TestKdcServer.java

package org.apache.kerberos.kerb.server;

import org.apache.kerberos.kerb.common.EncryptionUtil;
import org.apache.kerberos.kerb.identity.KrbIdentity;
import org.apache.kerberos.kerb.keytab.Keytab;
import org.apache.kerberos.kerb.keytab.KeytabEntry;
import org.apache.kerberos.kerb.KrbException;
import org.apache.kerberos.kerb.spec.KerberosTime;
import org.apache.kerberos.kerb.spec.common.EncryptionKey;
import org.apache.kerberos.kerb.spec.common.EncryptionType;
import org.apache.kerberos.kerb.spec.common.PrincipalName;

import java.io.File;
import java.io.IOException;
import java.util.List;
import java.util.Properties;
import java.util.UUID;

public class TestKdcServer extends SimpleKdcServer {

    public static final String ORG_DOMAIN = KdcConfigKey.KDC_DOMAIN.getPropertyKey();
    public static final String KDC_REALM = KdcConfigKey.KDC_REALM.getPropertyKey();
    public static final String KDC_HOST = KdcConfigKey.KDC_HOST.getPropertyKey();
    public static final String KDC_PORT = KdcConfigKey.KDC_PORT.getPropertyKey();
    public static final String WORK_DIR = KdcConfigKey.WORK_DIR.getPropertyKey();

    private static final Properties DEFAULT_CONFIG = new Properties();
    static {
        DEFAULT_CONFIG.setProperty(KDC_HOST, "localhost");
        DEFAULT_CONFIG.setProperty(KDC_PORT, "8018");
        DEFAULT_CONFIG.setProperty(ORG_DOMAIN, "test.com");
        DEFAULT_CONFIG.setProperty(KDC_REALM, "TEST.COM");
    }

    public static Properties createConf() {
        return (Properties) DEFAULT_CONFIG.clone();
    }

    public TestKdcServer() {
        this(createConf());
    }

    public TestKdcServer(Properties conf) {
        super();
        getConfig().getConf().addPropertiesConfig(conf);
    }

    @Override
    public void init() {
        super.init();

        createPrincipals("krbtgt");
    }

    public String getKdcRealm() {
        return getConfig().getKdcRealm();
    }

    public synchronized void createPrincipal(String principal, String password) {
        KrbIdentity identity = new KrbIdentity(principal);
        List<EncryptionType> encTypes = getConfig().getEncryptionTypes();
        List<EncryptionKey> encKeys = null;
        try {
            encKeys = EncryptionUtil.generateKeys(fixPrincipal(principal), password, encTypes);
        } catch (KrbException e) {
            throw new RuntimeException("Failed to generate encryption keys", e);
        }
        identity.addKeys(encKeys);
        getIdentityService().addIdentity(identity);
    }

    public void createPrincipals(String ... principals) {
        String passwd;
        for (String principal : principals) {
            passwd = UUID.randomUUID().toString();
            createPrincipal(fixPrincipal(principal), passwd);
        }
    }

    private String fixPrincipal(String principal) {
        if (! principal.contains("@")) {
            principal += "@" + getKdcRealm();
        }
        return principal;
    }

    public void exportPrincipals(File keytabFile) throws IOException {
        Keytab keytab = new Keytab();

        List<KrbIdentity> identities = getIdentityService().getIdentities();
        for (KrbIdentity identity : identities) {
            PrincipalName principal = identity.getPrincipal();
            KerberosTime timestamp = new KerberosTime();
            for (EncryptionType encType : identity.getKeys().keySet()) {
                EncryptionKey ekey = identity.getKeys().get(encType);
                int keyVersion = ekey.getKvno();
                keytab.addEntry(new KeytabEntry(principal, timestamp, keyVersion, ekey));
            }
        }

        keytab.store(keytabFile);
    }
}