Ed Zeval

Greenhorn
+ Follow
since Jun 19, 2008
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Ed Zeval

Yeah.. i mean programmatically..

Manually wouldn't work since I want to automate these tests..

If I can't actually change the clock, is there a way to fake/mock it?
13 years ago
Hi,

Is there a way to change the system clock? I just want to be able to change it for some tests. How would you change it back to the correct time?

Thanks!
13 years ago
Hi,

I need to use a couple of threads to achieve the following:

Thread 1: run method A and wait for thread 2
Thread 2: run method B, notify thread 1 to continue, and wait for thread 1
Thread 1: run method C, notify thread 2 to continue, and wait for thread 2
Thread 2: run method D, notify thread 1 to continue, and finish
Thread 1: run method E and finish

How should I do that?

Thanks!!
I'm using JAAS to perform Kerberos authentication.

JAAS requires me to set the java.security.krb5.realm and java.security.krb5.kdc properties. Then I use a LoginContext to perform the authentication. The LoginContext instantiates a Krb5LoginModule, which gets the Kerberos realm and KDC info from a call to PrincipalName (which, I assume, gets it from the system properties).

I have the source for LoginContext and the Krb5LoginModule, but I cannot access (nor find documentation about) the PrincipalName class (in the sun.security.krb5 package).

If you're not familiar with JAAS, this probably didn't make any sense, but at least now you know the properties I'm using.

Thanks!
13 years ago
Hi,

I have a couple of inner classes in my code. Someone told me that I should make them static. Why would I want to do that?

Thanks!
13 years ago
Hi,

My application is using a sun-provided API which requires me to set some system properties before calling it. Now, I'll be running multiple threads, so I'm pretty sure I'll run into issues given that System is a global object. Is there a way to set system properties on a thread-by-thread basis?? That solution would be ideal.

Another solution is to use synchronization, but I really DON'T want to do this because it would hurt performance considerably.

Another solution I thought about was to create a wrapper around the underlying sun-provided source. This is not good enough, though, because these properties are fetched by internal classes that I don't even have access to (nor can I see their documentation).

I hope someone can help me out before I'm forced to reinvent the wheel...
13 years ago
Hi,

(Sorry for posting so many topics lately)...

Is there an easy way to set up a local Kerberos database and KDC to do some tests and try some stuff? Are there any nice java libraries that can give me that functionality?

Thanks a lot!
13 years ago
Oh... I see where your confusion comes from.

The LoginContext javadocs you just posted are from Java 1.4.. If you look at the Java 6 docs (here) you'll find the constructor I just talked about.
13 years ago
Hi,

Yes, the LoginContext can be instantiated with a Configuration. In fact, it has 4 constructors. Altogether, you can specify: the entry name in the configuration, a Subject, a CallbackHandler, and a Configuration.
13 years ago
Hi,

When JAAS fails to create a LoginContext, or when some error occurs while calling LoginContext.login(), it usually throws a LoginException. So if error A occurs or error B occurs, a LoginException will be thrown. When I catch the exception, I need to know if it was because of error A or error B. Right now, the only thing I can do is check the exception's message, which is pretty horrible. Is there a better way to do this?

Also, these messages have error codes at the end (e.g. an error message can be "Client not found in Kerberos databse (6)". Where can I find information about the different error codes and what each of them mean?

Thanks!!
13 years ago
Problem solved.

I implemented MyConfig extends Configuration, and then passed an instance of it to the constructor of the LoginContext.

Thanks!
13 years ago
Hmm.. I'm still a bit confused. Let me try to explain myself better and please correct any wrong assumptions I've made.

As the javax.security.auth.login.Configuration javadocs state, at any given time, there is one Configuration object installed. I assume that this Configuration object is constructed by taking the configuration file (by accessing the java.security.auth.login.config java property) and parsing it.

If this is correct, then I should also be able to create a Configuration object named myConf, and then call Configuration.setConfiguration(myConf).

So, how do I create a Configuration?

First of all, Configuration is an abstract class, so rather than coding up my own implementation, I would prefer to use the existing one--the one LoginContext reads. Do you know which class this is?

However, creating an entirely new Configuration might have undesired effects. Thus, I would prefer to modify the existing Configuration. Supposedly, I can access the existing configuration by calling Configuration.getConfiguration(), but I keep getting a NullPointerException when I try to do that... I've also been unable to create a new Configuration by calling the Configuration.getInstance() method.

Any thoughts?
13 years ago
Hmm... well it seems that setting the refreshKrb5Config option to true in the Krb5LoginModule did the trick..
13 years ago
Hmmm... Apparently there is a call in Krb5LoginModule that gives back the correct principal:

new PrincipalName("someString", PrincipalName.KRB_NT_PRINCIPAL);

But I cant find documentation on PrincipalName. Anyone know about this?
13 years ago
My thought is that Kerberos itself is falling back on the previous realm and KDC that it used... Does anyone know much about how Kerberos works and how to override this behavior?
13 years ago