you can call kdcServer.setEncryptionTypes() (with an array or set of EncryptionTypeS) note that, this method should be called from a non-static method (typically from the setup method or the one having @Before annotation) calling it from static method might likely result in a null pointer exception.
Let me know if you have any issues HTH On Sun, Jan 15, 2012 at 3:04 AM, Aleksander Adamowski <[email protected]> wrote: > Hi! > > While working on my experimental KrbLDAP implementation (see the > thread on MIT krbdev list: > http://mailman.mit.edu/pipermail/krbdev/2012-January/010641.html), > I've discovered that KdcServer by default supports a very limited set > of encryption types consisting only of des-cbc-md5. > > MIT's libkrb5, on the other hand, by default requires one of 4 > enctypes, which doesn't include the ApacheDS's default: > aes256-cts-hmac-sha1-96 (18), > aes128-cts-hmac-sha1-96 (17), > des3-cbc-sha1-kd (16), > rc4-hmac (23) > > Is this choice made on purpose? > > In my experimental integration test, I'm creating the KdcServer using > the @CreateKdcServer annotation: > https://github.com/aadamowski/apacheds-krbldap-test/blob/master/src/test/java/pl/org/olo/krbldap/apacheds/test/KrbLdapIntegrationTest.java > > What's the best way to configure it to handle enctypes compatible with > MIT libkrb5? > > > -- > Best Regards, > Aleksander Adamowski > http://olo.org.pl -- Kiran Ayyagari
