aboutsummaryrefslogtreecommitdiffstats
path: root/sonar-testing-ldap/src/main/java
diff options
context:
space:
mode:
authorJacek Poreda <jacek.poreda@sonarsource.com>2023-11-09 14:40:33 +0100
committersonartech <sonartech@sonarsource.com>2023-11-13 20:02:31 +0000
commit2538abc3b177ba8182806dbb43e6e70153c90fdc (patch)
tree0f4f5dad714149756f444db49812add5b5d13061 /sonar-testing-ldap/src/main/java
parent62e1df0774f15fe990efc4ec2afa1f6e3d0335fd (diff)
downloadsonarqube-2538abc3b177ba8182806dbb43e6e70153c90fdc.tar.gz
sonarqube-2538abc3b177ba8182806dbb43e6e70153c90fdc.zip
[NO-JIRA] Update apache ds 2.0.0.AM26 -> 2.0.0.AM27
Diffstat (limited to 'sonar-testing-ldap/src/main/java')
-rw-r--r--sonar-testing-ldap/src/main/java/org/sonar/ldap/ApacheDS.java71
1 files changed, 41 insertions, 30 deletions
diff --git a/sonar-testing-ldap/src/main/java/org/sonar/ldap/ApacheDS.java b/sonar-testing-ldap/src/main/java/org/sonar/ldap/ApacheDS.java
index 14911fa09ca..9aa94d31483 100644
--- a/sonar-testing-ldap/src/main/java/org/sonar/ldap/ApacheDS.java
+++ b/sonar-testing-ldap/src/main/java/org/sonar/ldap/ApacheDS.java
@@ -30,7 +30,6 @@ import org.apache.directory.api.ldap.model.constants.SupportedSaslMechanisms;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
-import org.apache.directory.api.ldap.model.exception.LdapOperationException;
import org.apache.directory.api.ldap.model.ldif.ChangeType;
import org.apache.directory.api.ldap.model.ldif.LdifEntry;
import org.apache.directory.api.ldap.model.ldif.LdifReader;
@@ -42,8 +41,6 @@ import org.apache.directory.server.core.api.InstanceLayout;
import org.apache.directory.server.core.factory.DefaultDirectoryServiceFactory;
import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor;
import org.apache.directory.server.core.partition.impl.avl.AvlPartition;
-import org.apache.directory.server.kerberos.KerberosConfig;
-import org.apache.directory.server.kerberos.kdc.KdcServer;
import org.apache.directory.server.ldap.LdapServer;
import org.apache.directory.server.ldap.handlers.sasl.MechanismHandler;
import org.apache.directory.server.ldap.handlers.sasl.cramMD5.CramMd5MechanismHandler;
@@ -51,18 +48,22 @@ import org.apache.directory.server.ldap.handlers.sasl.digestMD5.DigestMd5Mechani
import org.apache.directory.server.ldap.handlers.sasl.gssapi.GssapiMechanismHandler;
import org.apache.directory.server.ldap.handlers.sasl.plain.PlainMechanismHandler;
import org.apache.directory.server.protocol.shared.transport.TcpTransport;
-import org.apache.directory.server.protocol.shared.transport.UdpTransport;
import org.apache.directory.server.xdbm.impl.avl.AvlIndex;
+import org.apache.kerby.kerberos.kerb.KrbException;
+import org.apache.kerby.kerberos.kerb.client.KrbConfigKey;
+import org.apache.kerby.kerberos.kerb.identity.backend.BackendConfig;
+import org.apache.kerby.kerberos.kerb.server.KdcConfigKey;
+import org.apache.kerby.kerberos.kerb.server.KdcServer;
import org.apache.mina.util.AvailablePortFinder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public final class ApacheDS {
-
private static final Logger LOG = LoggerFactory.getLogger(ApacheDS.class);
-
+ private static final String HOSTNAME_LOCALHOST = "localhost";
private final String realm;
private final String baseDn;
+ private int ldapPort;
private DirectoryService directoryService;
private LdapServer ldapServer;
@@ -77,8 +78,8 @@ public final class ApacheDS {
public static ApacheDS start(String realm, String baseDn, String workDir, Integer port) throws Exception {
return new ApacheDS(realm, baseDn)
.startDirectoryService(workDir)
- .startKdcServer()
.startLdapServer(port == null ? AvailablePortFinder.getNextAvailable(1024) : port)
+ .startKdcServer()
.activateNis();
}
@@ -173,6 +174,7 @@ public final class ApacheDS {
}
private ApacheDS startLdapServer(int port) throws Exception {
+ this.ldapPort = port;
ldapServer.setTransports(new TcpTransport(port));
ldapServer.setDirectoryService(directoryService);
@@ -195,34 +197,43 @@ public final class ApacheDS {
return this;
}
- private ApacheDS startKdcServer() throws IOException, LdapOperationException {
+
+ private ApacheDS startKdcServer() throws IOException, KrbException {
int port = AvailablePortFinder.getNextAvailable(6088);
- KerberosConfig kdcConfig = new KerberosConfig();
- kdcConfig.setServicePrincipal("krbtgt/EXAMPLE.ORG@EXAMPLE.ORG");
- kdcConfig.setPrimaryRealm("EXAMPLE.ORG");
- kdcConfig.setPaEncTimestampRequired(false);
+ File krbConf = new File("target/krb5.conf");
+ FileUtils.writeStringToFile(krbConf, ""
+ + "[libdefaults]\n"
+ + " default_realm = EXAMPLE.ORG\n"
+ + "\n"
+ + "[realms]\n"
+ + " EXAMPLE.ORG = {\n"
+ + " kdc = localhost:" + port + "\n"
+ + " }\n"
+ + "\n"
+ + "[domain_realm]\n"
+ + " .example.org = EXAMPLE.ORG\n"
+ + " example.org = EXAMPLE.ORG\n",
+ StandardCharsets.UTF_8.name());
- kdcServer = new KdcServer(kdcConfig);
- kdcServer.setSearchBaseDn("dc=example,dc=org");
- kdcServer.addTransports(new UdpTransport("localhost", port));
- kdcServer.setDirectoryService(directoryService);
- kdcServer.start();
+ kdcServer = new KdcServer(krbConf);
+ kdcServer.setKdcRealm("EXAMPLE.ORG");
+ kdcServer.getKdcConfig().setBoolean(KrbConfigKey.PA_ENC_TIMESTAMP_REQUIRED, false);
- FileUtils.writeStringToFile(new File("target/krb5.conf"), ""
- + "[libdefaults]\n"
- + " default_realm = EXAMPLE.ORG\n"
- + "\n"
- + "[realms]\n"
- + " EXAMPLE.ORG = {\n"
- + " kdc = localhost:" + port + "\n"
- + " }\n"
- + "\n"
- + "[domain_realm]\n"
- + " .example.org = EXAMPLE.ORG\n"
- + " example.org = EXAMPLE.ORG\n",
- StandardCharsets.UTF_8.name());
+ BackendConfig backendConfig = kdcServer.getBackendConfig();
+ backendConfig.setString("host", HOSTNAME_LOCALHOST);
+ backendConfig.setString("base_dn", baseDn);
+ backendConfig.setInt("port", this.ldapPort);
+ backendConfig.setString(KdcConfigKey.KDC_IDENTITY_BACKEND,
+ "org.apache.kerby.kerberos.kdc.identitybackend.LdapIdentityBackend");
+ kdcServer.setAllowUdp(true);
+ kdcServer.setAllowTcp(false);
+ kdcServer.setKdcUdpPort(port);
+ kdcServer.setKdcHost(HOSTNAME_LOCALHOST);
+
+ kdcServer.init();
+ kdcServer.start();
return this;
}