/**
* Start a KDC server: - create a KDC instance - create Kerberos principals - save Kerberos
* configuration - save keys to keytab file - no pre-auth is required
*/
private static void startKDC(String realm, Map<String, String> principals, String ktab) {
try {
KDC kdc = KDC.create(realm, HOST, 0, true);
kdc.setOption(KDC.Option.PREAUTH_REQUIRED, Boolean.FALSE);
if (principals != null) {
principals
.entrySet()
.stream()
.forEach(
(entry) -> {
String name = entry.getKey();
String password = entry.getValue();
if (password == null || password.isEmpty()) {
System.out.println(
"KDC: add a principal '" + name + "' with a random password");
kdc.addPrincipalRandKey(name);
} else {
System.out.println(
"KDC: add a principal '" + name + "' with '" + password + "' password");
kdc.addPrincipal(name, password.toCharArray());
}
});
}
KDC.saveConfig(KRB5_CONF_FILENAME, kdc);
if (ktab != null) {
File ktabFile = new File(ktab);
if (ktabFile.exists()) {
System.out.println("KDC: append keys to an exising " + "keytab file " + ktab);
kdc.appendKtab(ktab);
} else {
System.out.println("KDC: create a new keytab file " + ktab);
kdc.writeKtab(ktab);
}
}
System.out.println(
"KDC: started on " + HOST + ":" + kdc.getPort() + " with '" + realm + "' realm");
} catch (Exception e) {
throw new RuntimeException("KDC: unexpected exception", e);
}
}
