Author: erodriguez
Date: Sun Oct 31 18:10:40 2004
New Revision: 56182
Added:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/BootstrapStore.java
Modified:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/KdcDispatcher.java
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/server/udp/Main.java
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/LdapStore.java
Log:
Key store implementation for bootstrapping the initial KDC Subject for
subsequent SASL-GSSAPI connections, such as to LDAP servers.
Modified:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/KdcDispatcher.java
==============================================================================
---
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/KdcDispatcher.java
(original)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/KdcDispatcher.java
Sun Oct 31 18:10:40 2004
@@ -37,7 +37,7 @@
private KdcRequestDecoder _decoder = new KdcRequestDecoder();
private KdcReplyEncoder _encoder = new KdcReplyEncoder();
- private PrincipalStore _bootstrap = new KdcBootstrapStore();
+ private PrincipalStore _bootstrap;
private CryptoService _cryptoService;
private KdcConfiguration _config;
private PrincipalStore _store;
@@ -45,9 +45,10 @@
private AuthenticationService _authService;
private TicketGrantingService _tgsService;
- public KdcDispatcher(KdcConfiguration config, PrincipalStore store) {
- _config = config;
- _store = store;
+ public KdcDispatcher(KdcConfiguration config, BootstrapStore bootstrap,
PrincipalStore store) {
+ _config = config;
+ _bootstrap = bootstrap;
+ _store = store;
_cryptoService = new CryptoService(_config);
_authService = new AuthenticationService(_store, _bootstrap,
_cryptoService, _config);
Modified:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/server/udp/Main.java
==============================================================================
---
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/server/udp/Main.java
(original)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/server/udp/Main.java
Sun Oct 31 18:10:40 2004
@@ -24,9 +24,10 @@
public class Main {
- private static final KdcConfiguration config = new KdcConfiguration();
- private static final PrincipalStore ldap = new LdapStore(config);
- private static final KdcDispatcher kdc = new
KdcDispatcher(config, ldap);
+ private static final KdcConfiguration config = new KdcConfiguration();
+ private static final BootstrapStore bootstrap = new
BootstrapStore(config);
+ private static final PrincipalStore ldap = new LdapStore(config,
bootstrap);
+ private static final KdcDispatcher kdc = new
KdcDispatcher(config, bootstrap, ldap);
public static void main(String[] args) {
Main m = new Main();
@@ -35,8 +36,7 @@
private void go() {
- initConfig();
- initStore();
+ init();
DatagramSocket socket = null;
try {
@@ -59,13 +59,10 @@
}
}
- private void initConfig() {
- // TODO - implement
- }
-
- private void initStore() {
+ private void init() {
Thread storeInit = new Thread() {
public void run() {
+ bootstrap.init();
ldap.init();
}
};
Added:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/BootstrapStore.java
==============================================================================
--- (empty file)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/BootstrapStore.java
Sun Oct 31 18:10:40 2004
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.kerberos.kdc.store;
+
+import org.apache.kerberos.kdc.*;
+
+import java.io.*;
+import java.util.*;
+
+import javax.security.auth.kerberos.*;
+
+public class BootstrapStore implements PrincipalStore {
+
+ private KdcConfiguration _config;
+ private Map _entries;
+
+ public BootstrapStore(KdcConfiguration config) {
+ _config = config;
+ }
+
+ public void init() {
+ try {
+ FileInputStream in = new
FileInputStream(_config.getKerberosKeysLocation());
+ ObjectInputStream s = new ObjectInputStream(in);
+ _entries = (HashMap)s.readObject();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ public PrincipalStoreEntry getEntry(KerberosPrincipal principal) {
+ KerberosKey key =
(KerberosKey)_entries.get(principal.getName());
+ if (key == null) {
+ return null;
+ }
+ return getEntry(key);
+ }
+
+ private PrincipalStoreEntry getEntry(KerberosKey key) {
+ PrincipalStoreEntryModifier modifier = new
PrincipalStoreEntryModifier();
+ modifier.setPrincipal(key.getPrincipal());
+ modifier.setKey(key.getEncoded());
+ modifier.setEncryptionType(key.getKeyType());
+ return modifier.getEntry();
+ }
+}
+
Modified:
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/LdapStore.java
==============================================================================
---
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/LdapStore.java
(original)
+++
incubator/directory/kerberos/trunk/source/main/org/apache/kerberos/kdc/store/LdapStore.java
Sun Oct 31 18:10:40 2004
@@ -18,6 +18,7 @@
import org.apache.kerberos.kdc.*;
import org.apache.kerberos.kdc.jaas.*;
+import org.apache.kerberos.messages.value.*;
import java.security.*;
@@ -43,14 +44,26 @@
public static final String REALM_NAME = "krb5RealmName";
private KdcConfiguration _config;
+ private BootstrapStore _bootstrap;
private Subject _subject;
- public LdapStore(KdcConfiguration config) {
- _config = config;
- _subject = _config.getKdcSubject();
+ public LdapStore(KdcConfiguration config, BootstrapStore bootstrap) {
+ _config = config;
+ _bootstrap = bootstrap;
}
public void init() {
+
+ _subject = new Subject();
+
+ KerberosPrincipal principal = _config.getKdcPrincipal();
+ EncryptionKey entry =
_bootstrap.getEntry(principal).getEncryptionKey();
+
+ KerberosKey key = new KerberosKey(principal,
entry.getKeyValue(),
+ entry.getKeyType().getOrdinal(),
entry.getKeyVersion());
+
+ _subject.getPrincipals().add(principal);
+ _subject.getPrivateCredentials().add(key);
Configuration.setConfiguration(new Krb5Configuration());
