Hi Eirik, Eirik Bjørsnøs wrote: > Hi guys, > > I'm currently looking into creating a JUnit integration test of some > Kerberos/SPNego code in SVNSearch[1]. > > I had great success in the past using ApacheDS for the same purpose > when testing LDAP integration. The Kerberos support is giving me some > trouble though. The documentation[2] seems to be somewhat lacking and > out of sync with 1.5.4. > > Anyway, what I've done so far is: > > o Created a unit test that starts ApacheDS with a KdcServer and a > KeyDerivationInterceptor, pretty much copying SaslGssapiBindITest.java > in 1.5.4 > o Added kdcConfig.setIpPort(8888); kdcConfig.start(); (Seems like I > need this to make the KDC server start) > o Configured my Mac to use localhost:8888 as the KDC for EXAMPLE.COM > o Run kinit [email protected] form the Terminal > o Got the error message: "Kerberos Login Failed: Client not found in > Kerberos database" > o Enabling debug logging in the Kerberos code I noticed that "Client > not found in Kerberos database" was actually caused by a > NotImplementedException thrown at > DirectoryPrincipalStore.getPrincipal(DirectoryPrincipalStore.java:95) > > Is the Kerberos server actually not implemented in 1.5.4? Or is there > something wrong in the SaslGssapiBindITest setup code? > > What are my alternatives? Use an earlier version of ApacheDS or wait > for the next release?
The bad news: the current Kerberos implementation is in a bad shape. The good news: Christine fixed some unit tests in the current trunk. So I would suggest to checkout the trunk from [1]. Kind Regards, Stefan [1] https://svn.apache.org/repos/asf/directory/apacheds/trunk-with-dependencies/
