public virtual void TestKerberosLogin() { MiniKdc kdc = GetKdc(); FilePath workDir = GetWorkDir(); LoginContext loginContext = null; try { string principal = "foo"; FilePath keytab = new FilePath(workDir, "foo.keytab"); kdc.CreatePrincipal(keytab, principal); ICollection <Principal> principals = new HashSet <Principal>(); principals.AddItem(new KerberosPrincipal(principal)); //client login Subject subject = new Subject(false, principals, new HashSet <object>(), new HashSet <object>()); loginContext = new LoginContext(string.Empty, subject, null, TestMiniKdc.KerberosConfiguration .CreateClientConfig(principal, keytab)); loginContext.Login(); subject = loginContext.GetSubject(); Assert.Equal(1, subject.GetPrincipals().Count); Assert.Equal(typeof(KerberosPrincipal), subject.GetPrincipals( ).GetEnumerator().Next().GetType()); Assert.Equal(principal + "@" + kdc.GetRealm(), subject.GetPrincipals ().GetEnumerator().Next().GetName()); loginContext.Logout(); //server login subject = new Subject(false, principals, new HashSet <object>(), new HashSet <object >()); loginContext = new LoginContext(string.Empty, subject, null, TestMiniKdc.KerberosConfiguration .CreateServerConfig(principal, keytab)); loginContext.Login(); subject = loginContext.GetSubject(); Assert.Equal(1, subject.GetPrincipals().Count); Assert.Equal(typeof(KerberosPrincipal), subject.GetPrincipals( ).GetEnumerator().Next().GetType()); Assert.Equal(principal + "@" + kdc.GetRealm(), subject.GetPrincipals ().GetEnumerator().Next().GetName()); loginContext.Logout(); } finally { if (loginContext != null) { loginContext.Logout(); } } }
public virtual void TestKeytabGen() { MiniKdc kdc = GetKdc(); FilePath workDir = GetWorkDir(); kdc.CreatePrincipal(new FilePath(workDir, "keytab"), "foo/bar", "bar/foo"); Org.Apache.Directory.Server.Kerberos.Shared.Keytab.Keytab kt = Org.Apache.Directory.Server.Kerberos.Shared.Keytab.Keytab .Read(new FilePath(workDir, "keytab")); ICollection <string> principals = new HashSet <string>(); foreach (KeytabEntry entry in kt.GetEntries()) { principals.AddItem(entry.GetPrincipalName()); } //here principals use \ instead of / //because org.apache.directory.server.kerberos.shared.keytab.KeytabDecoder // .getPrincipalName(IoBuffer buffer) use \\ when generates principal Assert.Equal(new HashSet <string>(Arrays.AsList("foo\\bar@" + kdc .GetRealm(), "bar\\foo@" + kdc.GetRealm())), principals); }