use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.
the class Immutable method main.
public static void main(String[] args) throws Exception {
PrincipalName pn1 = new PrincipalName("host/service@REALM");
PrincipalName pn2 = (PrincipalName) pn1.clone();
pn1.getNameStrings()[0] = "http";
if (!pn1.equals(pn2)) {
throw new Exception();
}
}
use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.
the class SSL method main.
public static void main(String[] args) throws Exception {
// reset the security property to make sure that the algorithms
// and keys used in this test are not disabled.
Security.setProperty("jdk.tls.disabledAlgorithms", "");
krb5Cipher = args[0];
boolean unbound = args.length > 1;
System.setSecurityManager(new SSL());
KDC kdc = KDC.create(OneKDC.REALM);
server = "host." + OneKDC.REALM.toLowerCase(Locale.US);
if (args.length > 2) {
sniHostname = "test." + server;
sniMatcherPattern = ".*";
}
kdc.addPrincipal(OneKDC.USER, OneKDC.PASS);
kdc.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
KDC.saveConfig(OneKDC.KRB5_CONF, kdc);
System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF);
// Add 3 versions of keys into keytab
KeyTab ktab = KeyTab.create(OneKDC.KTAB);
String serviceName = null;
if (sniHostname != null) {
serviceName = "host/" + sniHostname;
} else {
serviceName = "host/" + server;
}
PrincipalName service = new PrincipalName(serviceName, PrincipalName.KRB_NT_SRV_HST);
ktab.addEntry(service, "pass1".toCharArray(), 1, true);
ktab.addEntry(service, "pass2".toCharArray(), 2, true);
ktab.addEntry(service, "pass3".toCharArray(), 3, true);
ktab.save();
// and use the middle one as the real key
kdc.addPrincipal(serviceName, "pass2".toCharArray());
// JAAS config entry name ssl
System.setProperty("java.security.auth.login.config", OneKDC.JAAS_CONF);
File f = new File(OneKDC.JAAS_CONF);
FileOutputStream fos = new FileOutputStream(f);
fos.write(("ssl {\n" + " com.sun.security.auth.module.Krb5LoginModule required\n" + (unbound ? " principal=*\n" : " principal=\"" + serviceName + "\"\n") + " useKeyTab=true\n" + " keyTab=" + OneKDC.KTAB + "\n" + " isInitiator=false\n" + " storeKey=true;\n};\n").getBytes());
fos.close();
Context c;
final Context s = Context.fromJAAS("ssl");
s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
Thread server = new Thread(new Runnable() {
public void run() {
try {
s.doAs(new JsseServerAction(), null);
} catch (Exception e) {
e.printStackTrace();
serverState = 2;
}
}
});
server.setDaemon(true);
server.start();
while (serverState == 0) {
Thread.sleep(50);
}
if (serverState == 2) {
throw new Exception("Server already failed");
}
c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
c.startAsClient(serviceName, GSSUtil.GSS_KRB5_MECH_OID);
c.doAs(new JsseClientAction(), null);
// Add another version of key, make sure it can be loaded
Thread.sleep(2000);
ktab = KeyTab.getInstance(OneKDC.KTAB);
ktab.addEntry(service, "pass4".toCharArray(), 4, true);
ktab.save();
kdc.addPrincipal(serviceName, "pass4".toCharArray());
c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
c.startAsClient(serviceName, GSSUtil.GSS_KRB5_MECH_OID);
c.doAs(new JsseClientAction(), null);
// implementation related.
if (unbound) {
// and checks "accept". Second connection resume.
if (!permChecks.equals("IA")) {
throw new Exception();
}
} else {
// client then checks "initiate". Second connection resume.
if (!permChecks.equals("AAI")) {
throw new Exception();
}
}
}
Aggregations