public static TgtTicket getTgt( KrbClient krbClient, String keytab, String ccache, String principal, String password ) throws KrbException { TgtTicket tgt = null; if ( keytab != null ) { tgt = krbClient.requestTgt( principal, keytab ); } else if ( ccache != null ) { try { CredentialCache cc = krbClient.resolveCredCache( new File( ccache ) ); Credential cred = cc.getCredentials().get( 0 ); tgt = krbClient.getTgtTicketFromCredential( cred ); } catch ( IOException e ) { throw new KrbException( e.getMessage() ); } } else { tgt = krbClient.requestTgt( principal, password ); } return tgt; }
/** * Request a TGT with user plain credential * @param principal The principal * @param password The password * @return The tgt ticket * @throws KrbException e */ public TgtTicket requestTgt(String principal, String password) throws KrbException { KOptions requestOptions = new KOptions(); requestOptions.add(KrbOption.CLIENT_PRINCIPAL, principal); requestOptions.add(KrbOption.USE_PASSWD, true); requestOptions.add(KrbOption.USER_PASSWD, password); return requestTgt(requestOptions); }
/** * Request a TGT with user plain credential * @param principal The principal * @param password The password * @return The tgt ticket * @throws KrbException e */ public TgtTicket requestTgt(String principal, String password) throws KrbException { KOptions requestOptions = new KOptions(); requestOptions.add(KrbOption.CLIENT_PRINCIPAL, principal); requestOptions.add(KrbOption.USE_PASSWD, true); requestOptions.add(KrbOption.USER_PASSWD, password); return requestTgt(requestOptions); }
/** * Request a TGT with user plain credential * @param principal The principal * @param keytabFile The keytab file * @return TGT * @throws KrbException e */ public TgtTicket requestTgt(String principal, File keytabFile) throws KrbException { KOptions requestOptions = new KOptions(); requestOptions.add(KrbOption.CLIENT_PRINCIPAL, principal); requestOptions.add(KrbOption.USE_KEYTAB, true); requestOptions.add(KrbOption.KEYTAB_FILE, keytabFile); return requestTgt(requestOptions); } }
/** * Request a TGT with user plain credential * @param principal The principal * @param keytabFile The keytab file * @return TGT * @throws KrbException e */ public TgtTicket requestTgt(String principal, File keytabFile) throws KrbException { KOptions requestOptions = new KOptions(); requestOptions.add(KrbOption.CLIENT_PRINCIPAL, principal); requestOptions.add(KrbOption.USE_KEYTAB, true); requestOptions.add(KrbOption.KEYTAB_FILE, keytabFile); return requestTgt(requestOptions); } }
protected void performKdcTest() throws Exception { TgtTicket tgt; SgtTicket tkt; try { tgt = getKrbClient().requestTgt(getClientPrincipal(), getClientPassword()); assertThat(tgt).isNotNull(); tkt = getKrbClient().requestSgt(tgt, getServerPrincipal()); assertThat(tkt).isNotNull(); } catch (Exception e) { Assert.fail("Exception occurred with good password. " + e.toString()); } } }
@Test public void testStoringSGT() throws Exception { TgtTicket tgt = getKrbClient().requestTgt(getClientPrincipal(), getClientPassword()); assertThat(tgt).isNotNull(); SgtTicket tkt = getKrbClient().requestSgt(tgt, getServerPrincipal()); assertThat(tkt).isNotNull(); File ccFile = new File("target/cache.cc"); if (ccFile.exists()) { ccFile.delete(); } try { // Test storing the SGT and not the TGT getKrbClient().storeTicket(tkt, ccFile); } catch (Throwable t) { t.printStackTrace(); } } }
flag *= INTERVAL; while (true) { krbClient.requestTgt(results); reList[flag] += 1;
flag *= INTERVAL; while (true) { krbClient.requestTgt(results); reList[flag] += 1;
tgt = getKrbClient().requestTgt(getClientPrincipal(), getClientPassword()); assertThat(tgt).isNotNull(); tgt = getKrbClient().requestTgt(getClientPrincipal(), getClientPassword()); assertThat(tgt).isNotNull();
tgt = krbClient.requestTgt(convertOptions(ktOptions)); } catch (KrbException e) { System.err.println("Authentication failed: " + e.getMessage());
@Test public void testUnknownClientPrincipal() { String principal = "unknown@" + TestKdcServer.KDC_REALM; try { getKrbClient().requestTgt(principal, getClientPassword()); } catch (KrbException ex) { Assert.assertEquals(KrbErrorCode.KDC_ERR_C_PRINCIPAL_UNKNOWN, ex.getKrbErrorCode()); } }
@Test public void testUnknownClientPassword() { try { getKrbClient().requestTgt(getClientPrincipal(), "badpass"); } catch (KrbException ex) { Assert.assertEquals(KrbErrorCode.KRB_AP_ERR_BAD_INTEGRITY, ex.getKrbErrorCode()); } }
@Test public void testLoginARCFOURHMAC() throws Exception { KrbClient client = super.getKrbClient(); client.getKrbConfig().setString(KrbConfigKey.PERMITTED_ENCTYPES, "arcfour-hmac"); KOptions requestOptions = new KOptions(); requestOptions.add(KrbOption.CLIENT_PRINCIPAL, getClientPrincipal()); requestOptions.add(KrbOption.USE_KEYTAB, true); File keytab = new File(getTestDir(), "test-client.keytab"); requestOptions.add(KrbOption.KEYTAB_FILE, keytab); getKdcServer().exportPrincipal(getClientPrincipal(), keytab); TgtTicket tgt = client.requestTgt(requestOptions); assertThat(tgt).isNotNull(); SgtTicket tkt = client.requestSgt(tgt, getServerPrincipal()); assertThat(tkt).isNotNull(); keytab.delete(); }
@Test public void testPreAuthTrue() throws Exception { KrbClient client = super.getKrbClient(); client.getKrbConfig().setString(KrbConfigKey.PREAUTH_REQUIRED, "true"); KOptions requestOptions = new KOptions(); requestOptions.add(KrbOption.CLIENT_PRINCIPAL, getClientPrincipal()); requestOptions.add(KrbOption.USE_KEYTAB, true); File keytab = new File(getTestDir(), "test-client.keytab"); requestOptions.add(KrbOption.KEYTAB_FILE, keytab); getKdcServer().exportPrincipal(getClientPrincipal(), keytab); TgtTicket tgt = client.requestTgt(requestOptions); assertThat(tgt).isNotNull(); SgtTicket tkt = client.requestSgt(tgt, getServerPrincipal()); assertThat(tkt).isNotNull(); keytab.delete(); }
@Test public void testPreAuthFalse() throws Exception { KrbClient client = super.getKrbClient(); client.getKrbConfig().setString(KrbConfigKey.PREAUTH_REQUIRED, "false"); KOptions requestOptions = new KOptions(); requestOptions.add(KrbOption.CLIENT_PRINCIPAL, getClientPrincipal()); requestOptions.add(KrbOption.USE_KEYTAB, true); File keytab = new File(getTestDir(), "test-client.keytab"); requestOptions.add(KrbOption.KEYTAB_FILE, keytab); getKdcServer().exportPrincipal(getClientPrincipal(), keytab); TgtTicket tgt = client.requestTgt(requestOptions); assertThat(tgt).isNotNull(); SgtTicket tkt = client.requestSgt(tgt, getServerPrincipal()); assertThat(tkt).isNotNull(); keytab.delete(); }
@Test public void testLoginRC4HMAC() throws Exception { KrbClient client = super.getKrbClient(); client.getKrbConfig().setString(KrbConfigKey.PERMITTED_ENCTYPES, "rc4-hmac"); KOptions requestOptions = new KOptions(); requestOptions.add(KrbOption.CLIENT_PRINCIPAL, getClientPrincipal()); requestOptions.add(KrbOption.USE_KEYTAB, true); File keytab = new File(getTestDir(), "test-client.keytab"); requestOptions.add(KrbOption.KEYTAB_FILE, keytab); getKdcServer().exportPrincipal(getClientPrincipal(), keytab); TgtTicket tgt = client.requestTgt(requestOptions); assertThat(tgt).isNotNull(); SgtTicket tkt = client.requestSgt(tgt, getServerPrincipal()); assertThat(tkt).isNotNull(); keytab.delete(); } }
tgt = getKrbClient().requestTgt(getClientPrincipal(), getClientPassword()); assertThat(tgt).isNotNull();
protected Subject loginClientUsingTicketCache() throws Exception { TgtTicket tgt = getKrbClient().requestTgt(getClientPrincipal(), getClientPassword()); getKrbClient().storeTicket(tgt, ticketCacheFile); return JaasKrbUtil.loginUsingTicketCache(getClientPrincipal(), ticketCacheFile); }
@Test public void testUnknownServicePrincipal() { try { TgtTicket tgtTicket = getKrbClient().requestTgt(getClientPrincipal(), getClientPassword()); String serverPrincipal = "unknown/" + getHostname() + "@" + TestKdcServer.KDC_REALM; getKrbClient().requestSgt(tgtTicket, serverPrincipal); } catch (KrbException ex) { Assert.assertEquals(KrbErrorCode.KDC_ERR_S_PRINCIPAL_UNKNOWN, ex.getKrbErrorCode()); } }