org.apache.directory.server.kerberos.kdc.KdcServer Java Examples

The following examples show how to use org.apache.directory.server.kerberos.kdc.KdcServer. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SimpleLDAPAuthenticationManagerTest.java    From qpid-broker-j with Apache License 2.0 7 votes vote down vote up 
private void setUpKerberos() throws Exception
{
    final LdapServer ldapServer = LDAP.getLdapServer();
    final KdcServer kdcServer =
            ServerAnnotationProcessor.getKdcServer(LDAP.getDirectoryService(), ldapServer.getPort() + 1);
    kdcServer.getConfig().setPaEncTimestampRequired(false);

    final int port = kdcServer.getTransports()[0].getPort();
    final String krb5confPath = createKrb5Conf(port);
    SYSTEM_PROPERTY_SETTER.setSystemProperty("java.security.krb5.conf", krb5confPath);
    SYSTEM_PROPERTY_SETTER.setSystemProperty("java.security.krb5.realm", null);
    SYSTEM_PROPERTY_SETTER.setSystemProperty("java.security.krb5.kdc", null);

    final KerberosPrincipal servicePrincipal =
            new KerberosPrincipal(LDAP_SERVICE_NAME + "/" + HOSTNAME + "@" + REALM,
                                  KerberosPrincipal.KRB_NT_SRV_HST);
    final String servicePrincipalName = servicePrincipal.getName();
    ldapServer.setSaslHost(servicePrincipalName.substring(servicePrincipalName.indexOf("/") + 1,
                                                          servicePrincipalName.indexOf("@")));
    ldapServer.setSaslPrincipal(servicePrincipalName);
    ldapServer.setSearchBaseDn(USERS_DN);

    createPrincipal("KDC", "KDC", "krbtgt", UUID.randomUUID().toString(), "krbtgt/" + REALM + "@" + REALM);
    createPrincipal("Service", "LDAP Service", "ldap", UUID.randomUUID().toString(), servicePrincipalName);
}
Example #2
Source File: KerberosKDCUtil.java    From quarkus-http with Apache License 2.0 6 votes vote down vote up 
private static void startKDC() throws Exception {
    kdcServer = new KdcServer();
    kdcServer.setServiceName("Test KDC");
    kdcServer.setSearchBaseDn("ou=users,dc=undertow,dc=io");
    KerberosConfig config = kdcServer.getConfig();
    config.setServicePrincipal("krbtgt/[email protected]");
    config.setPrimaryRealm("UNDERTOW.IO");

    config.setPaEncTimestampRequired(false);

    UdpTransport udp = new UdpTransport("0.0.0.0", KDC_PORT);
    kdcServer.addTransports(udp);

    kdcServer.setDirectoryService(directoryService);
    kdcServer.start();
}
Example #3
Source File: ApacheDirectoryServer.java    From light-oauth2 with Apache License 2.0 6 votes vote down vote up 
private static void startKDC() throws Exception {
    kdcServer = new KdcServer();
    kdcServer.setServiceName("Test KDC");
    kdcServer.setSearchBaseDn("ou=users,dc=undertow,dc=io");
    KerberosConfig config = kdcServer.getConfig();
    config.setServicePrincipal("krbtgt/[email protected]");
    config.setPrimaryRealm("UNDERTOW.IO");

    config.setPaEncTimestampRequired(false);

    UdpTransport udp = new UdpTransport("0.0.0.0", KDC_PORT);
    kdcServer.addTransports(udp);

    kdcServer.setDirectoryService(directoryService);
    kdcServer.start();
}
Example #4
Source File: ApacheDirectoryServer.java    From light-oauth2 with Apache License 2.0 6 votes vote down vote up 
private static void startKDC() throws Exception {
    kdcServer = new KdcServer();
    kdcServer.setServiceName("Test KDC");
    kdcServer.setSearchBaseDn("ou=users,dc=undertow,dc=io");
    KerberosConfig config = kdcServer.getConfig();
    config.setServicePrincipal("krbtgt/[email protected]");
    config.setPrimaryRealm("UNDERTOW.IO");

    config.setPaEncTimestampRequired(false);

    UdpTransport udp = new UdpTransport("0.0.0.0", KDC_PORT);
    kdcServer.addTransports(udp);

    kdcServer.setDirectoryService(directoryService);
    kdcServer.start();
}
Example #5
Source File: KerberosEmbeddedServer.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
protected KdcServer createAndStartKdcServer() throws Exception {
    KerberosConfig kdcConfig = new KerberosConfig();
    kdcConfig.setServicePrincipal("krbtgt/" + this.kerberosRealm + "@" + this.kerberosRealm);
    kdcConfig.setPrimaryRealm(this.kerberosRealm);
    kdcConfig.setMaximumTicketLifetime(60000 * 1440);
    kdcConfig.setMaximumRenewableLifetime(60000 * 10080);
    kdcConfig.setPaEncTimestampRequired(false);
    Set<EncryptionType> encryptionTypes = convertEncryptionTypes();
    kdcConfig.setEncryptionTypes(encryptionTypes);

    kdcServer = new NoReplayKdcServer(kdcConfig);
    kdcServer.setSearchBaseDn(this.baseDN);

    UdpTransport udp = new UdpTransport(this.bindHost, this.kdcPort);
    kdcServer.addTransports(udp);

    kdcServer.setDirectoryService(directoryService);

    // Launch the server
    kdcServer.start();

    return kdcServer;
}
Example #6
Source File: KerberosEmbeddedServer.java    From keycloak with Apache License 2.0 6 votes vote down vote up 
/**
 * @throws java.io.IOException if we cannot bind to the sockets
 */
@Override
public void start() throws IOException, LdapInvalidDnException {
    super.start();

    try {

        // override initialized replay cache with a dummy implementation
        Field replayCacheField = KdcServer.class.getDeclaredField("replayCache");
        replayCacheField.setAccessible(true);
        replayCacheField.set(this, new DummyReplayCache());
    } catch (Exception e) {
        throw new RuntimeException(e);
    }

}
Example #7
Source File: KDCServerAnnotationProcessor.java    From wildfly-core with GNU Lesser General Public License v2.1 5 votes vote down vote up 
/**
 * @throws IOException if we cannot bind to the sockets
 */
public void start() throws IOException, LdapInvalidDnException {
    super.start();

    try {

        // override initialized replay cache with a dummy implementation
        Field replayCacheField = KdcServer.class.getDeclaredField("replayCache");
        replayCacheField.setAccessible(true);
        replayCacheField.set(this, new DummyReplayCache());
    } catch (Exception e) {
        LOGGER.warn("Unable to override replay cache.", e);
    }

}
Example #8
Source File: ApacheKDCServer.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up 
public ApacheKDCServer() {
    this.kdcServer = new KdcServer();
}
Example #9
Source File: KDCServerAnnotationProcessor.java    From wildfly-core with GNU Lesser General Public License v2.1 2 votes vote down vote up 
/**
 * Creates and starts KdcServer based on configuration from {@link ExtCreateKdcServer} annotation.
 *
 * @param directoryService
 * @param startPort start port number used for searching free ports in case the transport has no port number preconfigured.
 * @return
 * @throws Exception
 */
public static KdcServer getKdcServer(DirectoryService directoryService, int startPort, String address) throws Exception {
    final CreateKdcServer createKdcServer = (CreateKdcServer) AnnotationUtils.getInstance(CreateKdcServer.class);
    return createKdcServer(createKdcServer, directoryService, startPort, address);
}