Hi,
I'm trying to set up an IT for one of my classes that inherits from using
the AbstractKerberosITest inside of apacheds-kerberos-test.
Here are the annotations on my class:
@RunWith(FrameworkRunner.class)
@CreateDS(name = "KerberosTcpIT-class",
partitions = {
@CreatePartition(name = "example", suffix = "dc=example,dc=com")},
additionalInterceptors = { KeyDerivationInterceptor.class })
@CreateLdapServer(transports = { @CreateTransport(protocol = "LDAP") })
@CreateKdcServer(transports = { @CreateTransport( protocol = "TCP", port
= 6089) })
@ApplyLdifFiles("org/apache/directory/server/kerberos/kdc/KerberosIT.ldif")
AbstractKerberosITest generates a krb5.conf that looks like this:
[libdefaults]
default_realm = EXAMPLE.COM
default_tkt_enctypes = des3-cbc-sha1
default_tgs_enctypes = des3-cbc-sha1
permitted_enctypes = des3-cbc-sha1
default-checksum_type = hmac-sha1-des3
udp_preference_limit = 1
[realms]
EXAMPLE.COM = {
kdc = localhost:6089
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
To kinit, I'm using this command (hnelson is automatically added by
AbstractKerberosITest):
env KRB5_CONFIG=/path/to/krb5.conf kinit -k -t /path/to/hnelson.keytab
[email protected]
And I get this error:
kinit: krb5_get_init_creds: unable to reach any KDC in realm EXAMPLE.COM
The kdc seems to running just fine:
➜ ~ lsof -i :6089
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 98545 clumjo 201u IPv6 0x3b381b5f4ac2a677 0t0 TCP
localhost:6089 (LISTEN)
➜ ~ telnet localhost 6089
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Do you have any thoughts as to what might be wrong?
Thanks,
Josh
