String newPrincipalName = "hnelson@EXAMPLE.COM";
String newUserPassword = "secretsecret";
// Modify password.
Attributes attributes = new BasicAttributes( true );
Attribute attr = new BasicAttribute( "userPassword", newUserPassword );
attributes.put( attr );
attr = new BasicAttribute( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT, newPrincipalName );
attributes.put( attr );
DirContext person = ( DirContext ) ctx.lookup( RDN );
person.modifyAttributes( "", DirContext.REPLACE_ATTRIBUTE, attributes );
// Read again from directory.
person = ( DirContext ) ctx.lookup( RDN );
attributes = person.getAttributes( "" );
byte[] userPassword = null;
if ( attributes.get( "userPassword" ) != null )
{
userPassword = ( byte[] ) attributes.get( "userPassword" ).get();
}
checkKeyNumber( attributes );
byte[] testBytes =
{ 0x73, 0x65, 0x63, 0x72, 0x65, 0x74, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74 };
assertTrue( Arrays.equals( userPassword, testBytes ) );
Attribute krb5key = attributes.get( "krb5key" );
Map<EncryptionType, EncryptionKey> map = reconstituteKeyMap( krb5key );
EncryptionKey encryptionKey = map.get( EncryptionType.DES_CBC_MD5 );
byte[] testKeyBytes =
{ ( byte ) 0x16, ( byte ) 0x4A, ( byte ) 0x6D, ( byte ) 0x89, ( byte ) 0x5D, ( byte ) 0x76, ( byte ) 0x0E,
( byte ) 0x23 };
assertTrue( Arrays.equals( encryptionKey.getKeyValue(), testKeyBytes ) );
assertEquals( EncryptionType.DES_CBC_MD5, encryptionKey.getKeyType() );
int keyVersionNumber = -1;
if ( attributes.get( KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT ) != null )
{
keyVersionNumber = Integer.valueOf( ( String ) attributes
.get( KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT ).get() );
}
assertEquals( "Key version number", 1, keyVersionNumber );
newUserPassword = "secretsecretsecret";
// Modify password.
attributes = new BasicAttributes( true );
attr = new BasicAttribute( "userPassword", newUserPassword );
attributes.put( attr );
attr = new BasicAttribute( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT, newPrincipalName );
attributes.put( attr );
person = ( DirContext ) ctx.lookup( RDN );
person.modifyAttributes( "", DirContext.REPLACE_ATTRIBUTE, attributes );
// Read again from directory.
person = ( DirContext ) ctx.lookup( RDN );
attributes = person.getAttributes( "" );
if ( attributes.get( "userPassword" ) != null )
{
userPassword = ( byte[] ) attributes.get( "userPassword" ).get();
}
assertEquals( "password length", 18, userPassword.length );
if ( attributes.get( KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT ) != null )
{
keyVersionNumber = Integer.valueOf( ( String ) attributes
.get( KerberosAttribute.KRB5_KEY_VERSION_NUMBER_AT ).get() );
}
assertEquals( "Key version number", 2, keyVersionNumber );
newUserPassword = "secretsecretsecretsecret";
// Modify password.
attributes = new BasicAttributes( true );
attr = new BasicAttribute( "userPassword", newUserPassword );
attributes.put( attr );
attr = new BasicAttribute( KerberosAttribute.KRB5_PRINCIPAL_NAME_AT, newPrincipalName );
attributes.put( attr );
person = ( DirContext ) ctx.lookup( RDN );
person.modifyAttributes( "", DirContext.REPLACE_ATTRIBUTE, attributes );