View Javadoc
1   /*
2    *   Licensed to the Apache Software Foundation (ASF) under one
3    *   or more contributor license agreements.  See the NOTICE file
4    *   distributed with this work for additional information
5    *   regarding copyright ownership.  The ASF licenses this file
6    *   to you under the Apache License, Version 2.0 (the
7    *   "License"); you may not use this file except in compliance
8    *   with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *   Unless required by applicable law or agreed to in writing,
13   *   software distributed under the License is distributed on an
14   *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *   KIND, either express or implied.  See the License for the
16   *   specific language governing permissions and limitations
17   *   under the License.
18   *
19   */
20  package org.apache.directory.kerberos.client;
21  
22  
23  import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES128_CTS_HMAC_SHA1_96;
24  import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES256_CTS_HMAC_SHA1_96;
25  import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES3_CBC_SHA1_KD;
26  import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES_CBC_MD5;
27  
28  import java.util.HashSet;
29  import java.util.Set;
30  
31  import org.apache.directory.api.util.Network;
32  import org.apache.directory.shared.kerberos.KerberosUtils;
33  import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
34  
35  
36  /**
37   * Configuration class for KDC and changepassword servers.
38   *
39   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
40   */
41  public class KdcConfig
42  {
43      /** host name of the Kerberos server */
44      private String hostName;
45  
46      /** port on which the Kerberos server is listening */
47      private int kdcPort = 88;
48  
49      /** port on which the change password server is listening */
50      private int passwdPort = 464;
51  
52      /** flag to indicate if the client should use UDP while connecting to Kerberos server */
53      private boolean useUdp = true;
54  
55      /** flag to indicate if legacy protocol version 1 should be used while sending the change password request. Default is false, we send version 0xFF80 of rfc3244 */
56      private boolean useLegacyChngPwdProtocol = false;
57  
58      /** the timeout of the connection to the Kerberos server */
59      private int timeout = 60000; // default 1 min
60  
61      /** the set of encryption types that the client can support, by default this includes all the encryption types supported by ApacheDS */
62      private Set<EncryptionType> encryptionTypes;
63  
64  
65      public KdcConfig()
66      {
67          encryptionTypes = new HashSet<>();
68  
69          encryptionTypes.add( AES128_CTS_HMAC_SHA1_96 );
70          encryptionTypes.add( AES256_CTS_HMAC_SHA1_96 );
71          encryptionTypes.add( DES_CBC_MD5 );
72          encryptionTypes.add( DES3_CBC_SHA1_KD );
73  
74          encryptionTypes = KerberosUtils.orderEtypesByStrength( encryptionTypes );
75  
76          hostName = Network.LOOPBACK_HOSTNAME;
77      }
78  
79  
80      public static KdcConfig getDefaultConfig()
81      {
82          return new KdcConfig();
83      }
84  
85  
86      public String getHostName()
87      {
88          return hostName;
89      }
90  
91  
92      public void setHostName( String hostName )
93      {
94          this.hostName = hostName;
95      }
96  
97  
98      public int getKdcPort()
99      {
100         return kdcPort;
101     }
102 
103 
104     public void setKdcPort( int kdcPort )
105     {
106         this.kdcPort = kdcPort;
107     }
108 
109 
110     public int getPasswdPort()
111     {
112         return passwdPort;
113     }
114 
115 
116     public void setPasswdPort( int passwdPort )
117     {
118         this.passwdPort = passwdPort;
119     }
120 
121 
122     public boolean isUseUdp()
123     {
124         return useUdp;
125     }
126 
127 
128     public void setUseUdp( boolean useUdp )
129     {
130         this.useUdp = useUdp;
131     }
132 
133 
134     public boolean isUseLegacyChngPwdProtocol()
135     {
136         return useLegacyChngPwdProtocol;
137     }
138 
139 
140     public void setUseLegacyChngPwdProtocol( boolean useLegacyChngPwdProtocol )
141     {
142         this.useLegacyChngPwdProtocol = useLegacyChngPwdProtocol;
143     }
144 
145 
146     public int getTimeout()
147     {
148         return timeout;
149     }
150 
151 
152     public void setTimeout( int timeout )
153     {
154         this.timeout = timeout;
155     }
156 
157 
158     public Set<EncryptionType> getEncryptionTypes()
159     {
160         return encryptionTypes;
161     }
162 
163 
164     public void setEncryptionTypes( Set<EncryptionType> encryptionTypes )
165     {
166         this.encryptionTypes = encryptionTypes;
167     }
168 
169 
170     @Override
171     public String toString()
172     {
173         return "KdcConfig [hostName=" + hostName + ", kdcPort=" + kdcPort + ", passwdPort=" + passwdPort + ", useUdp="
174             + useUdp + ", useLegacyChngPwdProtocol=" + useLegacyChngPwdProtocol + ", timeout=" + timeout
175             + ", encryptionTypes=" + encryptionTypes + "]";
176     }
177 
178 }