Examples of org.apache.directory.shared.kerberos.components.KdcReqBody

Package org.apache.directory.shared.kerberos.components

Examples of org.apache.directory.shared.kerberos.components.KdcReqBody

org.apache.directory.shared.kerberos.components.KdcReqBody

The KDC-REQ-BODY data structure. It will store the object described by the ASN.1 grammar :

 KDC-REQ-BODY    ::= SEQUENCE { kdc-options             [0] KDCOptions, cname                   [1] PrincipalName OPTIONAL -- Used only in AS-REQ --, realm                   [2] Realm -- Server's realm -- Also client's in AS-REQ --, sname                   [3] PrincipalName OPTIONAL, from                    [4] KerberosTime OPTIONAL, till                    [5] KerberosTime, rtime                   [6] KerberosTime OPTIONAL, nonce                   [7] UInt32, etype                   [8] SEQUENCE OF Int32 -- EncryptionType -- in preference order --, addresses               [9] HostAddresses OPTIONAL, enc-authorization-data  [10] EncryptedData OPTIONAL -- AuthorizationData --, additional-tickets      [11] SEQUENCE OF Ticket OPTIONAL -- NOTE: not empty }

@author Apache Directory Project

        KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
        String serverPassword = "randomKey";


        Ticket tgt = getTgt( clientPrincipal, serverPrincipal, serverPassword );


        KdcReqBody kdcReqBody = new KdcReqBody();
        kdcReqBody.setSName( getPrincipalName( "hnelson" ) );
        kdcReqBody.setRealm( "EXAMPLE.COM" );
        kdcReqBody.setEType( config.getEncryptionTypes() );
        kdcReqBody.setNonce( random.nextInt() );


        KdcOptions kdcOptions = new KdcOptions();
        kdcOptions.set( KdcOptions.RENEW );
        kdcReqBody.setKdcOptions( kdcOptions );


        long currentTime = System.currentTimeMillis();


        KerberosTime requestedEndTime = new KerberosTime( currentTime + KerberosTime.DAY );
        kdcReqBody.setTill( requestedEndTime );


        KdcReq message = getKdcRequest( tgt, kdcReqBody );


        handler.messageReceived( session, message );

View Full Code Here

        KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
        String passPhrase = "randomKey";
        EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
        Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );


        KdcReqBody kdcReqBody = new KdcReqBody();
        kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
        kdcReqBody.setRealm( "EXAMPLE.COM" );
        kdcReqBody.setEType( config.getEncryptionTypes() );
        kdcReqBody.setNonce( random.nextInt() );


        KdcOptions kdcOptions = new KdcOptions();
        kdcOptions.set( KdcOptions.RENEWABLE_OK );
        kdcReqBody.setKdcOptions( kdcOptions );


        long now = System.currentTimeMillis();


        KerberosTime requestedEndTime = new KerberosTime( now + KerberosTime.WEEK );
        kdcReqBody.setTill( requestedEndTime );


        KdcReq message = getKdcRequest( tgt, kdcReqBody );


        handler.messageReceived( session, message );

View Full Code Here

        KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
        String passPhrase = "randomKey";
        EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
        Ticket tgt = getTicket( encTicketPart, serverPrincipal, serverKey );


        KdcReqBody kdcReqBody = new KdcReqBody();
        kdcReqBody.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
        kdcReqBody.setRealm( "EXAMPLE.COM" );
        kdcReqBody.setEType( config.getEncryptionTypes() );
        kdcReqBody.setNonce( random.nextInt() );


        KdcOptions kdcOptions = new KdcOptions();
        kdcOptions.set( KdcOptions.RENEWABLE );
        kdcReqBody.setKdcOptions( kdcOptions );


        long now = System.currentTimeMillis();


        KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
        kdcReqBody.setTill( requestedEndTime );


        KerberosTime requestedRenewTillTime = new KerberosTime( now + KerberosTime.WEEK / 2 );
        kdcReqBody.setRtime( requestedRenewTillTime );


        KdcReq message = getKdcRequest( tgt, kdcReqBody );


        handler.messageReceived( session, message );

View Full Code Here


    private static void getClientEntry( AuthenticationContext authContext ) throws KerberosException,
        InvalidTicketException
    {
        LOG_KRB.debug( "--> Getting the client Entry" );
        KdcReqBody kdcReqBody = authContext.getRequest().getKdcReqBody();
        KerberosPrincipal principal = KerberosUtils.getKerberosPrincipal(
            kdcReqBody.getCName(),
            kdcReqBody.getRealm() );
        PrincipalStore store = authContext.getStore();


        try
        {
            PrincipalStoreEntry storeEntry = KerberosUtils.getEntry( principal, store,

View Full Code Here

    {
        KerberosConfig config = tgsContext.getConfig();


        if ( config.isBodyChecksumVerified() )
        {
            KdcReqBody body = tgsContext.getRequest().getKdcReqBody();
            // FIXME how this byte[] is computed??
            // is it full ASN.1 encoded bytes OR just the bytes of all the values alone?
            // for now am using the ASN.1 encoded value
            ByteBuffer buf = ByteBuffer.allocate( body.computeLength() );
            try
            {
                body.encode( buf );
            }
            catch ( EncoderException e )
            {
                throw new KerberosException( ErrorType.KRB_AP_ERR_INAPP_CKSUM );
            }

View Full Code Here

    {
        // Deny RENEWABLE tickets in policy.
        config.setPaEncTimestampRequired( false );
        config.setRenewableAllowed( false );


        KdcReqBody kdcReqBody = new KdcReqBody();
        kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
        kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
        kdcReqBody.setRealm( "EXAMPLE.COM" );
        kdcReqBody.setEType( config.getEncryptionTypes() );


        KdcOptions kdcOptions = new KdcOptions();
        kdcOptions.set( KdcOptions.RENEWABLE );
        kdcReqBody.setKdcOptions( kdcOptions );


        long now = System.currentTimeMillis();
        KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
        kdcReqBody.setTill( requestedEndTime );


        KerberosTime requestedRenewTillTime = new KerberosTime( now + KerberosTime.WEEK / 2 );
        kdcReqBody.setRtime( requestedRenewTillTime );


        KdcReq message = new AsReq();
        message.setKdcReqBody( kdcReqBody );


        handler.messageReceived( session, message );

View Full Code Here

    {
        // Deny empty addresses in policy.
        config.setPaEncTimestampRequired( false );
        config.setEmptyAddressesAllowed( false );


        KdcReqBody kdcReqBody = new KdcReqBody();
        kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
        kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
        kdcReqBody.setRealm( "EXAMPLE.COM" );
        kdcReqBody.setEType( config.getEncryptionTypes() );


        KdcOptions kdcOptions = new KdcOptions();
        kdcReqBody.setKdcOptions( kdcOptions );


        long now = System.currentTimeMillis();
        KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
        kdcReqBody.setTill( requestedEndTime );


        KerberosTime requestedRenewTillTime = new KerberosTime( now + KerberosTime.WEEK / 2 );
        kdcReqBody.setRtime( requestedRenewTillTime );


        KdcReq message = new AsReq();
        message.setKdcReqBody( kdcReqBody );


        handler.messageReceived( session, message );

View Full Code Here

        KerberosPrincipal serverPrincipal = new KerberosPrincipal( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" );
        String passPhrase = "randomKey";
        EncryptionKey serverKey = getEncryptionKey( serverPrincipal, passPhrase );
        Ticket tgt = getTicket( encTicketPartModifier, serverPrincipal, serverKey );


        KdcReqBody modifier = new KdcReqBody();
        modifier.setSName( getPrincipalName( "ldap/ldap.example.com@EXAMPLE.COM" ) );
        modifier.setRealm( "EXAMPLE.COM" );
        modifier.setEType( config.getEncryptionTypes() );
        modifier.setNonce( random.nextInt() );


        KdcOptions kdcOptions = new KdcOptions();
        kdcOptions.set( KdcOptions.ENC_TKT_IN_SKEY );
        modifier.setKdcOptions( kdcOptions );


        long now = System.currentTimeMillis();


        KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
        modifier.setTill( requestedEndTime );


        KerberosTime requestedRenewTillTime = new KerberosTime( now + KerberosTime.WEEK / 2 );
        modifier.setRtime( requestedRenewTillTime );


        KdcReq message = getKdcRequest( tgt, modifier );


        handler.messageReceived( session, message );

View Full Code Here

    {
        // Deny FORWARDABLE tickets in policy.
        config.setPaEncTimestampRequired( false );
        config.setForwardableAllowed( false );


        KdcReqBody kdcReqBody = new KdcReqBody();
        kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
        kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
        kdcReqBody.setRealm( "EXAMPLE.COM" );
        kdcReqBody.setEType( config.getEncryptionTypes() );


        KdcOptions kdcOptions = new KdcOptions();
        kdcOptions.set( KdcOptions.FORWARDABLE );
        kdcReqBody.setKdcOptions( kdcOptions );


        long now = System.currentTimeMillis();
        KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
        kdcReqBody.setTill( requestedEndTime );


        KdcReq message = new AsReq();
        message.setKdcReqBody( kdcReqBody );


        handler.messageReceived( session, message );

View Full Code Here

    {
        // Deny PROXIABLE tickets in policy.
        config.setPaEncTimestampRequired( false );
        config.setProxiableAllowed( false );


        KdcReqBody kdcReqBody = new KdcReqBody();
        kdcReqBody.setCName( getPrincipalName( "hnelson" ) );
        kdcReqBody.setSName( getPrincipalName( "krbtgt/EXAMPLE.COM@EXAMPLE.COM" ) );
        kdcReqBody.setRealm( "EXAMPLE.COM" );
        kdcReqBody.setEType( config.getEncryptionTypes() );


        KdcOptions kdcOptions = new KdcOptions();
        kdcOptions.set( KdcOptions.PROXIABLE );
        kdcReqBody.setKdcOptions( kdcOptions );


        long now = System.currentTimeMillis();
        KerberosTime requestedEndTime = new KerberosTime( now + 1 * KerberosTime.DAY );
        kdcReqBody.setTill( requestedEndTime );


        KdcReq message = new AsReq();
        message.setKdcReqBody( kdcReqBody );


        handler.messageReceived( session, message );

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.directory.shared.kerberos.components.KdcReqBody

org.apache.directory.kerberos.client.KdcConnection

org.apache.directory.kerberos.client.KerberosConnection

org.apache.directory.server.kerberos.kdc.authentication.AuthenticationService

org.apache.directory.server.kerberos.kdc.ticketgrant.TicketGrantingService

org.apache.directory.server.kerberos.protocol.AuthenticationEncryptionTypeTest

org.apache.directory.server.kerberos.protocol.AuthenticationPolicyTest

org.apache.directory.server.kerberos.protocol.AuthenticationServiceTest

org.apache.directory.server.kerberos.protocol.EncTktInSkeyTest

org.apache.directory.server.kerberos.protocol.PreAuthenticationTest

org.apache.directory.server.kerberos.protocol.TicketGrantingEncryptionTypeTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.