Author: akarasulu Date: Sun Dec 19 19:02:52 2004 New Revision: 122795 URL: http://svn.apache.org/viewcvs?view=rev&rev=122795 Log: Changes ...
o cleaned up the main o checking for correct operation of Eve store when looking for starter LDIF o added starter LDIF and a configuration file Added: incubator/directory/kerberos/trunk/main/kerberos.ldif incubator/directory/kerberos/trunk/main/kerberos.properties Modified: incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/KerberosMain.java incubator/directory/kerberos/trunk/store/src/java/org/apache/kerberos/kdc/EmbeddedEveStore.java Added: incubator/directory/kerberos/trunk/main/kerberos.ldif Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/main/kerberos.ldif?view=auto&rev=122795 ============================================================================== --- (empty file) +++ incubator/directory/kerberos/trunk/main/kerberos.ldif Sun Dec 19 19:02:52 2004 @@ -0,0 +1,69 @@ +# +# Copyright 2004 The Apache Software Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# EXAMPLE.COM is freely and reserved for testing according to this RFC: +# +# http://www.rfc-editor.org/rfc/rfc2606.txt +# +# + +dn: ou=Users, dc=example, dc=com +objectclass: top +objectclass: organizationalunit +ou: Users + +dn: uid=akarasulu, ou=Users, dc=example,dc=com +cn: Alex Karasulu +sn: Karasulu +givenname: Alex +objectclass: top +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: krb5Principal +objectclass: krb5KDCEntry +ou: Directory +ou: Users +l: Jacksonville +uid: akarasulu +krb5PrincipalName: [EMAIL PROTECTED] +krb5KeyVersionNumber: 0 +mail: [EMAIL PROTECTED] +telephonenumber: +1 904 982 6882 +facsimiletelephonenumber: +1 904 982 6883 +roomnumber: 666 +userpassword: maxwell + +dn: uid=erodriguez, ou=Users, dc=example,dc=com +cn: Enrique Rodriguez +sn: Rodriguez +givenname: Enrique +objectclass: top +objectclass: person +objectclass: organizationalPerson +objectclass: inetOrgPerson +objectclass: krb5Principal +objectclass: krb5KDCEntry +ou: Directory +ou: Users +l: Boston +uid: erodriguez +krb5PrincipalName: [EMAIL PROTECTED] +krb5KeyVersionNumber: 0 +mail: [EMAIL PROTECTED] +telephonenumber: +1 408 555 9187 +facsimiletelephonenumber: +1 408 555 8473 +roomnumber: 667 +userpassword: kerby Added: incubator/directory/kerberos/trunk/main/kerberos.properties Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/main/kerberos.properties?view=auto&rev=122795 ============================================================================== --- (empty file) +++ incubator/directory/kerberos/trunk/main/kerberos.properties Sun Dec 19 19:02:52 2004 @@ -0,0 +1,75 @@ +kdc.default.port = 1088 + +# ----------------------------------------------------------------------------- +# Kerberos Specific Properties +# ----------------------------------------------------------------------------- + +# these are the minimum required parameters +kdc.primary.realm = EXAMPLE.COM +kdc.principal = krbtgt/[EMAIL PROTECTED] +kdc.keys.location = kerberoskeys.ser +kdc.encryption.types = des-cbc-md5 des3-cbc-sha1 des3-cbc-md5 des-cbc-md4 des-cbc-crc + +changepw.principal = kadmin/[EMAIL PROTECTED] + +# all times in minutes +kdc.allowable.clockskew = 5 +# 1440 minutes is 1 day +tgs.maximum.ticket.lifetime = 1440 +# 10080 minutes is 1 week +tgs.maximum.renewable.lifetime = 10080 + +kdc.pa.enc.timestamp.required = true +tgs.empty.addresses.allowed = true +tgs.forwardable.allowed = true +tgs.proxiable.allowed = true +tgs.postdate.allowed = true +tgs.renewable.allowed = true + + +# ----------------------------------------------------------------------------- +# JNDI Properties +# ----------------------------------------------------------------------------- + +# The URL of for the provider: for Eve this is just a DN +java.naming.provider.url = dc=example,dc=com +# The principal will be fixed for the hard system super user in Eve +java.naming.security.principal = uid=admin,ou=system +# Authentication into Eve which is local is kept simple +java.naming.security.authentication = simple +# Use default password for admin (bad eek) +java.naming.security.credentials = secret +# Set up environment for initial context +java.naming.factory.initial = org.apache.eve.jndi.EveContextFactory + + +# ----------------------------------------------------------------------------- +# Eve Provider Properties +# ----------------------------------------------------------------------------- + +# The working directory where Eve stores it's partition database files +eve.wkdir = ./target/eve +# The published LDAP schema's to initialize: all listed are required for example.com +eve.schemas = org.apache.eve.schema.bootstrap.SystemSchema org.apache.eve.schema.bootstrap.EveSchema org.apache.eve.schema.bootstrap.CoreSchema org.apache.eve.schema.bootstrap.CosineSchema org.apache.eve.schema.bootstrap.InetorgpersonSchema org.apache.eve.schema.bootstrap.Krb5kdcSchema +# Comma separated name of the partitions to attach/create +eve.db.partitions = example + +# Suffix for the example partition +eve.db.partition.suffix.example = dc=example,dc=com +# User defined indices for the example partition +eve.db.partition.indices.example = ou uid objectClass krb5PrincipalName +# ObjectClass attribute values for the partition root at dc=example,dc=com +eve.db.partition.attributes.example.dc =example +eve.db.partition.attributes.example.objectClass =top domain example + + + +# ----------------------------------------------------------------------------- +# Eve PrincipalStore Properties +# ----------------------------------------------------------------------------- + +# Base DN to conduct one level searches for kdc entries +kdc.entry.basedn = ou=Users,dc=example,dc=com +# Initial LDIF file to import when first started +kdc.entry.ldif.file =/home/akarasulu/projects/directory/kerberos/trunk/main/kerberos.ldif + Modified: incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/KerberosMain.java Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/KerberosMain.java?view=diff&rev=122795&p1=incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/KerberosMain.java&r1=122794&p2=incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/KerberosMain.java&r2=122795 ============================================================================== --- incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/KerberosMain.java (original) +++ incubator/directory/kerberos/trunk/main/src/java/org/apache/kerberos/KerberosMain.java Sun Dec 19 19:02:52 2004 @@ -34,14 +34,22 @@ import org.apache.seda.protocol.ProtocolProvider; import org.apache.seda.protocol.TransportTypeEnum; -import javax.naming.Context; -import javax.naming.directory.BasicAttribute; -import javax.naming.directory.BasicAttributes; import java.io.File; +import java.io.FileInputStream; +import java.io.IOException; import java.net.InetAddress; -import java.util.Hashtable; +import java.util.Properties; +import javax.naming.directory.InitialDirContext; +import javax.naming.NamingException; +/** + * Simple application wrapper (used to be a testcase) around the Kerberos kdc + * core. + * + * @author <a href="mailto:[EMAIL PROTECTED]">Apache Directory Project</a> + * @version $Rev$ + */ public class KerberosMain { private final KdcConfiguration config = new KdcConfiguration(); @@ -55,46 +63,18 @@ /** the protocol provider */ protected ProtocolProvider proto = null; - /** the listener configuration for the protocol */ + /** the UDP listener configuration for the protocol */ protected ListenerConfig tcpConfig; + + /** the TCP listener configuration for the protocol */ protected ListenerConfig udpConfig; /** the server port number for the protocol */ protected int port; - public static void main( String[] args ) + public KerberosMain( Properties env ) { - KerberosMain m = new KerberosMain(); - m.go(); - } - - - private void go() - { - Hashtable env = new Hashtable(); - env.put( Context.PROVIDER_URL, "dc=example,dc=com" ); - env.put( Context.INITIAL_CONTEXT_FACTORY, "org.apache.eve.jndi.EveContextFactory" ); - env.put( EnvKeys.WKDIR, "target" + File.separator + "eve" ); - - BasicAttributes attrs = new BasicAttributes( true ); - BasicAttribute attr = new BasicAttribute( "objectClass" ); - attr.add( "top" ); - attr.add( "organizationalUnit" ); - attr.add( "extensibleObject" ); - attrs.put( attr ); - attr = new BasicAttribute( "ou" ); - attr.add( "testing" ); - attrs.put( attr ); - - env.put( EnvKeys.PARTITIONS, "example" ); - env.put( EnvKeys.SUFFIX + "example", "dc=example,dc=com" ); - env.put( EnvKeys.INDICES + "example", "ou objectClass" ); - env.put( EnvKeys.ATTRIBUTES + "example", attrs ); - - env.put( EmbeddedEveStore.KDC_ENTRY_LDIF_FILE, "./src/ldif/example.com" ); - env.put( EmbeddedEveStore.KDC_ENTRY_BASEDN_KEY, "ou=Users,dc=example,dc=com" ); - ldap = new EmbeddedEveStore( env ); init(); @@ -108,6 +88,70 @@ catch (Exception e) { e.printStackTrace(); + } + } + + + public static void main( String[] args ) + { + long startTime = System.currentTimeMillis(); + + if ( args.length == 0 ) + { + System.err.println( "Path to configuration file required!" ); + + System.exit( 1 ); + } + + File file = new File( args[0] ); + + if ( ! file.exists() ) + { + System.err.println( "Config file '" + file.getAbsolutePath() + "' does not exist!" ); + + System.exit( 2 ); + } + + Properties env = new Properties(); + + try + { + env.load( new FileInputStream( file ) ); + } + catch ( IOException e ) + { + System.err.println( "Failed while loading config file '" + file.getAbsolutePath() + "'" ); + + System.exit( 3 ); + } + + new KerberosMain( env ); + + System.out.println( "Apache Kerberos: started in " + + ( System.currentTimeMillis() - startTime ) + + " milliseconds"); + + while ( true ) + { + try + { + // this is a big time cludge for now to just play + Thread.sleep( 20000 ); + + try + { + env.setProperty( EnvKeys.SYNC, "true" ); + new InitialDirContext( env ); + } + catch ( NamingException e ) + { + e.printStackTrace(); + } + } + catch ( InterruptedException e ) + { + e.printStackTrace(); + } } } Modified: incubator/directory/kerberos/trunk/store/src/java/org/apache/kerberos/kdc/EmbeddedEveStore.java Url: http://svn.apache.org/viewcvs/incubator/directory/kerberos/trunk/store/src/java/org/apache/kerberos/kdc/EmbeddedEveStore.java?view=diff&rev=122795&p1=incubator/directory/kerberos/trunk/store/src/java/org/apache/kerberos/kdc/EmbeddedEveStore.java&r1=122794&p2=incubator/directory/kerberos/trunk/store/src/java/org/apache/kerberos/kdc/EmbeddedEveStore.java&r2=122795 ============================================================================== --- incubator/directory/kerberos/trunk/store/src/java/org/apache/kerberos/kdc/EmbeddedEveStore.java (original) +++ incubator/directory/kerberos/trunk/store/src/java/org/apache/kerberos/kdc/EmbeddedEveStore.java Sun Dec 19 19:02:52 2004 @@ -19,6 +19,7 @@ import java.util.Hashtable; import java.io.FileInputStream; +import java.io.File; import javax.security.auth.kerberos.KerberosPrincipal; import javax.security.auth.kerberos.KerberosKey; import javax.naming.*; @@ -158,8 +159,16 @@ try { - String ldifFile = ( String ) env.get( KDC_ENTRY_LDIF_FILE ); - FileInputStream in = new FileInputStream( ldifFile ); + File file = new File( ( String ) env.get( KDC_ENTRY_LDIF_FILE ) ); + + if ( ! file.exists() ) + { + System.err.println( "LDIF file '" + file.getAbsolutePath() + "' does not exit!" ); + + System.exit( 4 ); + } + + FileInputStream in = new FileInputStream( file ); LdifIterator iterator = new LdifIterator( in ); LdifParser ldifParser = new LdifParserImpl();
