public KdcOptions getKdcOptions() { return kdcReq.getReqBody().getKdcOptions(); }
public KdcOptions getKdcOptions() { return kdcReq.getReqBody().getKdcOptions(); }
/** * Get request realm. * @param kdcReq kdc request * @return realm */ private String getRequestRealm(KdcReq kdcReq) { String realm = kdcReq.getReqBody().getRealm(); if (realm == null && kdcReq.getReqBody().getCname() != null) { realm = kdcReq.getReqBody().getCname().getRealm(); } return realm; } }
/** * Get request realm. * @param kdcReq kdc request * @return realm */ private String getRequestRealm(KdcReq kdcReq) { String realm = kdcReq.getReqBody().getRealm(); if (realm == null && kdcReq.getReqBody().getCname() != null) { realm = kdcReq.getReqBody().getCname().getRealm(); } return realm; } }
protected PrincipalName getServerPrincipal() { return getKdcReq().getReqBody().getSname(); }
protected PrincipalName getServerPrincipal() { return getKdcReq().getReqBody().getSname(); }
/** * Check encryption type. * * @throws org.apache.kerby.kerberos.kerb.KrbException e */ protected void checkEncryptionType() throws KrbException { List<EncryptionType> requestedTypes = getKdcReq().getReqBody().getEtypes(); EncryptionType bestType = EncryptionUtil.getBestEncryptionType(requestedTypes, kdcContext.getConfig().getEncryptionTypes()); if (bestType == null) { LOG.error("Can't get the best encryption type."); throw new KrbException(KrbErrorCode.KDC_ERR_ETYPE_NOSUPP); } setEncryptionType(bestType); }
/** * Check encryption type. * * @throws org.apache.kerby.kerberos.kerb.KrbException e */ protected void checkEncryptionType() throws KrbException { List<EncryptionType> requestedTypes = getKdcReq().getReqBody().getEtypes(); EncryptionType bestType = EncryptionUtil.getBestEncryptionType(requestedTypes, kdcContext.getConfig().getEncryptionTypes()); if (bestType == null) { LOG.error("Can't get the best encryption type."); throw new KrbException(KrbErrorCode.KDC_ERR_ETYPE_NOSUPP); } setEncryptionType(bestType); }
private void fastAsArmor(KrbFastRequestState state, EncryptionKey armorKey, EncryptionKey subKey, Credential credential, KdcReq kdcReq) throws KrbException { state.setArmorKey(armorKey); state.setFastArmor(fastArmorApRequest(subKey, credential)); KdcReq fastOuterRequest = new AsReq(); fastOuterRequest.setReqBody(kdcReq.getReqBody()); fastOuterRequest.setPaData(null); state.setFastOuterRequest(fastOuterRequest); }
private void fastAsArmor(KrbFastRequestState state, EncryptionKey armorKey, EncryptionKey subKey, Credential credential, KdcReq kdcReq) throws KrbException { state.setArmorKey(armorKey); state.setFastArmor(fastArmorApRequest(subKey, credential)); KdcReq fastOuterRequest = new AsReq(); fastOuterRequest.setReqBody(kdcReq.getReqBody()); fastOuterRequest.setPaData(null); state.setFastOuterRequest(fastOuterRequest); }
protected PrincipalName getclientPrincipal() { if (kdcRequest.isToken()) { return new PrincipalName(kdcRequest.getToken().getSubject()); } else { PrincipalName principalName = getKdcReq().getReqBody().getCname(); if (getKdcRequest().isAnonymous()) { principalName.setNameType(NameType.NT_WELLKNOWN); } return principalName; } }
protected PrincipalName getclientPrincipal() { if (kdcRequest.isToken()) { return new PrincipalName(kdcRequest.getToken().getSubject()); } else { PrincipalName principalName = getKdcReq().getReqBody().getCname(); if (getKdcRequest().isAnonymous()) { principalName.setNameType(NameType.NT_WELLKNOWN); } return principalName; } }
public void process() throws KrbException { KdcReq kdcReq = kdcRequest.getKdcReq(); KrbFastRequestState state = kdcRequest.getFastRequestState(); fastAsArmor(state, kdcRequest.getArmorKey(), subKey, credential, kdcReq); kdcRequest.setFastRequestState(state); kdcRequest.setOuterRequestBody(KrbCodec.encode(state.getFastOuterRequest().getReqBody())); kdcReq.getPaData().addElement(makeFastEntry(state, kdcReq, kdcRequest.getOuterRequestBody())); }
public void process() throws KrbException { KdcReq kdcReq = kdcRequest.getKdcReq(); KrbFastRequestState state = kdcRequest.getFastRequestState(); fastAsArmor(state, kdcRequest.getArmorKey(), subKey, credential, kdcReq); kdcRequest.setFastRequestState(state); kdcRequest.setOuterRequestBody(KrbCodec.encode(state.getFastOuterRequest().getReqBody())); kdcReq.getPaData().addElement(makeFastEntry(state, kdcReq, kdcRequest.getOuterRequestBody())); }
public Ticket issueTicket() throws KrbException { KdcReq request = kdcRequest.getKdcReq(); Ticket issuedTicket = new Ticket(); PrincipalName serverPrincipal = getServerPrincipal(); issuedTicket.setSname(serverPrincipal); String serverRealm = request.getReqBody().getRealm(); issuedTicket.setRealm(serverRealm); EncTicketPart encTicketPart = makeEncTicketPart(); EncryptionKey encryptionKey = getTicketEncryptionKey(); EncryptedData encryptedData = EncryptionUtil.seal(encTicketPart, encryptionKey, KeyUsage.KDC_REP_TICKET); issuedTicket.setEncryptedEncPart(encryptedData); issuedTicket.setEncPart(encTicketPart); return issuedTicket; }
public Ticket issueTicket() throws KrbException { KdcReq request = kdcRequest.getKdcReq(); Ticket issuedTicket = new Ticket(); PrincipalName serverPrincipal = getServerPrincipal(); issuedTicket.setSname(serverPrincipal); String serverRealm = request.getReqBody().getRealm(); issuedTicket.setRealm(serverRealm); EncTicketPart encTicketPart = makeEncTicketPart(); EncryptionKey encryptionKey = getTicketEncryptionKey(); EncryptedData encryptedData = EncryptionUtil.seal(encTicketPart, encryptionKey, KeyUsage.KDC_REP_TICKET); issuedTicket.setEncryptedEncPart(encryptedData); issuedTicket.setEncPart(encTicketPart); return issuedTicket; }
/** * Process the recoverable exception. * * @param e The exception return by kdc * @param kdcRequest kdc request * @return The KrbError */ private KrbMessage handleRecoverableException(KdcRecoverableException e, KdcRequest kdcRequest) { LOG.info("KRB error occurred while processing request:" + e.getMessage()); KrbError error = e.getKrbError(); error.setStime(KerberosTime.now()); error.setSusec(100); error.setErrorCode(e.getKrbError().getErrorCode()); error.setRealm(kdcContext.getKdcRealm()); if (kdcRequest != null) { error.setSname(kdcRequest.getKdcReq().getReqBody().getCname()); } else { error.setSname(new PrincipalName("NONE")); } error.setEtext(e.getMessage()); return error; }
/** * Process the recoverable exception. * * @param e The exception return by kdc * @param kdcRequest kdc request * @return The KrbError */ private KrbMessage handleRecoverableException(KdcRecoverableException e, KdcRequest kdcRequest) { LOG.info("KRB error occurred while processing request:" + e.getMessage()); KrbError error = e.getKrbError(); error.setStime(KerberosTime.now()); error.setSusec(100); error.setErrorCode(e.getKrbError().getErrorCode()); error.setRealm(kdcContext.getKdcRealm()); if (kdcRequest != null) { error.setSname(kdcRequest.getKdcReq().getReqBody().getCname()); } else { error.setSname(new PrincipalName("NONE")); } error.setEtext(e.getMessage()); return error; }
private PaDataEntry makeFastEntry(KrbFastRequestState state, KdcReq kdcReq, byte[] outerRequestBody) throws KrbException { KrbFastReq fastReq = new KrbFastReq(); fastReq.setKdcReqBody(kdcReq.getReqBody()); fastReq.setFastOptions(state.getFastOptions()); PaFxFastRequest paFxFastRequest = new PaFxFastRequest(); KrbFastArmoredReq armoredReq = new KrbFastArmoredReq(); armoredReq.setArmor(state.getFastArmor()); CheckSum reqCheckSum = CheckSumUtil.makeCheckSumWithKey(CheckSumType.NONE, outerRequestBody, state.getArmorKey(), KeyUsage.FAST_REQ_CHKSUM); armoredReq.setReqChecksum(reqCheckSum); armoredReq.setEncryptedFastReq(EncryptionUtil.seal(fastReq, state.getArmorKey(), KeyUsage.FAST_ENC)); paFxFastRequest.setFastArmoredReq(armoredReq); PaDataEntry paDataEntry = new PaDataEntry(); paDataEntry.setPaDataType(PaDataType.FX_FAST); paDataEntry.setPaDataValue(KrbCodec.encode(paFxFastRequest)); return paDataEntry; }
private PaDataEntry makeFastEntry(KrbFastRequestState state, KdcReq kdcReq, byte[] outerRequestBody) throws KrbException { KrbFastReq fastReq = new KrbFastReq(); fastReq.setKdcReqBody(kdcReq.getReqBody()); fastReq.setFastOptions(state.getFastOptions()); PaFxFastRequest paFxFastRequest = new PaFxFastRequest(); KrbFastArmoredReq armoredReq = new KrbFastArmoredReq(); armoredReq.setArmor(state.getFastArmor()); CheckSum reqCheckSum = CheckSumUtil.makeCheckSumWithKey(CheckSumType.NONE, outerRequestBody, state.getArmorKey(), KeyUsage.FAST_REQ_CHKSUM); armoredReq.setReqChecksum(reqCheckSum); armoredReq.setEncryptedFastReq(EncryptionUtil.seal(fastReq, state.getArmorKey(), KeyUsage.FAST_ENC)); paFxFastRequest.setFastArmoredReq(armoredReq); PaDataEntry paDataEntry = new PaDataEntry(); paDataEntry.setPaDataType(PaDataType.FX_FAST); paDataEntry.setPaDataValue(KrbCodec.encode(paFxFastRequest)); return paDataEntry; }