincipal);
             assertThat(tkt).isNotNull();
         } catch (Exception e) {
             System.out.println("Exception occurred with good password again");

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyTcpKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyTcpKdcTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyTcpKdcTest.java
index e7e956b..57f1f8d 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyTcpKdcTest.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyTcpKdcTest.java
@@ -24,6 +24,11 @@ import org.junit.Test;
 public class OnlyTcpKdcTest extends KdcTest {
 
     @Override
+    protected boolean allowTcp() {
+        return true;
+    }
+
+    @Override
     protected boolean allowUdp() {
         return false;
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyUdpKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyUdpKdcTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyUdpKdcTest.java
index 9bfd7bc..4cbcb2a 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyUdpKdcTest.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/OnlyUdpKdcTest.java
@@ -28,6 +28,11 @@ public class OnlyUdpKdcTest extends KdcTest {
         return false;
     }
 
+    @Override
+    protected boolean allowUdp() {
+        return true;
+    }
+
     @Test
     public void testKdc() throws Exception {
         performKdcTest();

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TcpAndUdpKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TcpAndUdpKdcTest.java b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TcpAndUdpKdcTest.java
index 673eeb4..2e25fbb 100644
--- a/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TcpAndUdpKdcTest.java
+++ b/kerby-kerb/kerb-kdc-test/src/test/java/org/apache/kerby/kerberos/kerb/server/TcpAndUdpKdcTest.java
@@ -28,6 +28,11 @@ public class TcpAndUdpKdcTest extends KdcTest {
         return true;
     }
 
+    @Override
+    protected boolean allowTcp() {
+        return true;
+    }
+
     @Test
     public void testKdc() throws Exception {
         performKdcTest();

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-kdc-test/src/test/resources/krb5.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-kdc-test/src/test/resources/krb5.conf b/kerby-kerb/kerb-kdc-test/src/test/resources/krb5.conf
deleted file mode 100644
index e2fa16a..0000000
--- a/kerby-kerb/kerb-kdc-test/src/test/resources/krb5.conf
+++ /dev/null
@@ -1,8 +0,0 @@
-[libdefaults]
-	default_realm = TEST.COM
-	udp_preference_limit = 1
-
-[realms]
-	TEST.COM = {
-		kdc = localhost:port
-	}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
index 15e2347..d8747cc 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfig.java
@@ -6,16 +6,16 @@
  *  to you under the Apache License, Version 2.0 (the
  *  "License"); you may not use this file except in compliance
  *  with the License.  You may obtain a copy of the License at
- *  
+ *
  *    http://www.apache.org/licenses/LICENSE-2.0
- *  
+ *
  *  Unless required by applicable law or agreed to in writing,
  *  software distributed under the License is distributed on an
  *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  *  KIND, either express or implied.  See the License for the
  *  specific language governing permissions and limitations
  *  under the License. 
- *  
+ *
  */
 package org.apache.kerby.kerberos.kerb.server;
 
@@ -45,30 +45,41 @@ public class KdcConfig extends Conf {
     public int getKdcPort() {
         Integer kdcPort =  KrbConfHelper.getIntUnderSection(this,
                 KdcConfigKey.KDC_PORT);
-        return kdcPort.intValue();
+        if (kdcPort != null && kdcPort > 0) {
+            return kdcPort.intValue();
+        }
+        return -1;
     }
 
     public int getKdcTcpPort() {
         Integer kdcTcpPort =  KrbConfHelper.getIntUnderSection(this,
                 KdcConfigKey.KDC_TCP_PORT);
-        if (kdcTcpPort > 0) {
+        if (kdcTcpPort != null && kdcTcpPort > 0) {
             return kdcTcpPort.intValue();
         }
         return getKdcPort();
     }
 
     /**
+     * Is to allow TCP for KDC
+     * @return true to allow TCP, false otherwise
+     */
+    public Boolean allowTcp() {
+        return getBoolean(KdcConfigKey.KDC_ALLOW_TCP);
+    }
+
+    /**
      * Is to allow UDP for KDC
      * @return true to allow UDP, false otherwise
      */
-    public boolean allowKdcUdp() {
+    public Boolean allowUdp() {
         return getBoolean(KdcConfigKey.KDC_ALLOW_UDP);
     }
 
     public int getKdcUdpPort() {
         Integer kdcUdpPort = KrbConfHelper.getIntUnderSection(this,
                 KdcConfigKey.KDC_UDP_PORT);
-        if (kdcUdpPort > 0) {
+        if (kdcUdpPort != null && kdcUdpPort > 0) {
             return kdcUdpPort.intValue();
         }
         return getKdcPort();

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
index 02116e7..b071bd6 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcConfigKey.java
@@ -26,11 +26,12 @@ public enum KdcConfigKey implements SectionConfigKey {
     KRB_DEBUG(true),
     KDC_SERVICE_NAME("KDC-Server"),
     KDC_IDENTITY_BACKEND,
-    KDC_HOST("127.0.0.1", "kdcdefaults"),       // NOPMD
-    KDC_PORT(8015, "kdcdefaults"),
+    KDC_HOST("127.0.0.1", "kdcdefaults"),// NOPMD
+    KDC_PORT(null, "kdcdefaults"),
+    KDC_ALLOW_TCP(true, "kdcdefaults"),
     KDC_ALLOW_UDP(true, "kdcdefaults"),
-    KDC_UDP_PORT(8016, "kdcdefaults"),
-    KDC_TCP_PORT(8015, "kdcdefaults"),
+    KDC_UDP_PORT(null, "kdcdefaults"),
+    KDC_TCP_PORT(null, "kdcdefaults"),
     KDC_DOMAIN("example.com"),
     KDC_REALM("EXAMPLE.COM", "kdcdefaults"),
     PREAUTH_REQUIRED(true),

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
index f5465ad..5541a9e 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServer.java
@@ -105,6 +105,14 @@ public class KdcServer {
     }
 
     /**
+     * Set KDC port.
+     * @param kdcPort
+     */
+    public void setKdcPort(int kdcPort) {
+        startupOptions.add(KdcServerOption.KDC_PORT, kdcPort);
+    }
+
+    /**
      * Set KDC tcp port.
      * @param kdcTcpPort
      */
@@ -162,7 +170,7 @@ public class KdcServer {
      * Get KDC setting from startup options and configs.
      * @return setting
      */
-    public KdcSetting getSetting() {
+    public KdcSetting getKdcSetting() {
         return kdcSetting;
     }
 
@@ -205,6 +213,9 @@ public class KdcServer {
     }
 
     public void start() throws KrbException {
+        if (innerKdc == null) {
+            throw new RuntimeException("Not init yet");
+        }
         innerKdc.start();
     }
 

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java
index 9d5243a..b663887 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcServerOption.java
@@ -30,6 +30,7 @@ public enum KdcServerOption implements KOption {
     INNER_KDC_IMPL("inner KDC impl", KOptionType.OBJ),
     KDC_REALM("kdc realm", KOptionType.STR),
     KDC_HOST("kdc host", KOptionType.STR),
+    KDC_PORT("kdc port", KOptionType.INT),
     ALLOW_TCP("allow tcp", KOptionType.BOOL),
     KDC_TCP_PORT("kdc tcp port", KOptionType.INT),
     ALLOW_UDP("allow udp", KOptionType.BOOL),

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcSetting.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcSetting.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcSetting.java
index 16c21a8..64df7cf 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcSetting.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/KdcSetting.java
@@ -70,15 +70,36 @@ public class KdcSetting {
         if (tcpPort < 1) {
             tcpPort = kdcConfig.getKdcTcpPort();
         }
+        if (tcpPort < 1) {
+            tcpPort = getKdcPort();
+        }
+
         return tcpPort;
     }
 
+    public int getKdcPort() {
+        int kdcPort = startupOptions.getIntegerOption(KdcServerOption.KDC_PORT);
+        if (kdcPort < 1) {
+            kdcPort = kdcConfig.getKdcPort();
+        }
+        return kdcPort;
+    }
+
+    public boolean allowTcp() {
+        Boolean allowTcp = startupOptions.getBooleanOption(KdcServerOption.ALLOW_TCP);
+        if (allowTcp == null) {
+            allowTcp = kdcConfig.allowTcp();
+        }
+
+        return allowTcp != null ? allowTcp : false;
+    }
+
     public boolean allowUdp() {
         Boolean allowUdp = startupOptions.getBooleanOption(KdcServerOption.ALLOW_UDP);
         if (allowUdp == null) {
-            allowUdp = kdcConfig.allowKdcUdp();
+            allowUdp = kdcConfig.allowUdp();
         }
-        return allowUdp;
+        return allowUdp != null ? allowUdp : false;
     }
 
     public int getKdcUdpPort() {
@@ -86,6 +107,10 @@ public class KdcSetting {
         if (udpPort < 1) {
             udpPort = kdcConfig.getKdcUdpPort();
         }
+        if (udpPort < 1) {
+            udpPort = getKdcPort();
+        }
+
         return udpPort;
     }
 

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/impl/AbstractInternalKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/impl/AbstractInternalKdcServer.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/impl/AbstractInternalKdcServer.java
index 48d8cfc..52ec4d7 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/impl/AbstractInternalKdcServer.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/impl/AbstractInternalKdcServer.java
@@ -92,7 +92,7 @@ public class AbstractInternalKdcServer implements InternalKdcServer {
         try {
             doStop();
         } catch (Exception e) {
-            throw new KrbException("Failed to stop " + getServiceName());
+            throw new KrbException("Failed to stop " + getServiceName(), e);
         }
 
         started = false;

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcTest.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcTest.java b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcTest.java
index 8861bc5..3a49f75 100644
--- a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcTest.java
+++ b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcTest.java
@@ -19,6 +19,7 @@
  */
 package org.apache.kerby.kerberos.kerb.server;
 
+import org.apache.kerby.util.NetworkUtil;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
@@ -31,9 +32,8 @@ import java.nio.ByteBuffer;
 import java.nio.channels.SocketChannel;
 
 public class SimpleKdcTest {
-
     private String serverHost = "localhost";
-    private int serverPort = 0;
+    private int serverPort = -1;
 
     private KdcServer kdcServer;
 
@@ -41,7 +41,9 @@ public class SimpleKdcTest {
     public void setUp() throws Exception {
         kdcServer = new KdcServer();
         kdcServer.setKdcHost(serverHost);
-        serverPort = getServerPort();
+        kdcServer.setAllowUdp(false);
+        kdcServer.setAllowTcp(true);
+        serverPort = NetworkUtil.getServerPort();
         kdcServer.setKdcTcpPort(serverPort);
         kdcServer.init();
         kdcServer.start();
@@ -64,24 +66,6 @@ public class SimpleKdcTest {
 
         socketChannel.write(writeBuffer);
     }
-    
-    /**
-     * Get a server socket point for testing usage, either TCP or UDP.
-     * @return server socket point
-     */
-    private static int getServerPort() {
-        int serverPort = 0;
-
-        try {
-            ServerSocket serverSocket = new ServerSocket(0);
-            serverPort = serverSocket.getLocalPort();
-            serverSocket.close();
-        } catch (IOException e) {
-            throw new RuntimeException("Failed to get a server socket point");
-        }
-
-        return serverPort;
-    }
 
     @After
     public void tearDown() throws Exception {

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
index 2238b1a..29840bf 100644
--- a/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
+++ b/kerby-kerb/kerb-server/src/test/java/org/apache/kerby/kerberos/kerb/server/TestKdcConfigLoad.java
@@ -77,9 +77,7 @@ public class TestKdcConfigLoad {
 
         assertThat(kdcConfig.getKdcHost()).isEqualTo(
                 KdcConfigKey.KDC_HOST.getDefaultValue());
-        assertThat(kdcConfig.getKdcTcpPort()).isEqualTo(
-                KdcConfigKey.KDC_TCP_PORT.getDefaultValue()
-        );
+        assertThat(kdcConfig.getKdcTcpPort()).isEqualTo(-1);
         assertThat(kdcConfig.getKdcRealm()).isEqualTo(
                 KdcConfigKey.KDC_REALM.getDefaultValue()
         );

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-simplekdc/pom.xml
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-simplekdc/pom.xml b/kerby-kerb/kerb-simplekdc/pom.xml
index f71b4fc..8b1cdba 100644
--- a/kerby-kerb/kerb-simplekdc/pom.xml
+++ b/kerby-kerb/kerb-simplekdc/pom.xml
@@ -39,6 +39,11 @@
     </dependency>
     <dependency>
       <groupId>org.apache.kerby</groupId>
+      <artifactId>kerb-client</artifactId>
+      <version>${project.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.kerby</groupId>
       <artifactId>kerb-util</artifactId>
       <version>${project.version}</version>
     </dependency>

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/Krb5Conf.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/Krb5Conf.java b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/Krb5Conf.java
new file mode 100644
index 0000000..b96ba50
--- /dev/null
+++ b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/Krb5Conf.java
@@ -0,0 +1,53 @@
+package org.apache.kerby.kerberos.kerb.server;
+
+import org.apache.kerby.util.IOUtil;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * Generate krb5 file using given kdc server settings.
+ */
+public class Krb5Conf {
+    private static final String KRB5_CONF = "java.security.krb5.conf";
+    private static final String KRB5_CONF_FILE = "krb5.conf";
+    private SimpleKdcServer kdcServer;
+
+    public Krb5Conf(SimpleKdcServer kdcServer) {
+        this.kdcServer = kdcServer;
+    }
+
+    public void initKrb5conf() throws IOException {
+        File confFile = generateConfFile();
+        System.setProperty(KRB5_CONF, confFile.getAbsolutePath());
+    }
+
+    // Read in krb5.conf and substitute in the correct port
+    private File generateConfFile() throws IOException {
+        KdcSetting setting = kdcServer.getKdcSetting();
+
+        String resourcePath = setting.allowUdp() ? "/krb5_udp.conf" : "/krb5.conf";
+        InputStream templateResource = getClass().getResourceAsStream(resourcePath);
+        String templateContent = IOUtil.readInput(templateResource);
+
+        String content = templateContent;
+
+        content = content.replaceAll("_REALM_", "" + setting.getKdcRealm());
+
+        int kdcPort = setting.allowUdp() ? setting.getKdcUdpPort() :
+                setting.getKdcTcpPort();
+        content = content.replaceAll("_PORT_",
+                String.valueOf(kdcPort));
+
+        if (setting.allowUdp()) {
+            int udpLimit = setting.allowUdp() ? 1 : 4096;
+            content = content.replaceAll("_UDP_LIMIT_", String.valueOf(udpLimit));
+        }
+
+        File confFile = new File(kdcServer.getWorkDir(), KRB5_CONF_FILE);
+        IOUtil.writeFile(content, confFile);
+
+        return confFile;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
index 18ba81b..6acf37f 100644
--- a/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
+++ b/kerby-kerb/kerb-simplekdc/src/main/java/org/apache/kerby/kerberos/kerb/server/SimpleKdcServer.java
@@ -21,35 +21,102 @@ package org.apache.kerby.kerberos.kerb.server;
 
 import org.apache.kerby.kerberos.kerb.KrbException;
 import org.apache.kerby.kerberos.kerb.admin.Kadmin;
+import org.apache.kerby.kerberos.kerb.client.KrbClient;
 import org.apache.kerby.util.NetworkUtil;
 
 import java.io.File;
+import java.io.IOException;
 
 /**
- * A simple KDC server mainly for test usage.
+ * A simple KDC server mainly for test usage. It also integrates krb client and
+ * kadmin sides for convenience.
  */
 public class SimpleKdcServer extends KdcServer {
+    private final KrbClient krbClnt;
     private Kadmin kadmin;
 
-    /**
-     * Prepare KDC configuration.
-     */
-    public SimpleKdcServer() {
+    private File workDir;
+
+    public SimpleKdcServer() throws KrbException {
         super();
+        this.krbClnt = new KrbClient();
+
+        setKdcRealm("EXAMPLE.COM");
+        setKdcHost("localhost");
+        setKdcPort(NetworkUtil.getServerPort());
+    }
 
-        KdcConfig kdcConfig = getKdcConfig();
-        kdcConfig.setString(KdcConfigKey.KDC_HOST, "localhost");
-        kdcConfig.setInt(KdcConfigKey.KDC_PORT, NetworkUtil.getServerPort());
-        kdcConfig.setString(KdcConfigKey.KDC_REALM, "EXAMPLE.COM");
+    public void setWorkDir(File workDir) {
+        this.workDir = workDir;
+    }
+
+    public File getWorkDir() {
+        return workDir;
+    }
+
+    @Override
+    public void setKdcRealm(String realm) {
+        super.setKdcRealm(realm);
+        krbClnt.setKdcRealm(realm);
+    }
+
+    @Override
+    public void setKdcHost(String kdcHost) {
+        super.setKdcHost(kdcHost);
+        krbClnt.setKdcHost(kdcHost);
+    }
+
+    @Override
+    public void setKdcTcpPort(int kdcTcpPort) {
+        super.setKdcTcpPort(kdcTcpPort);
+        krbClnt.setKdcTcpPort(kdcTcpPort);
+        setAllowTcp(true);
+    }
+
+    @Override
+    public void setAllowUdp(boolean allowUdp) {
+        super.setAllowUdp(allowUdp);
+        krbClnt.setAllowUdp(allowUdp);
+    }
+
+    @Override
+    public void setAllowTcp(boolean allowTcp) {
+        super.setAllowTcp(allowTcp);
+        krbClnt.setAllowTcp(allowTcp);
+    }
+
+    @Override
+    public void setKdcUdpPort(int kdcUdpPort) {
+        super.setKdcUdpPort(kdcUdpPort);
+        krbClnt.setKdcUdpPort(kdcUdpPort);
+        setAllowUdp(true);
     }
 
     @Override
     public void init() throws KrbException {
         super.init();
 
-        kadmin = new Kadmin(getSetting(), getIdentityService());
+        kadmin = new Kadmin(getKdcSetting(), getIdentityService());
 
         kadmin.createBuiltinPrincipals();
+
+        try {
+            Krb5Conf krb5Conf = new Krb5Conf(this);
+            krb5Conf.initKrb5conf();
+        } catch (IOException e) {
+            throw new KrbException("Failed to make krb5.conf", e);
+        }
+    }
+
+    @Override
+    public void start() throws KrbException {
+        super.start();
+
+        krbClnt.init();
+    }
+
+    public KrbClient getKrbClient() {
+        return krbClnt;
     }
 
     /**
@@ -60,14 +127,6 @@ public class SimpleKdcServer extends KdcServer {
         return kadmin;
     }
 
-    public String getKdcRealm() {
-        return getSetting().getKdcRealm();
-    }
-
-    public String getKdcHost() {
-        return getSetting().getKdcHost();
-    }
-
     public void createPrincipal(String principal) throws KrbException {
         kadmin.addPrincipal(principal);
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-simplekdc/src/main/resources/krb5.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-simplekdc/src/main/resources/krb5.conf b/kerby-kerb/kerb-simplekdc/src/main/resources/krb5.conf
new file mode 100644
index 0000000..6ee7d8f
--- /dev/null
+++ b/kerby-kerb/kerb-simplekdc/src/main/resources/krb5.conf
@@ -0,0 +1,7 @@
+[libdefaults]
+    default_realm = _REALM_
+
+[realms]
+    _REALM_ = {
+        kdc = localhost:_PORT_
+    }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/kerby-kerb/kerb-simplekdc/src/main/resources/krb5_udp.conf
----------------------------------------------------------------------
diff --git a/kerby-kerb/kerb-simplekdc/src/main/resources/krb5_udp.conf b/kerby-kerb/kerb-simplekdc/src/main/resources/krb5_udp.conf
new file mode 100644
index 0000000..511587c
--- /dev/null
+++ b/kerby-kerb/kerb-simplekdc/src/main/resources/krb5_udp.conf
@@ -0,0 +1,8 @@
+[libdefaults]
+    default_realm = _REALM_
+    udp_preference_limit = _UDP_LIMIT_
+
+[realms]
+    _REALM_ = {
+        kdc = localhost:_PORT_
+    }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigImpl.java
----------------------------------------------------------------------
diff --git a/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigImpl.java b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigImpl.java
index 92cafe2..9836792 100644
--- a/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigImpl.java
+++ b/lib/kerby-config/src/main/java/org/apache/kerby/config/ConfigImpl.java
@@ -229,7 +229,8 @@ public class ConfigImpl implements Config {
     @Override
     public Boolean getBoolean(ConfigKey name) {
         if (name.getDefaultValue() != null) {
-            return getBoolean(name.getPropertyKey(), (Boolean) name.getDefaultValue());
+            return getBoolean(name.getPropertyKey(),
+                    (Boolean) name.getDefaultValue());
         }
         return getBoolean(name.getPropertyKey());
     }

http://git-wip-us.apache.org/repos/asf/directory-kerby/blob/497e0303/lib/kerby-util/src/main/java/org/apache/kerby/util/IOUtil.java
----------------------------------------------------------------------
diff --git a/lib/kerby-util/src/main/java/org/apache/kerby/util/IOUtil.java b/lib/kerby-util/src/main/java/org/apache/kerby/util/IOUtil.java
index 187b6f2..abfae3d 100644
--- a/lib/kerby-util/src/main/java/org/apache/kerby/util/IOUtil.java
+++ b/lib/kerby-util/src/main/java/org/apache/kerby/util/IOUtil.java
@@ -26,9 +26,21 @@ import java.nio.channels.FileChannel;
 /**
  * Some IO and file related utilities.
  */
-public class IOUtil {
+public final class IOUtil {
+    private IOUtil() {}
 
-    public static void readInputStream(InputStream in, byte buf[]) throws IOException {
+    public static byte[] readInputStream(InputStream in) throws IOException {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        byte[] buffer = new byte[1024];
+        int length = 0;
+        while ((length = in.read(buffer)) != -1) {
+            baos.write(buffer, 0, length);
+        }
+        return baos.toByteArray();
+    }
+
+    public static void readInputStream(InputStream in,
+                                       byte buf[]) throws IOException {
         int toRead = buf.length;
         int off = 0;
         while (toRead > 0) {
@@ -42,6 +54,17 @@ public class IOUtil {
     }
 
     /**
+     * Read an input stream and return the content as string assuming UTF8.
+     * @param in
+     * @return
+     * @throws IOException
+     */
+    public static String readInput(InputStream in) throws IOException {
+        byte[] content = readInputStream(in);
+        return Utf8.toString(content);
+    }
+
+    /**
      * Read a file and return the content as string assuming UTF8.
      * @param file
      * @return


Mime
View raw message