View Javadoc

1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  package org.apache.directory.server.kerberos.shared.exceptions;
21  
22  
23  import java.util.Arrays;
24  import java.util.Collections;
25  import java.util.List;
26  
27  
28  /**
29   * A type-safe enumeration of Kerberos error types.
30   *
31   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
32   * @version $Rev: 558662 $, $Date: 2007-07-23 10:51:52 +0200 (Mo, 23 Jul 2007) $
33   */
34  public final class ErrorType implements Comparable<ErrorType>
35  {
36      /**
37       * No error.
38       */
39      public static final ErrorType KDC_ERR_NONE = new ErrorType( 0, "No error" );
40  
41      /**
42       * Client's entry in database has expired.
43       */
44      public static final ErrorType KDC_ERR_NAME_EXP = new ErrorType( 1, "Client's entry in database has expired" );
45  
46      /**
47       * Server's entry in database has expired.
48       */
49      public static final ErrorType KDC_ERR_SERVICE_EXP = new ErrorType( 2, "Server's entry in database has expired" );
50  
51      /**
52       * Requested protocol version number not supported.
53       */
54      public static final ErrorType KDC_ERR_BAD_PVNO = new ErrorType( 3,
55          "Requested protocol version number not supported" );
56  
57      /**
58       * Client's key encrypted in old master key.
59       */
60      public static final ErrorType KDC_ERR_C_OLD_MAST_KVNO = new ErrorType( 4,
61          "Client's key encrypted in old master key" );
62  
63      /**
64       * Server's key encrypted in old master key.
65       */
66      public static final ErrorType KDC_ERR_S_OLD_MAST_KVNO = new ErrorType( 5,
67          "Server's key encrypted in old master key" );
68  
69      /**
70       * Client not found in Kerberos database.
71       */
72      public static final ErrorType KDC_ERR_C_PRINCIPAL_UNKNOWN = new ErrorType( 6,
73          "Client not found in Kerberos database" );
74  
75      /**
76       * Server not found in Kerberos database.
77       */
78      public static final ErrorType KDC_ERR_S_PRINCIPAL_UNKNOWN = new ErrorType( 7,
79          "Server not found in Kerberos database" );
80  
81      /**
82       * Multiple principal entries in database.
83       */
84      public static final ErrorType KDC_ERR_PRINCIPAL_NOT_UNIQUE = new ErrorType( 8,
85          "Multiple principal entries in database" );
86  
87      /**
88       * The client or server has a null key.
89       */
90      public static final ErrorType KDC_ERR_NULL_KEY = new ErrorType( 9, "The client or server has a null key" );
91  
92      /**
93       * Ticket not eligible for postdating.
94       */
95      public static final ErrorType KDC_ERR_CANNOT_POSTDATE = new ErrorType( 10, "Ticket not eligible for postdating" );
96  
97      /**
98       * Requested start time is later than end time.
99       */
100     public static final ErrorType KDC_ERR_NEVER_VALID = new ErrorType( 11,
101         "Requested start time is later than end time" );
102 
103     /**
104      * KDC policy rejects request.
105      */
106     public static final ErrorType KDC_ERR_POLICY = new ErrorType( 12, "KDC policy rejects request" );
107 
108     /**
109      * KDC cannot accommodate requested option.
110      */
111     public static final ErrorType KDC_ERR_BADOPTION = new ErrorType( 13, "KDC cannot accommodate requested option" );
112 
113     /**
114      * KDC has no support for encryption type.
115      */
116     public static final ErrorType KDC_ERR_ETYPE_NOSUPP = new ErrorType( 14, "KDC has no support for encryption type" );
117 
118     /**
119      * KDC has no support for checksum type.
120      */
121     public static final ErrorType KDC_ERR_SUMTYPE_NOSUPP = new ErrorType( 15, "KDC has no support for checksum type" );
122 
123     /**
124      * KDC has no support for padata type.
125      */
126     public static final ErrorType KDC_ERR_PADATA_TYPE_NOSUPP = new ErrorType( 16, "KDC has no support for padata type" );
127 
128     /**
129      * KDC has no support for transited type.
130      */
131     public static final ErrorType KDC_ERR_TRTYPE_NOSUPP = new ErrorType( 17, "KDC has no support for transited type" );
132 
133     /**
134      * Clients credentials have been revoked.
135      */
136     public static final ErrorType KDC_ERR_CLIENT_REVOKED = new ErrorType( 18, "Clients credentials have been revoked" );
137 
138     /**
139      * Credentials for server have been revoked.
140      */
141     public static final ErrorType KDC_ERR_SERVICE_REVOKED = new ErrorType( 19,
142         "Credentials for server have been revoked" );
143 
144     /**
145      * TGT has been revoked.
146      */
147     public static final ErrorType KDC_ERR_TGT_REVOKED = new ErrorType( 20, "TGT has been revoked" );
148 
149     /**
150      * Client not yet valid; try again later.
151      */
152     public static final ErrorType KDC_ERR_CLIENT_NOTYET = new ErrorType( 21, "Client not yet valid; try again later" );
153 
154     /**
155      * Server not yet valid; try again later.
156      */
157     public static final ErrorType KDC_ERR_SERVICE_NOTYET = new ErrorType( 22, "Server not yet valid; try again later" );
158 
159     /**
160      * Password has expired; change password to reset.
161      */
162     public static final ErrorType KDC_ERR_KEY_EXPIRED = new ErrorType( 23,
163         "Password has expired; change password to reset" );
164 
165     /**
166      * Pre-authentication information was invalid.
167      */
168     public static final ErrorType KDC_ERR_PREAUTH_FAILED = new ErrorType( 24,
169         "Pre-authentication information was invalid" );
170 
171     /**
172      * Additional pre-authentication required.
173      */
174     public static final ErrorType KDC_ERR_PREAUTH_REQUIRED = new ErrorType( 25,
175         "Additional pre-authentication required" );
176 
177     /**
178      * Requested server and ticket don't match.
179      */
180     public static final ErrorType KDC_ERR_SERVER_NOMATCH = new ErrorType( 26, "Requested server and ticket don't match" );
181 
182     /**
183      * Server valid for user2user only.
184      */
185     public static final ErrorType KDC_ERR_MUST_USE_USER2USER = new ErrorType( 27, "Server valid for user2user only" );
186 
187     /**
188      * KDC Policy rejects transited path.
189      */
190     public static final ErrorType KDC_ERR_PATH_NOT_ACCEPTED = new ErrorType( 28, "KDC Policy rejects transited path" );
191 
192     /**
193      * A service is not available.
194      */
195     public static final ErrorType KDC_ERR_SVC_UNAVAILABLE = new ErrorType( 29, "A service is not available" );
196 
197     /**
198      * Integrity check on decrypted field failed.
199      */
200     public static final ErrorType KRB_AP_ERR_BAD_INTEGRITY = new ErrorType( 31,
201         "Integrity check on decrypted field failed" );
202 
203     /**
204      * Ticket expired.
205      */
206     public static final ErrorType KRB_AP_ERR_TKT_EXPIRED = new ErrorType( 32, "Ticket expired" );
207 
208     /**
209      * Ticket not yet valid.
210      */
211     public static final ErrorType KRB_AP_ERR_TKT_NYV = new ErrorType( 33, "Ticket not yet valid" );
212 
213     /**
214      * Request is a replay.
215      */
216     public static final ErrorType KRB_AP_ERR_REPEAT = new ErrorType( 34, "Request is a replay" );
217 
218     /**
219      * The ticket isn't for us.
220      */
221     public static final ErrorType KRB_AP_ERR_NOT_US = new ErrorType( 35, "The ticket isn't for us" );
222 
223     /**
224      * Ticket and authenticator don't match.
225      */
226     public static final ErrorType KRB_AP_ERR_BADMATCH = new ErrorType( 36, "Ticket and authenticator don't match" );
227 
228     /**
229      * Clock skew too great.
230      */
231     public static final ErrorType KRB_AP_ERR_SKEW = new ErrorType( 37, "Clock skew too great" );
232 
233     /**
234      * Incorrect net address.
235      */
236     public static final ErrorType KRB_AP_ERR_BADADDR = new ErrorType( 38, "Incorrect net address" );
237 
238     /**
239      * Protocol version mismatch.
240      */
241     public static final ErrorType KRB_AP_ERR_BADVERSION = new ErrorType( 39, "Protocol version mismatch" );
242 
243     /**
244      * Invalid msg type.
245      */
246     public static final ErrorType KRB_AP_ERR_MSG_TYPE = new ErrorType( 40, "Invalid msg type" );
247 
248     /**
249      * Message stream modified.
250      */
251     public static final ErrorType KRB_AP_ERR_MODIFIED = new ErrorType( 41, "Message stream modified" );
252 
253     /**
254      * Message out of order.
255      */
256     public static final ErrorType KRB_AP_ERR_BADORDER = new ErrorType( 42, "Message out of order" );
257 
258     /**
259      * Specified version of key is not available.
260      */
261     public static final ErrorType KRB_AP_ERR_BADKEYVER = new ErrorType( 44, "Specified version of key is not available" );
262 
263     /**
264      * Service key not available.
265      */
266     public static final ErrorType KRB_AP_ERR_NOKEY = new ErrorType( 45, "Service key not available" );
267 
268     /**
269      * Mutual authentication failed.
270      */
271     public static final ErrorType KRB_AP_ERR_MUT_FAIL = new ErrorType( 46, "Mutual authentication failed" );
272 
273     /**
274      * Incorrect message direction.
275      */
276     public static final ErrorType KRB_AP_ERR_BADDIRECTION = new ErrorType( 47, "Incorrect message direction" );
277 
278     /**
279      * Alternative authentication method required.
280      */
281     public static final ErrorType KRB_AP_ERR_METHOD = new ErrorType( 48, "Alternative authentication method required" );
282 
283     /**
284      * Incorrect sequence number in message.
285      */
286     public static final ErrorType KRB_AP_ERR_BADSEQ = new ErrorType( 49, "Incorrect sequence number in message" );
287 
288     /**
289      * Inappropriate type of checksum in message.
290      */
291     public static final ErrorType KRB_AP_ERR_INAPP_CKSUM = new ErrorType( 50,
292         "Inappropriate type of checksum in message" );
293 
294     /**
295      * Policy rejects transited path.
296      */
297     public static final ErrorType KRB_AP_PATH_NOT_ACCEPTED = new ErrorType( 51, "Policy rejects transited path" );
298 
299     /**
300      * Response too big for UDP; retry with TCP.
301      */
302     public static final ErrorType KRB_ERR_RESPONSE_TOO_BIG = new ErrorType( 52,
303         "Response too big for UDP; retry with TCP" );
304 
305     /**
306      * Generic error (description in e-text).
307      */
308     public static final ErrorType KRB_ERR_GENERIC = new ErrorType( 60, "Generic error (description in e-text)" );
309 
310     /**
311      * Field is too long for this implementation.
312      */
313     public static final ErrorType KRB_ERR_FIELD_TOOLONG = new ErrorType( 61,
314         "Field is too long for this implementation" );
315 
316     /**
317      * Client is not trusted.
318      */
319     public static final ErrorType KDC_ERR_CLIENT_NOT_TRUSTED = new ErrorType( 62, "Client is not trusted" );
320 
321     /**
322      * KDC is not trusted.
323      */
324     public static final ErrorType KRB_ERR_KDC_NOT_TRUSTED = new ErrorType( 63, "KDC is not trusted" );
325 
326     /**
327      * Signature is invalid.
328      */
329     public static final ErrorType KDC_ERR_INVALID_SIG = new ErrorType( 64, "Signature is invalid" );
330 
331     /**
332      * Diffie-Hellman (DH) key parameters not accepted.
333      */
334     public static final ErrorType KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED = new ErrorType( 65,
335         "Diffie-Hellman (DH) key parameters not accepted." );
336 
337     /**
338      * Certificates do not match.
339      */
340     public static final ErrorType KRB_ERR_CERTIFICATE_MISMATCH = new ErrorType( 66, "Certificates do not match" );
341 
342     /**
343      * No TGT available to validate USER-TO-USER.
344      */
345     public static final ErrorType KRB_AP_ERR_NO_TGT = new ErrorType( 67, "No TGT available to validate USER-TO-USER" );
346 
347     /**
348      * Wrong realm.
349      */
350     public static final ErrorType KRB_ERR_WRONG_REALM = new ErrorType( 68, "Wrong realm" );
351 
352     /**
353      * Ticket must be for USER-TO-USER.
354      */
355     public static final ErrorType KRB_AP_ERR_USER_TO_USER_REQUIRED = new ErrorType( 69,
356         "Ticket must be for USER-TO-USER" );
357 
358     /**
359      * Can't verify certificate.
360      */
361     public static final ErrorType KDC_ERR_CANT_VERIFY_CERTIFICATE = new ErrorType( 70, "Can't verify certificate" );
362 
363     /**
364      * Invalid certificate.
365      */
366     public static final ErrorType KDC_ERR_INVALID_CERTIFICATE = new ErrorType( 71, "Invalid certificate" );
367 
368     /**
369      * Revoked certificate.
370      */
371     public static final ErrorType KDC_ERR_REVOKED_CERTIFICATE = new ErrorType( 72, "Revoked certificate" );
372 
373     /**
374      * Revocation status unknown.
375      */
376     public static final ErrorType KDC_ERR_REVOCATION_STATUS_UNKNOWN = new ErrorType( 73, "Revocation status unknown" );
377 
378     /**
379      * Revocation status unavailable.
380      */
381     public static final ErrorType KRB_ERR_REVOCATION_STATUS_UNAVAILABLE = new ErrorType( 74,
382         "Revocation status unavailable" );
383 
384     /**
385      * Client names do not match.
386      */
387     public static final ErrorType KDC_ERR_CLIENT_NAME_MISMATCH = new ErrorType( 75, "Client names do not match" );
388 
389     /**
390      * KDC names do not match.
391      */
392     public static final ErrorType KRB_ERR_KDC_NAME_MISMATCH = new ErrorType( 76, "KDC names do not match" );
393 
394     /**
395      * Inconsistent key purpose.
396      */
397     public static final ErrorType KDC_ERR_INCONSISTENT_KEY_PURPOSE = new ErrorType( 77, "Inconsistent key purpose" );
398 
399     /**
400      * Digest in certificate not accepted.
401      */
402     public static final ErrorType KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED = new ErrorType( 78,
403         "Digest in certificate not accepted" );
404 
405     /**
406      * PA checksum must be included.
407      */
408     public static final ErrorType KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED = new ErrorType( 79,
409         "PA checksum must be included" );
410 
411     /**
412      * Digest in signed data not accepted.
413      */
414     public static final ErrorType KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED = new ErrorType( 80,
415         "Digest in signed data not accepted" );
416 
417     /**
418      * Public key encryption not supported.
419      */
420     public static final ErrorType KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED = new ErrorType( 81,
421         "Public key encryption not supported" );
422 
423     /**
424      * Array for building a List of VALUES.
425      */
426     private static final ErrorType[] values =
427         { KDC_ERR_NONE, KDC_ERR_NAME_EXP, KDC_ERR_SERVICE_EXP, KDC_ERR_BAD_PVNO, KDC_ERR_C_OLD_MAST_KVNO,
428             KDC_ERR_S_OLD_MAST_KVNO, KDC_ERR_C_PRINCIPAL_UNKNOWN, KDC_ERR_S_PRINCIPAL_UNKNOWN,
429             KDC_ERR_PRINCIPAL_NOT_UNIQUE, KDC_ERR_NULL_KEY, KDC_ERR_CANNOT_POSTDATE, KDC_ERR_NEVER_VALID,
430             KDC_ERR_POLICY, KDC_ERR_BADOPTION, KDC_ERR_ETYPE_NOSUPP, KDC_ERR_SUMTYPE_NOSUPP,
431             KDC_ERR_PADATA_TYPE_NOSUPP, KDC_ERR_TRTYPE_NOSUPP, KDC_ERR_CLIENT_REVOKED, KDC_ERR_SERVICE_REVOKED,
432             KDC_ERR_TGT_REVOKED, KDC_ERR_CLIENT_NOTYET, KDC_ERR_SERVICE_NOTYET, KDC_ERR_KEY_EXPIRED,
433             KDC_ERR_PREAUTH_FAILED, KDC_ERR_PREAUTH_REQUIRED, KDC_ERR_SERVER_NOMATCH, KDC_ERR_MUST_USE_USER2USER,
434             KDC_ERR_PATH_NOT_ACCEPTED, KDC_ERR_SVC_UNAVAILABLE, KRB_AP_ERR_BAD_INTEGRITY, KRB_AP_ERR_TKT_EXPIRED,
435             KRB_AP_ERR_TKT_NYV, KRB_AP_ERR_REPEAT, KRB_AP_ERR_NOT_US, KRB_AP_ERR_BADMATCH, KRB_AP_ERR_SKEW,
436             KRB_AP_ERR_BADADDR, KRB_AP_ERR_BADVERSION, KRB_AP_ERR_MSG_TYPE, KRB_AP_ERR_MODIFIED, KRB_AP_ERR_BADORDER,
437             KRB_AP_ERR_BADKEYVER, KRB_AP_ERR_NOKEY, KRB_AP_ERR_MUT_FAIL, KRB_AP_ERR_BADDIRECTION, KRB_AP_ERR_METHOD,
438             KRB_AP_ERR_BADSEQ, KRB_AP_ERR_INAPP_CKSUM, KRB_AP_PATH_NOT_ACCEPTED, KRB_ERR_RESPONSE_TOO_BIG,
439             KRB_ERR_GENERIC, KRB_ERR_FIELD_TOOLONG, KDC_ERR_CLIENT_NOT_TRUSTED, KRB_ERR_KDC_NOT_TRUSTED,
440             KDC_ERR_INVALID_SIG, KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED, KRB_ERR_CERTIFICATE_MISMATCH,
441             KRB_AP_ERR_NO_TGT, KRB_ERR_WRONG_REALM, KRB_AP_ERR_USER_TO_USER_REQUIRED, KDC_ERR_CANT_VERIFY_CERTIFICATE,
442             KDC_ERR_INVALID_CERTIFICATE, KDC_ERR_REVOKED_CERTIFICATE, KDC_ERR_REVOCATION_STATUS_UNKNOWN,
443             KRB_ERR_REVOCATION_STATUS_UNAVAILABLE, KDC_ERR_CLIENT_NAME_MISMATCH, KRB_ERR_KDC_NAME_MISMATCH,
444             KDC_ERR_INCONSISTENT_KEY_PURPOSE, KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED,
445             KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED, KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED,
446             KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED };
447 
448     /**
449      * A List of all the error type constants.
450      */
451     public static final List<ErrorType> VALUES = Collections.unmodifiableList( Arrays.asList( values ) );
452 
453     /**
454      * The name of the error type.
455      */
456     private final String name;
457 
458     /**
459      * The value/code for the error type.
460      */
461     private final int ordinal;
462 
463 
464     /**
465      * Private constructor prevents construction outside of this class.
466      */
467     private ErrorType( int ordinal, String name )
468     {
469         this.ordinal = ordinal;
470         this.name = name;
471     }
472 
473 
474     /**
475      * Returns the message for this Kerberos error.
476      *
477      * @return the message for this Kerberos error.
478      */
479     public String getMessage()
480     {
481         return name;
482     }
483 
484 
485     /**
486      * Returns the message for this Kerberos error.
487      *
488      * @return the message for this Kerberos error.
489      */
490     public String toString()
491     {
492         return name;
493     }
494 
495 
496     /**
497      * Compares this type to another object hopefully one that is of the same
498      * type.
499      *
500      * @param that the object to compare this KerberosError to
501      * @return ordinal - ( ( KerberosError ) that ).ordinal;
502      */
503     public int compareTo( ErrorType that )
504     {
505         return ordinal - that.ordinal;
506     }
507 
508 
509     /**
510      * Gets the ordinal by its ordinal value.
511      *
512      * @param ordinal the ordinal value of the ordinal
513      * @return the type corresponding to the ordinal value
514      */
515     public static ErrorType getTypeByOrdinal( int ordinal )
516     {
517         for ( int ii = 0; ii < values.length; ii++ )
518         {
519             if ( values[ii].ordinal == ordinal )
520             {
521                 return values[ii];
522             }
523         }
524 
525         return KRB_ERR_GENERIC;
526     }
527 
528 
529     /**
530      * Gets the ordinal value associated with this Kerberos error.
531      *
532      * @return the ordinal value associated with this Kerberos error
533      */
534     public int getOrdinal()
535     {
536         return ordinal;
537     }
538 }