[jboss-cvs] JBossAS SVN: r114803 - branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Apr 14 09:54:00 EDT 2014
Author: pjelinek
Date: 2014-04-14 09:53:59 -0400 (Mon, 14 Apr 2014)
New Revision: 114803
Modified:
branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/GSSTestServer.java
branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/KerberosServerControl.java
branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/NegotiationSetup.java
Log:
JBPAPP-11001 workaround - on behalf of hmlnarik at redhat.com
Modified: branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/GSSTestServer.java
===================================================================
--- branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/GSSTestServer.java 2014-04-11 13:19:10 UTC (rev 114802)
+++ branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/GSSTestServer.java 2014-04-14 13:53:59 UTC (rev 114803)
@@ -112,7 +112,7 @@
final Socket socket = new Socket();
try
{
- socket.connect(new InetSocketAddress(InetAddress.getLocalHost(), PORT), SOCKET_TIMEOUT);
+ socket.connect(new InetSocketAddress(InetAddress.getByName(null), PORT), SOCKET_TIMEOUT);
DataOutputStream dos = new DataOutputStream(socket.getOutputStream());
dos.writeInt(CMD_STOP);
dos.flush();
Modified: branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/KerberosServerControl.java
===================================================================
--- branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/KerberosServerControl.java 2014-04-11 13:19:10 UTC (rev 114802)
+++ branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/KerberosServerControl.java 2014-04-14 13:53:59 UTC (rev 114803)
@@ -131,7 +131,7 @@
if (args.length == 1 && STOP_CMD.equals(args[0]))
{
System.out.println("Sending STOP command to Kerberos controll process.");
- SocketAddress sockaddr = new InetSocketAddress(InetAddress.getLocalHost(), SERVER_PORT);
+ SocketAddress sockaddr = new InetSocketAddress(InetAddress.getByName(null), SERVER_PORT);
// Create an unbound socket
Socket sock = new Socket();
sock.connect(sockaddr, SOCKET_TIMEOUT);
Modified: branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/NegotiationSetup.java
===================================================================
--- branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/NegotiationSetup.java 2014-04-11 13:19:10 UTC (rev 114802)
+++ branches/JBPAPP_5/testsuite/src/main/org/jboss/test/security/negotiation/NegotiationSetup.java 2014-04-14 13:53:59 UTC (rev 114803)
@@ -21,7 +21,10 @@
*/
package org.jboss.test.security.negotiation;
+import java.io.ByteArrayOutputStream;
+import java.io.DataOutputStream;
import java.io.File;
+import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.util.ArrayList;
@@ -74,6 +77,12 @@
private final String serverPrincipalName;
+ /**
+ * Byte array constant for keytab file format 5.2.
+ */
+ public static final byte[] VERSION_52 = new byte[]
+ { ( byte ) 0x05, ( byte ) 0x02 };
+
// Constructors ----------------------------------------------------------
/**
@@ -180,28 +189,73 @@
* @param password
* @param keytabFile
* @throws IOException
- * @throws DocumentException
*/
- private static final void createKeytabFile(String principalName, String password, File keytabFile)
- throws IOException, DocumentException
- {
- final KerberosTime timeStamp = new KerberosTime();
- final long principalType = 1L; //KRB5_NT_PRINCIPAL
+ public static void createKeytabFile(final String principalName, final String passPhrase, final File keytabFile) throws IOException {
+ LOGGER.info("Principal name: " + principalName);
- final Keytab keytab = Keytab.getInstance();
- final List<KeytabEntry> entries = new ArrayList<KeytabEntry>();
- for (Map.Entry<EncryptionType, EncryptionKey> keyEntry : KerberosKeyFactory.getKerberosKeys(principalName,
- password).entrySet())
- {
- final EncryptionKey key = keyEntry.getValue();
- final byte keyVersion = (byte) key.getKeyVersion();
- entries.add(new KeytabEntry(principalName, principalType, timeStamp, keyVersion, key));
- }
- keytab.setEntries(entries);
- keytab.write(keytabFile);
- }
+ DataOutputStream dos = null;
+ try {
+ dos = new DataOutputStream(new FileOutputStream(keytabFile));
+ dos.write(VERSION_52);
+ createKeyTabEntries(dos, principalName, passPhrase, 1 /* KRB5_NT_PRINCIPAL */);
+ } finally {
+ IOUtils.closeQuietly(dos);
+ }
+ }
/**
+ * Produces a keytab file for given principal-password-type triplet.
+ *
+ * @param dos File to write keytab to
+ * @param principalName
+ * @param passPhrase
+ * @param principalType
+ * @throws IOException
+ */
+ private static void createKeyTabEntries(final DataOutputStream dos, final String principalName, final String passPhrase, int principalType) throws IOException {
+ for (Map.Entry<EncryptionType, EncryptionKey> keyEntry : KerberosKeyFactory.getKerberosKeys(principalName,
+ passPhrase).entrySet()) {
+ final KerberosTime timeStamp = new KerberosTime();
+ final EncryptionKey key = keyEntry.getValue();
+ final byte keyVersion = (byte) key.getKeyVersion();
+ // entries.add(new KeytabEntry(principalName, principalType, timeStamp, keyVersion, key));
+
+ final ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ DataOutputStream entryDos = new DataOutputStream(baos);
+ // handle principal name
+ String[] spnSplit = principalName.split("@");
+ String nameComponent = spnSplit[0];
+ String realm = spnSplit[1];
+
+ String[] nameComponents = nameComponent.split("/");
+ try {
+ // increment for v1
+ entryDos.writeShort((short) nameComponents.length);
+ entryDos.writeUTF(realm);
+ // write components
+ for (String component : nameComponents) {
+ entryDos.writeUTF(component);
+ }
+
+ entryDos.writeInt(principalType);
+ entryDos.writeInt((int) (timeStamp.getTime() / 1000));
+ entryDos.write(keyVersion);
+
+ entryDos.writeShort((short) key.getKeyType().getValue());
+
+ byte[] data = key.getKeyValue();
+ entryDos.writeShort((short) data.length);
+ entryDos.write(data);
+ } finally {
+ IOUtils.closeQuietly(entryDos);
+ }
+ final byte[] entryBytes = baos.toByteArray();
+ dos.writeInt(entryBytes.length);
+ dos.write(entryBytes);
+ }
+ }
+
+ /**
* Registers SPNEGO authenticator in war-deployers-jboss-beans.xml.
*
* @throws DocumentException
More information about the jboss-cvs-commits
mailing list