Google Git
Sign in
apache / directory-server / refs/heads/apacheds-kerberos / . / kerberos-shared / src / main / java / org / apache / directory / server / kerberos / shared / messages / value / types / KerberosErrorType.java
blob: 6e922d9a42e012f9e0c704fad4091746ef6d2e1c [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*
*/
package org.apache.directory.server.kerberos.shared.messages.value.types;
/**
* The Kerberos Error codes
*
* @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
* @version $Rev: 540371 $, $Date: 2007-05-22 02:00:43 +0200 (Tue, 22 May 2007) $
*/
public enum KerberosErrorType
{
/** No error */
KDC_ERR_NONE(0),
/** Client's entry in database has expired */
KDC_ERR_NAME_EXP(1),
/** Server's entry in database has expired */
KDC_ERR_SERVICE_EXP(2),
/** Requested protocol version number not supported */
KDC_ERR_BAD_PVNO(3),
/** Client's key encrypted in old master key */
KDC_ERR_C_OLD_MAST_KVNO(4),
/** Server's key encrypted in old master key */
KDC_ERR_S_OLD_MAST_KVNO(5),
/** Client not found in Kerberos database */
KDC_ERR_C_PRINCIPAL_UNKNOWN(6),
/** Server not found in Kerberos database */
KDC_ERR_S_PRINCIPAL_UNKNOWN(7),
/** Multiple principal entries in database */
KDC_ERR_PRINCIPAL_NOT_UNIQUE(8),
/** The client or server has a null key */
KDC_ERR_NULL_KEY(9),
/** Ticket not eligible for postdating */
KDC_ERR_CANNOT_POSTDATE(10),
/** Requested starttime is later than end time */
KDC_ERR_NEVER_VALID(11),
/** KDC policy rejects request */
KDC_ERR_POLICY(12),
/** KDC cannot accommodate requested option */
KDC_ERR_BADOPTION(13),
/** KDC has no support for encryption type */
KDC_ERR_ETYPE_NOSUPP(14),
/** KDC has no support for checksum type */
KDC_ERR_SUMTYPE_NOSUPP(15),
/** KDC has no support for padata type */
KDC_ERR_PADATA_TYPE_NOSUPP(16),
/** KDC has no support for transited type */
KDC_ERR_TRTYPE_NOSUPP(17),
/** Clients credentials have been revoked */
KDC_ERR_CLIENT_REVOKED(18),
/** Credentials for server have been revoked */
KDC_ERR_SERVICE_REVOKED(19),
/** TGT has been revoked */
KDC_ERR_TGT_REVOKED(20),
/** Client not yet valid; try again later */
KDC_ERR_CLIENT_NOTYET(21),
/** Server not yet valid; try again later */
KDC_ERR_SERVICE_NOTYET(22),
/** Password has expired; change password to reset */
KDC_ERR_KEY_EXPIRED(23),
/** Pre-authentication information was invalid */
KDC_ERR_PREAUTH_FAILED(24),
/** Additional pre-authentication required */
KDC_ERR_PREAUTH_REQUIRED(25),
/** Requested server and ticket don't match */
KDC_ERR_SERVER_NOMATCH(26),
/** Server principal valid for user2user only */
KDC_ERR_MUST_USE_USER2USER(27),
/** KDC Policy rejects transited path */
KDC_ERR_PATH_NOT_ACCEPTED(28),
/** A service is not available */
KDC_ERR_SVC_UNAVAILABLE(29),
/** Integrity check on decrypted field failed */
KRB_AP_ERR_BAD_INTEGRITY(31),
/** Ticket expired */
KRB_AP_ERR_TKT_EXPIRED(32),
/** Ticket not yet valid */
KRB_AP_ERR_TKT_NYV(33),
/** Request is a replay */
KRB_AP_ERR_REPEAT(34),
/** The ticket isn't for us */
KRB_AP_ERR_NOT_US(35),
/** Ticket and authenticator don't match */
KRB_AP_ERR_BADMATCH(36),
/** Clock skew too great */
KRB_AP_ERR_SKEW(37),
/** Incorrect net address */
KRB_AP_ERR_BADADDR(38),
/** Protocol version mismatch */
KRB_AP_ERR_BADVERSION(39),
/** Invalid msg type */
KRB_AP_ERR_MSG_TYPE(40),
/** Message stream modified */
KRB_AP_ERR_MODIFIED(41),
/** Message out of order */
KRB_AP_ERR_BADORDER(42),
/** Specified version of key is not available */
KRB_AP_ERR_BADKEYVER(44),
/** Service key not available */
KRB_AP_ERR_NOKEY(45),
/** Mutual authentication failed */
KRB_AP_ERR_MUT_FAIL(46),
/** Incorrect message direction */
KRB_AP_ERR_BADDIRECTION(47),
/** Alternative authentication method required */
KRB_AP_ERR_METHOD(48),
/** Incorrect sequence number in message */
KRB_AP_ERR_BADSEQ(49),
/** Inappropriate type of checksum in message */
KRB_AP_ERR_INAPP_CKSUM(50),
/** Policy rejects transited path */
KRB_AP_PATH_NOT_ACCEPTED(51),
/** Response too big for UDP; retry with TCP */
KRB_ERR_RESPONSE_TOO_BIG(52),
/** Generic error (description in e-text) */
KRB_ERR_GENERIC(60),
/** Field is too long for this implementation */
KRB_ERR_FIELD_TOOLONG(61),
/** Reserved for PKINIT */
KDC_ERROR_CLIENT_NOT_TRUSTED(62),
/** Reserved for PKINIT */
KDC_ERROR_KDC_NOT_TRUSTED(63),
/** Reserved for PKINIT */
KDC_ERROR_INVALID_SIG(64),
/** Reserved for PKINIT */
KDC_ERR_KEY_TOO_WEAK(65),
/** Reserved for PKINIT */
KDC_ERR_CERTIFICATE_MISMATCH(66),
/** No TGT available to validate USER-TO-USER */
KRB_AP_ERR_NO_TGT(67),
/** Reserved for future use */
KDC_ERR_WRONG_REALM(68),
/** Ticket must be for USER-TO-USER */
KRB_AP_ERR_USER_TO_USER_REQUIRED(69),
/** Reserved for PKINIT */
KDC_ERR_CANT_VERIFY_CERTIFICATE(70),
/** Reserved for PKINIT */
KDC_ERR_INVALID_CERTIFICATE(71),
/** Reserved for PKINIT */
KDC_ERR_REVOKED_CERTIFICATE(72),
/** Reserved for PKINIT */
KDC_ERR_REVOCATION_STATUS_UNKNOWN(73),
/** Reserved for PKINIT */
KDC_ERR_REVOCATION_STATUS_UNAVAILABLE(74),
/** Reserved for PKINIT */
KDC_ERR_CLIENT_NAME_MISMATCH(75),
/** Reserved for PKINIT */
KDC_ERR_KDC_NAME_MISMATCH(76),
/** No error */
NULL(-1);
/**
* The value/code for the authorization type.
*/
private final int ordinal;
/**
* Private constructor prevents construction outside of this class.
*/
private KerberosErrorType( int ordinal )
{
this.ordinal = ordinal;
}
/**
* Returns the authorization type when specified by its ordinal.
*
* @param type
* @return The authorization type.
*/
public static KerberosErrorType getTypeByOrdinal( int type )
{
switch ( type )
{
case 0 : return KDC_ERR_NONE;
case 1 : return KDC_ERR_NAME_EXP;
case 2 : return KDC_ERR_SERVICE_EXP;
case 3 : return KDC_ERR_BAD_PVNO;
case 4 : return KDC_ERR_C_OLD_MAST_KVNO;
case 5 : return KDC_ERR_S_OLD_MAST_KVNO;
case 6 : return KDC_ERR_C_PRINCIPAL_UNKNOWN;
case 7 : return KDC_ERR_S_PRINCIPAL_UNKNOWN;
case 8 : return KDC_ERR_PRINCIPAL_NOT_UNIQUE;
case 9 : return KDC_ERR_NULL_KEY;
case 10 : return KDC_ERR_CANNOT_POSTDATE;
case 11 : return KDC_ERR_NEVER_VALID;
case 12 : return KDC_ERR_POLICY;
case 13 : return KDC_ERR_BADOPTION;
case 14 : return KDC_ERR_ETYPE_NOSUPP;
case 15 : return KDC_ERR_SUMTYPE_NOSUPP;
case 16 : return KDC_ERR_PADATA_TYPE_NOSUPP;
case 17 : return KDC_ERR_TRTYPE_NOSUPP;
case 18 : return KDC_ERR_CLIENT_REVOKED;
case 19 : return KDC_ERR_SERVICE_REVOKED;
case 20 : return KDC_ERR_TGT_REVOKED;
case 21 : return KDC_ERR_CLIENT_NOTYET;
case 22 : return KDC_ERR_SERVICE_NOTYET;
case 23 : return KDC_ERR_KEY_EXPIRED;
case 24 : return KDC_ERR_PREAUTH_FAILED;
case 25 : return KDC_ERR_PREAUTH_REQUIRED;
case 26 : return KDC_ERR_SERVER_NOMATCH;
case 27 : return KDC_ERR_MUST_USE_USER2USER;
case 28 : return KDC_ERR_PATH_NOT_ACCEPTED;
case 29 : return KDC_ERR_SVC_UNAVAILABLE;
case 31 : return KRB_AP_ERR_BAD_INTEGRITY;
case 32 : return KRB_AP_ERR_TKT_EXPIRED;
case 33 : return KRB_AP_ERR_TKT_NYV;
case 34 : return KRB_AP_ERR_REPEAT;
case 35 : return KRB_AP_ERR_NOT_US;
case 36 : return KRB_AP_ERR_BADMATCH;
case 37 : return KRB_AP_ERR_SKEW;
case 38 : return KRB_AP_ERR_BADADDR;
case 39 : return KRB_AP_ERR_BADVERSION;
case 40 : return KRB_AP_ERR_MSG_TYPE;
case 41 : return KRB_AP_ERR_MODIFIED;
case 42 : return KRB_AP_ERR_BADORDER;
case 44 : return KRB_AP_ERR_BADKEYVER;
case 45 : return KRB_AP_ERR_NOKEY;
case 46 : return KRB_AP_ERR_MUT_FAIL;
case 47 : return KRB_AP_ERR_BADDIRECTION;
case 48 : return KRB_AP_ERR_METHOD;
case 49 : return KRB_AP_ERR_BADSEQ;
case 50 : return KRB_AP_ERR_INAPP_CKSUM;
case 51 : return KRB_AP_PATH_NOT_ACCEPTED;
case 52 : return KRB_ERR_RESPONSE_TOO_BIG;
case 60 : return KRB_ERR_GENERIC;
case 61 : return KRB_ERR_FIELD_TOOLONG;
case 62 : return KDC_ERROR_CLIENT_NOT_TRUSTED;
case 63 : return KDC_ERROR_KDC_NOT_TRUSTED;
case 64 : return KDC_ERROR_INVALID_SIG;
case 65 : return KDC_ERR_KEY_TOO_WEAK;
case 66 : return KDC_ERR_CERTIFICATE_MISMATCH;
case 67 : return KRB_AP_ERR_NO_TGT;
case 68 : return KDC_ERR_WRONG_REALM;
case 69 : return KRB_AP_ERR_USER_TO_USER_REQUIRED;
case 70 : return KDC_ERR_CANT_VERIFY_CERTIFICATE;
case 71 : return KDC_ERR_INVALID_CERTIFICATE;
case 72 : return KDC_ERR_REVOKED_CERTIFICATE;
case 73 : return KDC_ERR_REVOCATION_STATUS_UNKNOWN;
case 74 : return KDC_ERR_REVOCATION_STATUS_UNAVAILABLE;
case 75 : return KDC_ERR_CLIENT_NAME_MISMATCH;
case 76 : return KDC_ERR_KDC_NAME_MISMATCH;
default : return NULL;
}
}
/**
* Returns the number associated with this authorization type.
*
* @return The authorization type ordinal.
*/
public int getOrdinal()
{
return ordinal;
}
/**
* @see Object#toString()
*/
public String toString()
{
switch ( this )
{
case KDC_ERR_NONE :
return "No error" + "(" + ordinal + ")";
case KDC_ERR_NAME_EXP :
return "Client's entry in database has expired" + "(" + ordinal + ")";
case KDC_ERR_SERVICE_EXP :
return "Server's entry in database has expired" + "(" + ordinal + ")";
case KDC_ERR_BAD_PVNO :
return "Requested protocol version number not supported" + "(" + ordinal + ")";
case KDC_ERR_C_OLD_MAST_KVNO :
return "Client's key encrypted in old master key" + "(" + ordinal + ")";
case KDC_ERR_S_OLD_MAST_KVNO :
return "Server's key encrypted in old master key" + "(" + ordinal + ")";
case KDC_ERR_C_PRINCIPAL_UNKNOWN :
return "Client not found in Kerberos database" + "(" + ordinal + ")";
case KDC_ERR_S_PRINCIPAL_UNKNOWN :
return "Server not found in Kerberos database" + "(" + ordinal + ")";
case KDC_ERR_PRINCIPAL_NOT_UNIQUE :
return "Multiple principal entries in database" + "(" + ordinal + ")";
case KDC_ERR_NULL_KEY :
return "The client or server has a null key" + "(" + ordinal + ")";
case KDC_ERR_CANNOT_POSTDATE :
return "Ticket not eligible for postdating" + "(" + ordinal + ")";
case KDC_ERR_NEVER_VALID :
return "Requested starttime is later than end time" + "(" + ordinal + ")";
case KDC_ERR_POLICY :
return "KDC policy rejects request" + "(" + ordinal + ")";
case KDC_ERR_BADOPTION :
return "KDC cannot accommodate requested option" + "(" + ordinal + ")";
case KDC_ERR_ETYPE_NOSUPP :
return "KDC has no support for encryption type" + "(" + ordinal + ")";
case KDC_ERR_SUMTYPE_NOSUPP :
return "KDC has no support for checksum type" + "(" + ordinal + ")";
case KDC_ERR_PADATA_TYPE_NOSUPP :
return "KDC has no support for padata type" + "(" + ordinal + ")";
case KDC_ERR_TRTYPE_NOSUPP :
return "KDC has no support for transited type" + "(" + ordinal + ")";
case KDC_ERR_CLIENT_REVOKED :
return "Clients credentials have been revoked" + "(" + ordinal + ")";
case KDC_ERR_SERVICE_REVOKED :
return "Credentials for server have been revoked" + "(" + ordinal + ")";
case KDC_ERR_TGT_REVOKED :
return "TGT has been revoked" + "(" + ordinal + ")";
case KDC_ERR_CLIENT_NOTYET :
return "Client not yet valid; try again later" + "(" + ordinal + ")";
case KDC_ERR_SERVICE_NOTYET :
return "Server not yet valid; try again later" + "(" + ordinal + ")";
case KDC_ERR_KEY_EXPIRED :
return "Password has expired; change password to reset" + "(" + ordinal + ")";
case KDC_ERR_PREAUTH_FAILED :
return "Pre-authentication information was invalid" + "(" + ordinal + ")";
case KDC_ERR_PREAUTH_REQUIRED :
return "Additional pre-authentication required" + "(" + ordinal + ")";
case KDC_ERR_SERVER_NOMATCH :
return "Requested server and ticket don't match" + "(" + ordinal + ")";
case KDC_ERR_MUST_USE_USER2USER :
return "Server principal valid for user2user only" + "(" + ordinal + ")";
case KDC_ERR_PATH_NOT_ACCEPTED :
return "KDC Policy rejects transited path" + "(" + ordinal + ")";
case KDC_ERR_SVC_UNAVAILABLE :
return "A service is not available" + "(" + ordinal + ")";
case KRB_AP_ERR_BAD_INTEGRITY :
return "Integrity check on decrypted field failed" + "(" + ordinal + ")";
case KRB_AP_ERR_TKT_EXPIRED :
return "Ticket expired" + "(" + ordinal + ")";
case KRB_AP_ERR_TKT_NYV :
return "Ticket not yet valid" + "(" + ordinal + ")";
case KRB_AP_ERR_REPEAT :
return "Request is a replay" + "(" + ordinal + ")";
case KRB_AP_ERR_NOT_US :
return "The ticket isn't for us" + "(" + ordinal + ")";
case KRB_AP_ERR_BADMATCH :
return "Ticket and authenticator don't match" + "(" + ordinal + ")";
case KRB_AP_ERR_SKEW :
return "Clock skew too great" + "(" + ordinal + ")";
case KRB_AP_ERR_BADADDR :
return "Incorrect net address" + "(" + ordinal + ")";
case KRB_AP_ERR_BADVERSION :
return "Protocol version mismatch" + "(" + ordinal + ")";
case KRB_AP_ERR_MSG_TYPE :
return "Invalid msg type" + "(" + ordinal + ")";
case KRB_AP_ERR_MODIFIED :
return "Message stream modified" + "(" + ordinal + ")";
case KRB_AP_ERR_BADORDER :
return "Message out of order" + "(" + ordinal + ")";
case KRB_AP_ERR_BADKEYVER :
return "Specified version of key is not available" + "(" + ordinal + ")";
case KRB_AP_ERR_NOKEY :
return "Service key not available" + "(" + ordinal + ")";
case KRB_AP_ERR_MUT_FAIL :
return "Mutual authentication failed" + "(" + ordinal + ")";
case KRB_AP_ERR_BADDIRECTION :
return "Incorrect message direction" + "(" + ordinal + ")";
case KRB_AP_ERR_METHOD :
return "Alternative authentication method required" + "(" + ordinal + ")";
case KRB_AP_ERR_BADSEQ :
return "Incorrect sequence number in message" + "(" + ordinal + ")";
case KRB_AP_ERR_INAPP_CKSUM :
return "Inappropriate type of checksum in message" + "(" + ordinal + ")";
case KRB_AP_PATH_NOT_ACCEPTED :
return "Policy rejects transited path" + "(" + ordinal + ")";
case KRB_ERR_RESPONSE_TOO_BIG :
return "Response too big for UDP; retry with TCP" + "(" + ordinal + ")";
case KRB_ERR_GENERIC :
return "Generic error (description in e-text)" + "(" + ordinal + ")";
case KRB_ERR_FIELD_TOOLONG :
return "Field is too long for this implementation" + "(" + ordinal + ")";
case KDC_ERROR_CLIENT_NOT_TRUSTED :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERROR_KDC_NOT_TRUSTED :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERROR_INVALID_SIG :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERR_KEY_TOO_WEAK :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERR_CERTIFICATE_MISMATCH :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KRB_AP_ERR_NO_TGT :
return "No TGT available to validate USER-TO-USER" + "(" + ordinal + ")";
case KDC_ERR_WRONG_REALM :
return "Reserved for future use" + "(" + ordinal + ")";
case KRB_AP_ERR_USER_TO_USER_REQUIRED :
return "Ticket must be for USER-TO-USER" + "(" + ordinal + ")";
case KDC_ERR_CANT_VERIFY_CERTIFICATE :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERR_INVALID_CERTIFICATE :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERR_REVOKED_CERTIFICATE :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERR_REVOCATION_STATUS_UNKNOWN :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERR_REVOCATION_STATUS_UNAVAILABLE :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERR_CLIENT_NAME_MISMATCH :
return "Reserved for PKINIT" + "(" + ordinal + ")";
case KDC_ERR_KDC_NAME_MISMATCH :
return "Reserved for PKINIT" + "(" + ordinal + ")";
default :
return "null" + "(" + ordinal + ")";
}
}
}