directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alejandro Abdelnur <tuc...@gmail.com>
Subject [ApacheDS] programmatically creating a keytab file with multiple principals
Date Mon, 05 Aug 2013 04:00:48 GMT
Hi,

I'm trying to create a keytab programmatically with multiple principals but
it is failing on write with the following error:

------
java.nio.BufferOverflowException
 at java.nio.HeapByteBuffer.put(HeapByteBuffer.java:182)
at
org.apache.directory.server.kerberos.shared.keytab.KeytabEncoder.putKeytabEntries(KeytabEncoder.java:83)
 at
org.apache.directory.server.kerberos.shared.keytab.KeytabEncoder.write(KeytabEncoder.java:48)
at
org.apache.directory.server.kerberos.shared.keytab.Keytab.write(Keytab.java:95)

------

If I create the keytab with a single principal it works just fine following
is the snippet on the keytab creation.

------
  protected void createPrincipal(File keytabFile, String ... principals)
      throws Exception {
    Keytab keytab = Keytab.getInstance();
    List<KeytabEntry> entries = new ArrayList<KeytabEntry>();
    for (String principal : principals) {
      createPrincipal(principal, "secret");
      String orgName= conf.getProperty(ORG_NAME);
      String orgDomain = conf.getProperty(ORG_DOMAIN);
      String realm = orgName.toUpperCase() + "." + orgDomain.toUpperCase();
      principal = principal + "@" + realm;
      KerberosTime timestamp = new KerberosTime();
      for (Map.Entry<EncryptionType, EncryptionKey> entry :
KerberosKeyFactory
          .getKerberosKeys(principal, "secret").entrySet()) {
        EncryptionKey ekey = entry.getValue();
        byte keyVersion = (byte) ekey.getKeyVersion();
        entries.add(new KeytabEntry(principal, 1L, timestamp, keyVersion,
ekey));
      }
    }
    keytab.setEntries(entries);
    keytab.write(keytabFile);
  }
------

I'd appreciate any hint on how to do this or if it is not possible.

Thanks.

Alejandro

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message