Source code

001/*
002 *   Licensed to the Apache Software Foundation (ASF) under one
003 *   or more contributor license agreements.  See the NOTICE file
004 *   distributed with this work for additional information
005 *   regarding copyright ownership.  The ASF licenses this file
006 *   to you under the Apache License, Version 2.0 (the
007 *   "License"); you may not use this file except in compliance
008 *   with the License.  You may obtain a copy of the License at
009 *
010 *     http://www.apache.org/licenses/LICENSE-2.0
011 *
012 *   Unless required by applicable law or agreed to in writing,
013 *   software distributed under the License is distributed on an
014 *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 *   KIND, either express or implied.  See the License for the
016 *   specific language governing permissions and limitations
017 *   under the License.
018 *
019 */
020package org.apache.directory.kerberos.client;
021
022
023import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES128_CTS_HMAC_SHA1_96;
024import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.AES256_CTS_HMAC_SHA1_96;
025import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES3_CBC_SHA1_KD;
026import static org.apache.directory.shared.kerberos.codec.types.EncryptionType.DES_CBC_MD5;
027
028import java.util.HashSet;
029import java.util.Set;
030
031import org.apache.directory.api.util.Network;
032import org.apache.directory.shared.kerberos.KerberosUtils;
033import org.apache.directory.shared.kerberos.codec.types.EncryptionType;
034
035
036/**
037 * Configuration class for KDC and changepassword servers.
038 *
039 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
040 */
041public class KdcConfig
042{
043    /** host name of the Kerberos server */
044    private String hostName;
045
046    /** port on which the Kerberos server is listening */
047    private int kdcPort = 88;
048
049    /** port on which the change password server is listening */
050    private int passwdPort = 464;
051
052    /** flag to indicate if the client should use UDP while connecting to Kerberos server */
053    private boolean useUdp = true;
054
055    /** flag to indicate if legacy protocol version 1 should be used while sending the change password request. Default is false, we send version 0xFF80 of rfc3244 */
056    private boolean useLegacyChngPwdProtocol = false;
057
058    /** the timeout of the connection to the Kerberos server */
059    private int timeout = 60000; // default 1 min
060
061    /** the set of encryption types that the client can support, by default this includes all the encryption types supported by ApacheDS */
062    private Set<EncryptionType> encryptionTypes;
063
064
065    public KdcConfig()
066    {
067        encryptionTypes = new HashSet<>();
068
069        encryptionTypes.add( AES128_CTS_HMAC_SHA1_96 );
070        encryptionTypes.add( AES256_CTS_HMAC_SHA1_96 );
071        encryptionTypes.add( DES_CBC_MD5 );
072        encryptionTypes.add( DES3_CBC_SHA1_KD );
073
074        encryptionTypes = KerberosUtils.orderEtypesByStrength( encryptionTypes );
075
076        hostName = Network.LOOPBACK_HOSTNAME;
077    }
078
079
080    public static KdcConfig getDefaultConfig()
081    {
082        return new KdcConfig();
083    }
084
085
086    public String getHostName()
087    {
088        return hostName;
089    }
090
091
092    public void setHostName( String hostName )
093    {
094        this.hostName = hostName;
095    }
096
097
098    public int getKdcPort()
099    {
100        return kdcPort;
101    }
102
103
104    public void setKdcPort( int kdcPort )
105    {
106        this.kdcPort = kdcPort;
107    }
108
109
110    public int getPasswdPort()
111    {
112        return passwdPort;
113    }
114
115
116    public void setPasswdPort( int passwdPort )
117    {
118        this.passwdPort = passwdPort;
119    }
120
121
122    public boolean isUseUdp()
123    {
124        return useUdp;
125    }
126
127
128    public void setUseUdp( boolean useUdp )
129    {
130        this.useUdp = useUdp;
131    }
132
133
134    public boolean isUseLegacyChngPwdProtocol()
135    {
136        return useLegacyChngPwdProtocol;
137    }
138
139
140    public void setUseLegacyChngPwdProtocol( boolean useLegacyChngPwdProtocol )
141    {
142        this.useLegacyChngPwdProtocol = useLegacyChngPwdProtocol;
143    }
144
145
146    public int getTimeout()
147    {
148        return timeout;
149    }
150
151
152    public void setTimeout( int timeout )
153    {
154        this.timeout = timeout;
155    }
156
157
158    public Set<EncryptionType> getEncryptionTypes()
159    {
160        return encryptionTypes;
161    }
162
163
164    public void setEncryptionTypes( Set<EncryptionType> encryptionTypes )
165    {
166        this.encryptionTypes = encryptionTypes;
167    }
168
169
170    @Override
171    public String toString()
172    {
173        return "KdcConfig [hostName=" + hostName + ", kdcPort=" + kdcPort + ", passwdPort=" + passwdPort + ", useUdp="
174            + useUdp + ", useLegacyChngPwdProtocol=" + useLegacyChngPwdProtocol + ", timeout=" + timeout
175            + ", encryptionTypes=" + encryptionTypes + "]";
176    }
177
178}