[
https://issues.apache.org/jira/browse/RAMPART-433?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15844226#comment-15844226
]
Hudson commented on RAMPART-433:
--------------------------------
SUCCESS: Integrated in Jenkins build Rampart #2344 (See
[https://builds.apache.org/job/Rampart/2344/])
RAMPART-417, RAMPART-433: Add Kerberos support. Based on patches provided by
Detelin Yordanov and Boris Dushanov. (veithen: rev 1780752)
* (edit) trunk
* (edit) trunk/modules/rampart-core/pom.xml
* (edit)
trunk/modules/rampart-core/src/main/java/org/apache/rampart/RampartEngine.java
* (edit)
trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/BindingBuilder.java
* (edit)
trunk/modules/rampart-core/src/main/java/org/apache/rampart/builder/TransportBindingBuilder.java
* (add)
trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/KerberosConfigBuilder.java
* (edit)
trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java
* (add)
trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/KerberosConfig.java
* (edit)
trunk/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java
* (edit)
trunk/modules/rampart-core/src/main/java/org/apache/rampart/util/RampartUtil.java
* (edit)
trunk/modules/rampart-core/src/main/resources/META-INF/services/org.apache.neethi.builders.AssertionBuilder
* (edit)
trunk/modules/rampart-core/src/main/resources/org/apache/rampart/errors.properties
* (add) trunk/modules/rampart-core/src/test/java/org/apache/rampart/policy
* (add) trunk/modules/rampart-core/src/test/resources/org/apache/rampart/policy
* (edit) trunk/modules/rampart-integration/pom.xml
* (add)
trunk/modules/rampart-integration/src/test/java/org/apache/rampart/KerberosDelegationService.java
* (add)
trunk/modules/rampart-integration/src/test/java/org/apache/rampart/KerberosDelegationServiceValidator.java
* (add)
trunk/modules/rampart-integration/src/test/java/org/apache/rampart/RampartKerberosTest.java
* (add) trunk/modules/rampart-integration/src/test/java/org/apache/rampart/util
* (add) trunk/modules/rampart-integration/src/test/resources/kerberos
* (add) trunk/modules/rampart-integration/src/test/resources/rampart/kerberos
* (edit) trunk/modules/rampart-policy/pom.xml
* (edit)
trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/Constants.java
* (edit)
trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SP11Constants.java
* (edit)
trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SP12Constants.java
* (edit)
trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/SPConstants.java
* (add)
trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy/model/KerberosToken.java
* (add)
trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy11/builders/KerberosTokenBuilder.java
* (add)
trunk/modules/rampart-policy/src/main/java/org/apache/ws/secpolicy12/builders/KerberosTokenBuilder.java
* (edit)
trunk/modules/rampart-policy/src/main/resources/META-INF/services/org.apache.neethi.builders.AssertionBuilder
* (add) trunk/modules/rampart-policy/src/test
* (edit) trunk/pom.xml
> Support for Kerberos v5 delegated authentication
> ------------------------------------------------
>
> Key: RAMPART-433
> URL: https://issues.apache.org/jira/browse/RAMPART-433
> Project: Rampart
> Issue Type: New Feature
> Components: rampart-core
> Affects Versions: 1.6.2
> Reporter: Boris Dushanov
> Labels: Patch
> Fix For: 1.8.0
>
> Attachments: alice.keytab, bob.keytab,
> rampart_kerberos_delegation_with_keytab_instructions.patch
>
>
> This support is based on the Kerberos v5 enhancement provided in RAMPART-417.
> Kerberos delegation is supported in wss4j since 1.6.17 so this feature
> requires upgrade from 1.6.16 to 1.6.17.The upgrade is smooth and requires no
> changes.
> The changes in rampart uses the wss4j capabilities.Rampart's kerberos
> configuration is enhanced with two new settings - one for requesting a
> kerberos delegation credential and one for setting such. When the latter is
> set, rampart requests a Kerberos security token on behalf of the user for
> which the credentials are.
> The provided implementation also includes a corresponding integration test.
> ApacheDS 2.0 is required as 1.5.7 seems to have issues when delegation is
> requested.Because of that, the existing kerberos tests are also made to work
> with the newer ApacheDS version.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
