directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject A query on kerberos testing via annotations
Date Wed, 26 Nov 2014 15:20:39 GMT
Hi,

Following Emmanuel's excellent talk on LDAP testing at ApacheCon last week,
I was inspired to switch Apache WSS4J's kerberos integration tests to use
the annotation based approach, upgrading from Apache DS 1.5.7 -> 2.0.0-M19
in the process :-)

It's working fine but I have some thorny issues regarding ports that I
wanted to ask for some input on.

1) The first problem I faced is that the WSS4J code uses a krb5.conf to
configure kerberos, where the port of the KDC is specified (hence I can't
use the kdc system property, which only works with the default port).

My first thought was to use the build-helper-maven-plugin to reserve a
port, configure a placeholder in the krb5.conf + substitute the port number
via filtering, and then pass the port through to the test as a system
property in the surefire plugin. This works great, however I can't find a
way to use the port in the @CreateTransport annotation, which insists on
using a "constant" for the port.

I've resorted to reading in the krb5.conf in the test class, substituting
the port manually, and writing it out to target/test-classes + point to
this instead. Is there a better way?

2) I want to use a random (free) port to run the KDC on. However, if I
specify "port="-1"" in the annotation, it seems to hang, even though the
port returned by getKdcServer().getTcpPort() is "1024". If I manually use
"port=1024" it works fine. This looks like a bug to me, unless I am missing
something?

The test-class is here if anyone wants to try to replicate the latter issue:

http://svn.apache.org/viewvc/webservices/wss4j/trunk/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java?view=markup

(Set port=1024 and it works fine, port=-1 and it hangs).

Thanks,

Colm.

-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message