org.apache.kerby.util.NetworkUtil Java Examples

The following examples show how to use org.apache.kerby.util.NetworkUtil. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: FakeKDC.java    From gcp-token-broker with Apache License 2.0 7 votes vote down vote up 
/**
 * Start the server and create some temporary directories to store keytabs.
 */
public void start() {
    try {
        rootDir = Files.createTempDirectory("root");
        brokerKeytabDir = Files.createDirectory(rootDir.resolve("broker-keytabs"));
        userKeytabDir = Files.createDirectory(rootDir.resolve("user-keytabs"));

        // Initialize the KDC server
        kdcServer = new SimpleKdcServer();
        kdcServer.setWorkDir(rootDir.toFile());
        kdcServer.setKdcRealm(realm);
        kdcServer.setKdcHost("localhost");
        kdcServer.setAllowTcp(false);
        kdcServer.setAllowUdp(true);
        kdcServer.setKdcUdpPort(NetworkUtil.getServerPort());

        // Start the KDC server
        kdcServer.init();
        kdcServer.start();
    } catch (KrbException | IOException e) {
        throw new RuntimeException(e);
    }
}
Example #2
Source File: EmbeddedKRBServer.java    From elasticsearch-shield-kerberos-realm with Apache License 2.0 6 votes vote down vote up 
public void start(final File workDir) throws Exception {
    simpleKdcServer = new SimpleKdcServer();
    simpleKdcServer.enableDebug();
    simpleKdcServer.setKdcTcpPort(NetworkUtil.getServerPort());
    simpleKdcServer.setKdcUdpPort(NetworkUtil.getServerPort());
    simpleKdcServer.setAllowTcp(true);
    simpleKdcServer.setAllowUdp(true);
    simpleKdcServer.setKdcRealm(realm);
    simpleKdcServer.setKdcHost("localhost");
    FileUtils.forceMkdir(workDir);
    simpleKdcServer.setWorkDir(workDir);
    simpleKdcServer.setInnerKdcImpl(new NettyKdcServerImpl(simpleKdcServer.getKdcSetting()));
    simpleKdcServer.init();
    //System.setErr(new PrintStream(new NullOutputStream()));
    simpleKdcServer.start();
}
Example #3
Source File: TestKerberosUtils.java    From envelope with Apache License 2.0 5 votes vote down vote up 
@BeforeClass
public static void setup() throws Exception {
  // Create KDC
  kdcServer = new SimpleKdcServer();
  kdcServer.setKdcHost("localhost");
  kdcServer.setWorkDir(testFolder.newFolder("kdc"));
  kdcServer.setAllowUdp(false);
  kdcServer.setAllowTcp(true);
  kdcServer.setKdcRealm("ENVELOPE.LOCAL");
  int serverPort = NetworkUtil.getServerPort();
  kdcServer.setKdcTcpPort(serverPort);
  kdcServer.init();
  kdcServer.start();

  Kadmin kadmin = new LocalKadminImpl(kdcServer.getKdcSetting(), kdcServer.getIdentityService());
  kadmin.addPrincipal("[email protected]");
  kadmin.exportKeytab(new File(testFolder.getRoot(), "kt"),"[email protected]");

  // Create krb5.conf
  String configString = Files.toString(
      new File(ClassLoader.getSystemResource("security/krb5.conf.template").getPath()),
      Charsets.UTF_8
  ).replaceAll("%PORT%", Integer.toString(serverPort));
  try (Writer writer = new FileWriter(new File(testFolder.getRoot(), "krb5.conf"))) {
    writer.write(configString);
    writer.flush();
  }
}
Example #4
Source File: MiniKdc.java    From pulsar with Apache License 2.0 5 votes vote down vote up 
private void prepareKdcServer() throws Exception {
    // transport
    simpleKdc.setWorkDir(workDir);
    simpleKdc.setKdcHost(getHost());
    simpleKdc.setKdcRealm(realm);
    if (transport == null) {
        transport = conf.getProperty(TRANSPORT);
    }
    if (port == 0) {
        port = NetworkUtil.getServerPort();
    }
    if (transport != null) {
        if (transport.trim().equals("TCP")) {
            simpleKdc.setKdcTcpPort(port);
            simpleKdc.setAllowUdp(false);
        } else if (transport.trim().equals("UDP")) {
            simpleKdc.setKdcUdpPort(port);
            simpleKdc.setAllowTcp(false);
        } else {
            throw new IllegalArgumentException("Invalid transport: " + transport);
        }
    } else {
        throw new IllegalArgumentException("Need to set transport!");
    }
    simpleKdc.getKdcConfig().setString(KdcConfigKey.KDC_SERVICE_NAME,
            conf.getProperty(INSTANCE));
    if (conf.getProperty(DEBUG) != null) {
        krb5Debug = getAndSet(SUN_SECURITY_KRB5_DEBUG, conf.getProperty(DEBUG));
    }
}
Example #5
Source File: AbstractUnitTest.java    From elasticsearch-shield-kerberos-realm with Apache License 2.0 5 votes vote down vote up 
public final void startES(final Settings settings) throws Exception {
    FileUtils.copyFileToDirectory(getAbsoluteFilePathFromClassPath("roles.yml").toFile(), new File("testtmp/config/shield"));

    final Set<Integer> ports = new HashSet<>();
    do {
        ports.add(NetworkUtil.getServerPort());
    } while (ports.size() < 7);

    final Iterator<Integer> portIt = ports.iterator();

    elasticsearchHttpPort1 = portIt.next();
    elasticsearchHttpPort2 = portIt.next();
    elasticsearchHttpPort3 = portIt.next();

    //elasticsearchNodePort1 = portIt.next();
    //elasticsearchNodePort2 = portIt.next();
    //elasticsearchNodePort3 = portIt.next();

    esNode1 = new PluginEnabledNode(getDefaultSettingsBuilder(1, 0, elasticsearchHttpPort1, false, true).put(
            settings == null ? Settings.Builder.EMPTY_SETTINGS : settings).build(), Lists.newArrayList(ShieldPlugin.class, LicensePlugin.class, KerberosRealmPlugin.class)).start();
    client = esNode1.client();
    
    esNode2 = new PluginEnabledNode(getDefaultSettingsBuilder(2, 0, elasticsearchHttpPort2, true, true).put(
            settings == null ? Settings.Builder.EMPTY_SETTINGS : settings).build(), Lists.newArrayList(ShieldPlugin.class, LicensePlugin.class, KerberosRealmPlugin.class)).start();
    
    esNode3 = new PluginEnabledNode(getDefaultSettingsBuilder(3, 0, elasticsearchHttpPort3, true, false).put(
            settings == null ? Settings.Builder.EMPTY_SETTINGS : settings).build(), Lists.newArrayList(ShieldPlugin.class, LicensePlugin.class, KerberosRealmPlugin.class)).start();
    
    waitForGreenClusterState();
    final NodesInfoResponse nodeInfos = client().admin().cluster().prepareNodesInfo().get();
    final NodeInfo[] nodes = nodeInfos.getNodes();
    Assert.assertEquals(nodes + "", 3, nodes.length);
}
Example #6
Source File: KdcFixture.java    From tinkerpop with Apache License 2.0 5 votes vote down vote up 
TestKdcServer() throws KrbException {
    setKdcRealm(KDC_REALM);
    setKdcHost(HOSTNAME);
    setAllowTcp(true);
    setAllowUdp(false);    // There are still udp issues in Apache Directory-Kerby 1.0.0-RC2
    setKdcTcpPort(NetworkUtil.getServerPort());

    final KrbClient krbClnt = getKrbClient();
    final KrbConfig krbConfig = krbClnt.getKrbConfig();
    krbConfig.setString(KrbConfigKey.PERMITTED_ENCTYPES,
            "aes128-cts-hmac-sha1-96 des-cbc-crc des-cbc-md5 des3-cbc-sha1");
    krbClnt.setTimeout(10 * 1000);
}