diff --git a/pom.xml b/pom.xml
index dd4eebaa9d2..66013304eb8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -61,8 +61,9 @@
1.6.0
4.0.1
3.14.0
- 2.0.0-M24
- 1.0.0
+ 2.0.0.AM27
+ 2.1.6
+ 2.0.3
2.0.0-M3
1.0.0-M8
1.67
@@ -1071,12 +1072,6 @@
${version.org.apache.directory.server}
test
-
- org.apache.directory.server
- apacheds-protocol-kerberos
- ${version.org.apache.directory.server}
- test
-
org.apache.directory.server
apacheds-protocol-ldap
@@ -1109,6 +1104,12 @@
+
+ org.apache.kerby
+ kerb-simplekdc
+ ${version.org.apache.kerby}
+ test
+
commons-io
commons-io
diff --git a/tests/base/pom.xml b/tests/base/pom.xml
index d894887c815..e20e0391f24 100644
--- a/tests/base/pom.xml
+++ b/tests/base/pom.xml
@@ -642,11 +642,6 @@
apacheds-kerberos-codec
test
-
- org.apache.directory.server
- apacheds-protocol-kerberos
- test
-
org.apache.directory.server
apacheds-protocol-ldap
@@ -658,6 +653,11 @@
+
+ org.apache.kerby
+ kerb-simplekdc
+ test
+
org.apache.directory.mavibot
mavibot
diff --git a/tests/base/src/test/java/org/wildfly/security/apacheds/LdapService.java b/tests/base/src/test/java/org/wildfly/security/apacheds/LdapService.java
index 66405961cbd..6952fa783d2 100644
--- a/tests/base/src/test/java/org/wildfly/security/apacheds/LdapService.java
+++ b/tests/base/src/test/java/org/wildfly/security/apacheds/LdapService.java
@@ -143,7 +143,6 @@ public Builder addPartition(final String id, final String partitionName, final i
for (String current : indexes) {
partitionFactory.addIndex(partition, current, indexSize);
}
- partition.setCacheService(directoryService.getCacheService());
partition.initialize();
directoryService.addPartition(partition);
diff --git a/tests/base/src/test/java/org/wildfly/security/credential/store/KeystorePasswordStoreTest.java b/tests/base/src/test/java/org/wildfly/security/credential/store/KeystorePasswordStoreTest.java
index e040f146f1f..b0505bd12ab 100644
--- a/tests/base/src/test/java/org/wildfly/security/credential/store/KeystorePasswordStoreTest.java
+++ b/tests/base/src/test/java/org/wildfly/security/credential/store/KeystorePasswordStoreTest.java
@@ -34,7 +34,7 @@
import java.util.concurrent.locks.ReadWriteLock;
import java.util.function.Supplier;
-import org.apache.commons.lang.RandomStringUtils;
+import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
diff --git a/tests/base/src/test/java/org/wildfly/security/ldap/DirContextFactoryRule.java b/tests/base/src/test/java/org/wildfly/security/ldap/DirContextFactoryRule.java
index 8917941078b..d1dac5e6bca 100644
--- a/tests/base/src/test/java/org/wildfly/security/ldap/DirContextFactoryRule.java
+++ b/tests/base/src/test/java/org/wildfly/security/ldap/DirContextFactoryRule.java
@@ -94,7 +94,6 @@ private static void createStores(KeyStore localhostKeyStore, KeyStore scarabKeyS
.addExtension(false, "BasicConstraints", "CA:true,pathlen:2147483647")
.build();
X509Certificate issuerCertificate = issuerSelfSignedX509CertificateAndSigningKey.getSelfSignedCertificate();
- localhostKeyStore.setCertificateEntry("ca", issuerCertificate);
trustStore.setCertificateEntry("mykey", issuerCertificate);
// Generates certificate and keystore for Localhost
diff --git a/tests/base/src/test/java/org/wildfly/security/ldap/ModifiabilitySuiteChild.java b/tests/base/src/test/java/org/wildfly/security/ldap/ModifiabilitySuiteChild.java
index a42a8b3074e..0b29b35b41d 100644
--- a/tests/base/src/test/java/org/wildfly/security/ldap/ModifiabilitySuiteChild.java
+++ b/tests/base/src/test/java/org/wildfly/security/ldap/ModifiabilitySuiteChild.java
@@ -72,7 +72,7 @@ public static void createRealm() throws InvalidNameException {
AttributeMapping.fromIdentity().from("sn").to("lastName").build(),
AttributeMapping.fromIdentity().from("description").to("description").build(),
AttributeMapping.fromIdentity().from("telephoneNumber").to("phones").build(),
- AttributeMapping.fromFilter("(&(objectClass=groupOfNames)(member={0}))").searchDn("ou=Finance,dc=elytron,dc=wildfly,dc=org").extractRdn("OU").to("businessArea").build())
+ AttributeMapping.fromFilter("(&(objectClass=groupOfNames)(member=uid={0}))").searchDn("ou=Finance,dc=elytron,dc=wildfly,dc=org").extractRdn("OU").to("businessArea").build())
.setNewIdentityParent(new LdapName("dc=elytron,dc=wildfly,dc=org"))
.setNewIdentityAttributes(attributes)
.setIteratorFilter("(uid=*)")
diff --git a/tests/base/src/test/java/org/wildfly/security/sasl/gssapi/TestKDC.java b/tests/base/src/test/java/org/wildfly/security/sasl/gssapi/TestKDC.java
index 88789b58e58..23fd54723d0 100644
--- a/tests/base/src/test/java/org/wildfly/security/sasl/gssapi/TestKDC.java
+++ b/tests/base/src/test/java/org/wildfly/security/sasl/gssapi/TestKDC.java
@@ -26,7 +26,6 @@
import java.util.Map;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
-import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
import org.apache.directory.api.ldap.model.ldif.LdifEntry;
import org.apache.directory.api.ldap.model.ldif.LdifReader;
import org.apache.directory.api.ldap.model.schema.SchemaManager;
@@ -37,21 +36,21 @@
import org.apache.directory.server.core.factory.DirectoryServiceFactory;
import org.apache.directory.server.core.factory.PartitionFactory;
import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor;
-import org.apache.directory.server.kerberos.KerberosConfig;
-import org.apache.directory.server.kerberos.kdc.KdcServer;
import org.apache.directory.server.kerberos.shared.crypto.encryption.KerberosKeyFactory;
-import org.apache.directory.server.kerberos.shared.keytab.Keytab;
-import org.apache.directory.server.kerberos.shared.keytab.KeytabEntry;
import org.apache.directory.server.ldap.LdapServer;
import org.apache.directory.server.protocol.shared.transport.TcpTransport;
import org.apache.directory.server.protocol.shared.transport.Transport;
-import org.apache.directory.server.protocol.shared.transport.UdpTransport;
-import org.apache.directory.shared.kerberos.KerberosTime;
import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
import org.apache.directory.shared.kerberos.components.EncryptionKey;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.keytab.Keytab;
+import org.apache.kerby.kerberos.kerb.keytab.KeytabEntry;
+import org.apache.kerby.kerberos.kerb.server.SimpleKdcServer;
+import org.apache.kerby.kerberos.kerb.server.impl.DefaultInternalKdcServerImpl;
+import org.apache.kerby.kerberos.kerb.type.KerberosTime;
+import org.apache.kerby.kerberos.kerb.type.base.PrincipalName;
import org.jboss.logging.Logger;
-import javax.security.auth.kerberos.KerberosPrincipal;
/**
* Utility class to wrap starting and stopping of the directory server and the KDC.
@@ -63,7 +62,7 @@ public class TestKDC {
private static Logger log = Logger.getLogger(TestKDC.class);
private File workingDir;
private DirectoryService directoryService;
- private KdcServer kdcServer;
+ private SimpleKdcServer kdcServer;
private String originalConfig;
private boolean exposeLdapServer;
private LdapServer ldapServer;
@@ -117,7 +116,6 @@ private static void createPartition(final DirectoryServiceFactory dsf, final Sch
for (String current : indexAttributes) {
pf.addIndex(p, current, 10);
}
- p.setCacheService(directoryService.getCacheService());
p.initialize();
directoryService.addPartition(p);
}
@@ -156,27 +154,24 @@ public void startKDC() {
File configPath = new File(TestKDC.class.getResource("/krb5.conf").getFile());
originalConfig = System.setProperty("java.security.krb5.conf", configPath.getAbsolutePath());
- KdcServer kdcServer = new KdcServer();
- kdcServer.setServiceName("TestKDCServer");
- kdcServer.setSearchBaseDn("dc=wildfly,dc=org");
- KerberosConfig config = kdcServer.getConfig();
- config.setServicePrincipal("krbtgt/WILDFLY.ORG@WILDFLY.ORG");
- config.setPrimaryRealm("WILDFLY.ORG");
- config.setMaximumTicketLifetime(60000 * 1440);
- config.setMaximumRenewableLifetime(60000 * 10080);
-
- config.setPaEncTimestampRequired(false);
+ try {
+ SimpleKdcServer kdcServer = new SimpleKdcServer();
+ kdcServer.setKdcRealm("WILDFLY.ORG");
+ kdcServer.setKdcHost("localhost");
+ kdcServer.setInnerKdcImpl(new DefaultInternalKdcServerImpl(kdcServer.getKdcSetting()));
+ kdcServer.setAllowUdp(true);
+ kdcServer.setKdcUdpPort(6088);
- UdpTransport udp = new UdpTransport("localhost", 6088);
- kdcServer.addTransports(udp);
+ kdcServer.init();
- kdcServer.setDirectoryService(directoryService);
+ kdcServer.createPrincipal("sasl/test_server_1@WILDFLY.ORG", "servicepwd");
+ kdcServer.createPrincipal("sasl/test_server_2@WILDFLY.ORG", "servicepwd");
+ kdcServer.createPrincipal("jduke@WILDFLY.ORG", "theduke");
- // Launch the server
- try {
+ // Launch the server
kdcServer.start();
this.kdcServer = kdcServer;
- } catch (IOException | LdapInvalidDnException e) {
+ } catch (KrbException e) {
throw new IllegalStateException("Unable to start KDC", e);
}
}
@@ -186,7 +181,11 @@ private void stopKDC() {
return;
}
- kdcServer.stop();
+ try {
+ kdcServer.stop();
+ } catch (KrbException e) {
+ throw new IllegalStateException("Unable to stop KDC", e);
+ }
kdcServer = null;
if (originalConfig != null) {
@@ -232,7 +231,7 @@ public void stopAll() {
public String generateKeyTab(String keyTabFileName, String... credentials) {
log.debug("Generating keytab: " + keyTabFileName);
List entries = new ArrayList<>();
- KerberosTime ktm = new KerberosTime();
+ KerberosTime ktm = KerberosTime.now();
for (int i = 0; i < credentials.length;) {
String principal = credentials[i++];
@@ -242,15 +241,16 @@ public String generateKeyTab(String keyTabFileName, String... credentials) {
.entrySet()) {
EncryptionKey key = keyEntry.getValue();
log.debug("Adding key=" + key + " for principal=" + principal);
- entries.add(new KeytabEntry(principal, KerberosPrincipal.KRB_NT_PRINCIPAL, ktm, (byte) key.getKeyVersion(), key));
+ entries.add(new KeytabEntry(new PrincipalName(principal), ktm, key.getKeyVersion(),
+ new org.apache.kerby.kerberos.kerb.type.base.EncryptionKey(key.getKeyType().getValue(), key.getKeyValue(), key.getKeyVersion())));
}
}
- Keytab keyTab = Keytab.getInstance();
- keyTab.setEntries(entries);
+ Keytab keyTab = new Keytab();
+ keyTab.addKeytabEntries(entries);
try {
File keyTabFile = new File(workingDir, keyTabFileName);
- keyTab.write(keyTabFile);
+ keyTab.store(keyTabFile);
return keyTabFile.getAbsolutePath();
} catch (IOException e) {
throw new IllegalStateException("Cannot create keytab: " + keyTabFileName, e);