Examples of HostAddresses

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

290
291
292
293
294
295
296
297
298
299
300
            Authenticator authenticator = changepwContext.getAuthenticator();
            KerberosPrincipal clientPrincipal = KerberosUtils.getKerberosPrincipal(
                authenticator.getCName(), authenticator.getCRealm() );

            InetAddress clientAddress = changepwContext.getClientAddress();
            HostAddresses clientAddresses = ticket.getEncTicketPart().getClientAddresses();

            boolean caddrContainsSender = false;

            if ( ticket.getEncTicketPart().getClientAddresses() != null )
            {
View Full Code Here

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

334
335
336
337
338
339
340
341
342
343
344
345
346
347
        boolean skey = readskey();
       
        int flags = readFlags();
        TicketFlags tFlags = new TicketFlags(flags);
        HostAddress addr[] = readAddr();
        HostAddresses addrs = null;
        if (addr != null)
        {
            addrs = new HostAddresses(addr);
        }
       
        AuthorizationDataEntry[] auDataEntries = readAuth();
        AuthorizationData auData = null;
        if (auDataEntries != null)
View Full Code Here

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

209
210
211
212
213
214
215
216
217
218
219
220
221
        body.addEType( EncryptionType.AES256_CTS_HMAC_SHA1_96 );
        body.addEType( EncryptionType.DES3_CBC_MD5 );
        body.addEType( EncryptionType.AES128_CTS_HMAC_SHA1_96 );

        HostAddresses addresses = new HostAddresses();
        addresses.addHostAddress( new HostAddress( HostAddrType.ADDRTYPE_INET, "192.168.0.1".getBytes() ) );
        addresses.addHostAddress( new HostAddress( HostAddrType.ADDRTYPE_INET, "192.168.0.2".getBytes() ) );
        body.setAddresses( addresses );

        EncryptedData encAuthorizationData = new EncryptedData( EncryptionType.AES128_CTS_HMAC_SHA1_96,
            "abcdef".getBytes() );
        body.setEncAuthorizationData( encAuthorizationData );
View Full Code Here

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

557
558
559
560
561
562
563
564
565
566
567
        KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
        kdcReqBody.setTill( requestedEndTime );

        HostAddress[] address =
            { new HostAddress( InetAddress.getByName( null ) ) };
        HostAddresses addresses = new HostAddresses( address );
        kdcReqBody.setAddresses( addresses );

        KdcReq message = getKdcRequest( tgt, kdcReqBody );

        handler.messageReceived( session, message );
View Full Code Here

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

617
618
619
620
621
622
623
624
625
626
627
        KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
        kdcReqBody.setTill( requestedEndTime );

        HostAddress[] address =
            { new HostAddress( InetAddress.getByName( null ) ) };
        HostAddresses addresses = new HostAddresses( address );
        kdcReqBody.setAddresses( addresses );

        KdcReq message = getKdcRequest( tgt, kdcReqBody );

        handler.messageReceived( session, message );
View Full Code Here

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

216
217
218
219
220
221
222
223
224
225
226
        // Make changes to test.
        encTicketPart.setFlag( TicketFlag.FORWARDABLE );

        HostAddress[] address =
            { new HostAddress( InetAddress.getByAddress( new byte[4] ) ) };
        HostAddresses addresses = new HostAddresses( address );
        encTicketPart.setClientAddresses( addresses );

        // Seal the ticket for the server.
        KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
        String passPhrase = "randomKey";
View Full Code Here

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

344
345
346
347
348
349
350
351
352
353
354
        KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
        kdcReqBody.setTill( requestedEndTime );

        HostAddress[] address =
            { new HostAddress( InetAddress.getByName( "127.0.0.1" ) ) };
        HostAddresses addresses = new HostAddresses( address );
        kdcReqBody.setAddresses( addresses );

        KdcReq message = getKdcRequest( tgt, kdcReqBody );

        handler.messageReceived( session, message );
View Full Code Here

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

379
380
381
382
383
384
385
386
387
388
389
        // Make changes to test.
        encTicketPart.setFlag( TicketFlag.PROXIABLE );

        HostAddress[] address =
            { new HostAddress( InetAddress.getByAddress( new byte[4] ) ) };
        HostAddresses addresses = new HostAddresses( address );
        encTicketPart.setClientAddresses( addresses );

        // Seal the ticket for the server.
        KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
        String passPhrase = "randomKey";
View Full Code Here

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
        body.setKdcOptions( clientTgtReq.getOptions() );
       
        List<HostAddress> lstAddresses = clientTgtReq.getHostAddresses();
        if ( !lstAddresses.isEmpty() )
        {
            HostAddresses addresses = new HostAddresses();
            for( HostAddress h : lstAddresses )
            {
                addresses.addHostAddress( h );
            }
           
            body.setAddresses( addresses );
        }
       
        EncryptionType encryptionType = clientTgtReq.getETypes().iterator().next();
        EncryptionKey clientKey = KerberosKeyFactory.string2Key( clientTgtReq.getClientPrincipal(), clientTgtReq.getPassword(), encryptionType );

        AsReq req = new AsReq();
        req.setKdcReqBody( body );

        if ( clientTgtReq.isPreAuthEnabled() )
        {
            PaEncTsEnc tmstmp = new PaEncTsEnc();
            tmstmp.setPaTimestamp( new KerberosTime() );
           
            EncryptedData paDataValue = cipherTextHandler.encrypt( clientKey, getEncoded( tmstmp ), KeyUsage.AS_REQ_PA_ENC_TIMESTAMP_WITH_CKEY );
           
            PaData paEncTstmp = new PaData();
            paEncTstmp.setPaDataType( PaDataType.PA_ENC_TIMESTAMP );
            paEncTstmp.setPaDataValue( getEncoded( paDataValue ) );
           
            req.addPaData( paEncTstmp );
        }
       
        // Get the result from the future
        try
        {
            connect();
           
            // Read the response, waiting for it if not available immediately
            // Get the response, blocking
            KerberosMessage kdcRep = sendAndReceiveKrbMsg( req );

            if ( kdcRep == null )
            {
                // We didn't received anything : this is an error
                LOG.error( "Authentication failed : timeout occured" );
                throw new KerberosException( ErrorType.KRB_ERR_GENERIC, TIME_OUT_ERROR );
            }

            if ( kdcRep instanceof KrbError )
            {
                // We have an error
                LOG.debug( "Authentication failed : {}", kdcRep );
                throw new KerberosException( ( KrbError ) kdcRep );
            }

            AsRep rep = ( AsRep ) kdcRep;
           
            if ( !cName.getNameString().equals( rep.getCName().getNameString() ) )
            {
                throw new KerberosException( ErrorType.KDC_ERR_CLIENT_NAME_MISMATCH );
            }
           
            if ( !realm.equals( rep.getCRealm() ) )
            {
                throw new KerberosException( ErrorType.KRB_ERR_WRONG_REALM );
            }
           
            if ( encryptionType != rep.getEncPart().getEType() )
            {
                encryptionType = rep.getEncPart().getEType();
                clientKey = KerberosKeyFactory.string2Key( clientTgtReq.getClientPrincipal(), clientTgtReq.getPassword(), encryptionType );
            }
           
            byte[] decryptedEncAsRepPart = cipherTextHandler.decrypt( clientKey, rep.getEncPart(), KeyUsage.AS_REP_ENC_PART_WITH_CKEY );
           
            EncKdcRepPart encKdcRepPart = null;
            try
            {
                EncAsRepPart encAsRepPart = KerberosDecoder.decodeEncAsRepPart( decryptedEncAsRepPart );
                encKdcRepPart = encAsRepPart.getEncKdcRepPart();
            }
            catch( KerberosException e )
            {
                LOG.info("Trying an encTgsRepPart instead");
                EncTgsRepPart encTgsRepPart = KerberosDecoder.decodeEncTgsRepPart( decryptedEncAsRepPart );
                encKdcRepPart = encTgsRepPart.getEncKdcRepPart();
            }
           
            if ( currentNonce != encKdcRepPart.getNonce() )
            {
                throw new KerberosException( ErrorType.KRB_ERR_GENERIC, "received nonce didn't match with the nonce sent in the request" );
            }
                      
            if ( !encKdcRepPart.getSName().getNameString().equals( clientTgtReq.getSName() ) )
            {
                throw new KerberosException( ErrorType.KDC_ERR_SERVER_NOMATCH );
            }
           
            if ( !encKdcRepPart.getSRealm().equals( clientTgtReq.getRealm() ) )
            {
                throw new KerberosException( ErrorType.KRB_ERR_GENERIC, "received server realm does not match with requested server realm" );
            }
           
            List<HostAddress> hosts = clientTgtReq.getHostAddresses();
           
            if( !hosts.isEmpty() )
            {
                HostAddresses addresses = encKdcRepPart.getClientAddresses();
                for( HostAddress h : hosts )
                {
                    if ( !addresses.contains( h ) )
                    {
                        throw new KerberosException( ErrorType.KRB_ERR_GENERIC, "requested client address" + h + " is not found in the ticket" );
                    }
                }
            }
View Full Code Here

Examples of org.apache.directory.shared.kerberos.components.HostAddresses

506
507
508
509
510
511
512
513
514
515
516
            {
                checksumType = cksum.getChecksumType();
            }

            InetAddress clientAddress = tgsContext.getClientAddress();
            HostAddresses clientAddresses = tgt.getEncTicketPart().getClientAddresses();

            boolean caddrContainsSender = false;
            if ( tgt.getEncTicketPart().getClientAddresses() != null )
            {
                caddrContainsSender = tgt.getEncTicketPart().getClientAddresses()
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.