50 public static final char[] PASS2 = "bar".toCharArray();
51 public static final String KRB5_CONF = "localkdc-krb5.conf";
52 public static final String KTAB = "localkdc.ktab";
53 public static final String JAAS_CONF = "localkdc-jaas.conf";
54 public static final String REALM = "RABBIT.HOLE";
55 public static String SERVER = "server/host." + REALM.toLowerCase();
56 public static String BACKEND = "backend/host." + REALM.toLowerCase();
57 public static String KDCHOST = "kdc." + REALM.toLowerCase();
58 /**
59 * Creates the KDC and starts it.
60 * @param etype Encryption type, null if not specified
61 * @throws java.lang.Exception if there's anything wrong
62 */
63 public OneKDC(String etype) throws Exception {
64 super(REALM, KDCHOST, 0, true);
65 addPrincipal(USER, PASS);
66 addPrincipal(USER2, PASS2);
67 addPrincipalRandKey("krbtgt/" + REALM);
68 addPrincipalRandKey(SERVER);
69 addPrincipalRandKey(BACKEND);
70 KDC.saveConfig(KRB5_CONF, this,
71 "forwardable = true",
72 "default_keytab_name = " + KTAB,
73 etype == null ? "" : "default_tkt_enctypes=" + etype + "\ndefault_tgs_enctypes=" + etype);
74 System.setProperty("java.security.krb5.conf", KRB5_CONF);
75 // Whatever krb5.conf had been loaded before, we reload ours now.
76 Config.refresh();
77
78 writeKtab(KTAB);
79 Security.setProperty("auth.login.defaultCallbackHandler",
80 "OneKDC$CallbackForClient");
81 }
82
83 /**
84 * Writes a JAAS login config file, which contains as many as useful
85 * entries, including JGSS style initiator/acceptor and normal JAAS
86 * entries with names using existing OneKDC principals.
87 * @throws java.lang.Exception if anything goes wrong
88 */
89 public void writeJAASConf() throws IOException {
90 System.setProperty("java.security.auth.login.config", JAAS_CONF);
91 File f = new File(JAAS_CONF);
92 FileOutputStream fos = new FileOutputStream(f);
93 fos.write((
|
50 public static final char[] PASS2 = "bar".toCharArray();
51 public static final String KRB5_CONF = "localkdc-krb5.conf";
52 public static final String KTAB = "localkdc.ktab";
53 public static final String JAAS_CONF = "localkdc-jaas.conf";
54 public static final String REALM = "RABBIT.HOLE";
55 public static String SERVER = "server/host." + REALM.toLowerCase();
56 public static String BACKEND = "backend/host." + REALM.toLowerCase();
57 public static String KDCHOST = "kdc." + REALM.toLowerCase();
58 /**
59 * Creates the KDC and starts it.
60 * @param etype Encryption type, null if not specified
61 * @throws java.lang.Exception if there's anything wrong
62 */
63 public OneKDC(String etype) throws Exception {
64 super(REALM, KDCHOST, 0, true);
65 addPrincipal(USER, PASS);
66 addPrincipal(USER2, PASS2);
67 addPrincipalRandKey("krbtgt/" + REALM);
68 addPrincipalRandKey(SERVER);
69 addPrincipalRandKey(BACKEND);
70
71 String extraConfig = "";
72 if (etype != null) {
73 extraConfig += "default_tkt_enctypes=" + etype
74 + "\ndefault_tgs_enctypes=" + etype;
75 if (etype.startsWith("des")) {
76 extraConfig += "\nallow_weak_crypto = true";
77 }
78 }
79 KDC.saveConfig(KRB5_CONF, this,
80 "forwardable = true",
81 "default_keytab_name = " + KTAB,
82 extraConfig);
83 System.setProperty("java.security.krb5.conf", KRB5_CONF);
84 // Whatever krb5.conf had been loaded before, we reload ours now.
85 Config.refresh();
86
87 writeKtab(KTAB);
88 Security.setProperty("auth.login.defaultCallbackHandler",
89 "OneKDC$CallbackForClient");
90 }
91
92 /**
93 * Writes a JAAS login config file, which contains as many as useful
94 * entries, including JGSS style initiator/acceptor and normal JAAS
95 * entries with names using existing OneKDC principals.
96 * @throws java.lang.Exception if anything goes wrong
97 */
98 public void writeJAASConf() throws IOException {
99 System.setProperty("java.security.auth.login.config", JAAS_CONF);
100 File f = new File(JAAS_CONF);
101 FileOutputStream fos = new FileOutputStream(f);
102 fos.write((
|