001/* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020package org.apache.directory.kerberos.client; 021 022 023import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES128_CTS_HMAC_SHA1_96; 024import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES256_CTS_HMAC_SHA1_96; 025import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES3_CBC_SHA1_KD; 026import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES_CBC_MD5; 027 028import java.util.HashSet; 029import java.util.Set; 030 031import org.apache.directory.api.util.Network; 032import org.apache.directory.shared.kerberos.KerberosUtils; 033import org.apache.directory.shared.kerberos.codec.types.EncryptionType; 034 035 036/** 037 * Configuration class for KDC and changepassword servers. 038 * 039 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 040 */ 041public class KdcConfig 042{ 043 /** host name of the Kerberos server */ 044 private String hostName; 045 046 /** port on which the Kerberos server is listening */ 047 private int kdcPort = 88; 048 049 /** port on which the change password server is listening */ 050 private int passwdPort = 464; 051 052 /** flag to indicate if the client should use UDP while connecting to Kerberos server */ 053 private boolean useUdp = true; 054 055 /** flag to indicate if legacy protocol version 1 should be used while sending the change password request. Default is false, we send version 0xFF80 of rfc3244 */ 056 private boolean useLegacyChngPwdProtocol = false; 057 058 /** the timeout of the connection to the Kerberos server */ 059 private int timeout = 60000; // default 1 min 060 061 /** the set of encryption types that the client can support, by default this includes all the encryption types supported by ApacheDS */ 062 private Set<EncryptionType> encryptionTypes; 063 064 065 public KdcConfig() 066 { 067 encryptionTypes = new HashSet<>(); 068 069 encryptionTypes.add( AES128_CTS_HMAC_SHA1_96 ); 070 encryptionTypes.add( AES256_CTS_HMAC_SHA1_96 ); 071 encryptionTypes.add( DES_CBC_MD5 ); 072 encryptionTypes.add( DES3_CBC_SHA1_KD ); 073 074 encryptionTypes = KerberosUtils.orderEtypesByStrength( encryptionTypes ); 075 076 hostName = Network.LOOPBACK_HOSTNAME; 077 } 078 079 080 public static KdcConfig getDefaultConfig() 081 { 082 return new KdcConfig(); 083 } 084 085 086 public String getHostName() 087 { 088 return hostName; 089 } 090 091 092 public void setHostName( String hostName ) 093 { 094 this.hostName = hostName; 095 } 096 097 098 public int getKdcPort() 099 { 100 return kdcPort; 101 } 102 103 104 public void setKdcPort( int kdcPort ) 105 { 106 this.kdcPort = kdcPort; 107 } 108 109 110 public int getPasswdPort() 111 { 112 return passwdPort; 113 } 114 115 116 public void setPasswdPort( int passwdPort ) 117 { 118 this.passwdPort = passwdPort; 119 } 120 121 122 public boolean isUseUdp() 123 { 124 return useUdp; 125 } 126 127 128 public void setUseUdp( boolean useUdp ) 129 { 130 this.useUdp = useUdp; 131 } 132 133 134 public boolean isUseLegacyChngPwdProtocol() 135 { 136 return useLegacyChngPwdProtocol; 137 } 138 139 140 public void setUseLegacyChngPwdProtocol( boolean useLegacyChngPwdProtocol ) 141 { 142 this.useLegacyChngPwdProtocol = useLegacyChngPwdProtocol; 143 } 144 145 146 public int getTimeout() 147 { 148 return timeout; 149 } 150 151 152 public void setTimeout( int timeout ) 153 { 154 this.timeout = timeout; 155 } 156 157 158 public Set<EncryptionType> getEncryptionTypes() 159 { 160 return encryptionTypes; 161 } 162 163 164 public void setEncryptionTypes( Set<EncryptionType> encryptionTypes ) 165 { 166 this.encryptionTypes = encryptionTypes; 167 } 168 169 170 @Override 171 public String toString() 172 { 173 return "KdcConfig [hostName=" + hostName + ", kdcPort=" + kdcPort + ", passwdPort=" + passwdPort + ", useUdp=" 174 + useUdp + ", useLegacyChngPwdProtocol=" + useLegacyChngPwdProtocol + ", timeout=" + timeout 175 + ", encryptionTypes=" + encryptionTypes + "]"; 176 } 177 178}