Thanks for your reply Kiran. I figured out the problem - the KDCServer annotation was configured with two transports (TCP/UDP) which were using separate ports (as both were unspecified). Using "super.getKdcServer().getTcpPort" as the port for krb5.conf does not work, as it requires the UDP port.
So I got it working by just configuring a single UDP Transport + substituting the port given by super.getKdcServer().getTransports()[0].getPort() into the krb5.conf. Is there a way that I am missing to have both TCP + UDP protocols share a random port, when configuring a KDCServer via annotations? Colm. On Thu, Nov 27, 2014 at 3:44 AM, Kiran Ayyagari <[email protected]> wrote: > > > On Wed, Nov 26, 2014 at 11:20 PM, Colm O hEigeartaigh <[email protected] > > wrote: > >> Hi, >> >> Following Emmanuel's excellent talk on LDAP testing at ApacheCon last >> week, >> I was inspired to switch Apache WSS4J's kerberos integration tests to use >> the annotation based approach, upgrading from Apache DS 1.5.7 -> 2.0.0-M19 >> in the process :-) >> >> his presentation really worked :) , otherwise its been available for more > than 4 years now and not sure > how many know about this feature > >> It's working fine but I have some thorny issues regarding ports that I >> wanted to ask for some input on. >> >> 1) The first problem I faced is that the WSS4J code uses a krb5.conf to >> configure kerberos, where the port of the KDC is specified (hence I can't >> use the kdc system property, which only works with the default port). >> >> My first thought was to use the build-helper-maven-plugin to reserve a >> port, configure a placeholder in the krb5.conf + substitute the port >> number >> via filtering, and then pass the port through to the test as a system >> property in the surefire plugin. This works great, however I can't find a >> way to use the port in the @CreateTransport annotation, which insists on >> using a "constant" for the port. >> >> I've resorted to reading in the krb5.conf in the test class, substituting >> the port manually, and writing it out to target/test-classes + point to >> this instead. Is there a better way? >> >> AFAIK no, cause it is annotation > >> 2) I want to use a random (free) port to run the KDC on. However, if I >> specify "port="-1"" in the annotation, it seems to hang, even though the >> port returned by getKdcServer().getTcpPort() is "1024". If I manually use >> "port=1024" it works fine. This looks like a bug to me, unless I am >> missing >> something? >> >> just tested this and worked as expected, which OS and java versions are > you using? > >> The test-class is here if anyone wants to try to replicate the latter >> issue: >> >> >> http://svn.apache.org/viewvc/webservices/wss4j/trunk/integration/src/test/java/org/apache/wss4j/integration/test/kerberos/KerberosTest.java?view=markup >> >> (Set port=1024 and it works fine, port=-1 and it hangs). >> >> Thanks, >> >> Colm. >> >> -- >> Colm O hEigeartaigh >> >> Talend Community Coder >> http://coders.talend.com >> > > > > -- > Kiran Ayyagari > http://keydap.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
