[ https://issues.apache.org/jira/browse/QPIDJMS-303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16096232#comment-16096232 ]
ASF GitHub Bot commented on QPIDJMS-303: ---------------------------------------- Github user gemmellr commented on a diff in the pull request: https://github.com/apache/qpid-jms/pull/10#discussion_r128754720 --- Diff: qpid-jms-client/src/test/java/org/apache/qpid/jms/integration/SaslGssApiIntegrationTest.java --- @@ -0,0 +1,185 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.qpid.jms.integration; + +import org.apache.directory.server.kerberos.shared.keytab.Keytab; +import org.apache.directory.server.kerberos.shared.keytab.KeytabEntry; +import org.apache.hadoop.minikdc.MiniKdc; +import org.apache.qpid.jms.JmsConnectionFactory; +import org.apache.qpid.jms.test.QpidJmsTestCase; +import org.apache.qpid.jms.test.testpeer.TestAmqpPeer; +import org.apache.qpid.proton.amqp.Symbol; +import org.junit.After; +import org.junit.Before; +import org.junit.Test; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import javax.jms.Connection; +import javax.jms.ConnectionFactory; +import javax.jms.JMSSecurityException; +import java.io.File; +import java.nio.file.Files; +import java.nio.file.Path; + +import static junit.framework.TestCase.assertTrue; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.fail; + +public class SaslGssApiIntegrationTest extends QpidJmsTestCase { + + private static final Logger LOG = LoggerFactory.getLogger(SaslGssApiIntegrationTest.class); + + private static final Symbol GSSAPI = Symbol.valueOf("GSSAPI"); + private static final String serviceName = "amqp/localhost"; + + private MiniKdc kdc; + + @Before + public void setUpKerberso() throws Exception { + Path tempDirectory = Files.createTempDirectory("junit.test."); + File root = tempDirectory.toFile(); + root.deleteOnExit(); + kdc = new MiniKdc(MiniKdc.createConf(), new File(root, "kdc")); + kdc.start(); + + // hard coded match, default_keytab_name in minikdc-krb5.conf template + File userKeyTab = new File("target/test.krb5.keytab"); + kdc.createPrincipal(userKeyTab, "client", serviceName); + + Keytab kt = Keytab.read(userKeyTab); + for (KeytabEntry entry : kt.getEntries()) { + LOG.info("KeyTab Kerb PrincipalNames:" + entry.getPrincipalName()); + } + + java.util.logging.Logger logger = java.util.logging.Logger.getLogger("javax.security.sasl"); --- End diff -- Is this just for debug? Might be good to make it optional, rather than leave it changing the config for all subsequent tests. > Add support for SASL GSSAPI Kerberos mechanism > ---------------------------------------------- > > Key: QPIDJMS-303 > URL: https://issues.apache.org/jira/browse/QPIDJMS-303 > Project: Qpid JMS > Issue Type: Bug > Components: qpid-jms-client > Reporter: Gary Tully > > It would be great to be able to authenticate using kerberos credentials using > the SASL GSSAPI mechanism. > Authentication would be sufficient leaving TLS to do encryption of the > channel if that is necessary. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org