Examples of GSSManager

org.ietf.jgss.GSSManager
tify who the client wishes to be GSSName userName = manager.createName("duke", GSSName.NT_USER_NAME); // Identify the name of the server. This uses a Kerberos specific // name format. GSSName serverName = manager.createName("nfs/foo.sun.com", krb5PrincipalNameType); // Acquire credentials for the user GSSCredential userCreds = manager.createCredential(userName, GSSCredential.DEFAULT_LIFETIME, krb5Mechanism, GSSCredential.INITIATE_ONLY); // Instantiate and initialize a security context that will be // established with the server GSSContext context = manager.createContext(serverName, krb5Mechanism, userCreds, GSSContext.DEFAULT_LIFETIME);
The server side might use the following variation of this source:
```
 // Acquire credentials for the server GSSCredential serverCreds = manager.createCredential(serverName,  GSSCredential.DEFAULT_LIFETIME,  krb5Mechanism,  GSSCredential.ACCEPT_ONLY);  // Instantiate and initialize a security context that will // wait for an establishment request token from the client GSSContext context = manager.createContext(serverCreds); 
```
@author Mayank Upadhyay @version 1.10, 11/17/05 @see GSSName @see GSSCredential @see GSSContext @since 1.4

Examples of org.ietf.jgss.GSSManager

    public boolean validateContext(ORB orb, Codec codec, byte[] contextToken) {
        byte[] token = null;


        try {
            Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
            GSSManager gssManager = GSSManager.getInstance();
            if (targetCreds == null) targetCreds = gssManager.createCredential(null, GSSCredential.INDEFINITE_LIFETIME, krb5Oid, GSSCredential.ACCEPT_ONLY);
            validatedContext = gssManager.createContext(targetCreds);
            token = validatedContext.acceptSecContext(contextToken, 0, contextToken.length);
        } catch (GSSException e) {
            logger.error("Error accepting Kerberos context: "+e);
        }
        if (token == null) {

View Full Code Here

Examples of org.ietf.jgss.GSSManager

    protected GSSContext createGSSContext() throws GSSException {
        boolean useKerberosOid = MessageUtils.isTrue(
            messageContext.getContextualProperty(PROPERTY_USE_KERBEROS_OID));
        Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID);


        GSSManager gssManager = GSSManager.getInstance();
        
        String spn = getCompleteServicePrincipalName();
        GSSName gssService = gssManager.createName(spn, null);
        
        return gssManager.createContext(gssService.canonicalize(oid), 
                   oid, null, GSSContext.DEFAULT_LIFETIME);
    }

View Full Code Here

Examples of org.ietf.jgss.GSSManager


    private String getKerberosUser()
    {
        log.debug("Obtaining userID from kerberos");
        String service = conSettings.getSaslProtocol() + "@" + conSettings.getSaslServerName();
        GSSManager manager = GSSManager.getInstance();


        try
        {
            GSSName acceptorName = manager.createName(service,
                GSSName.NT_HOSTBASED_SERVICE, KRB5_OID);


            GSSContext secCtx = manager.createContext(acceptorName,
                                                      KRB5_OID,
                                                      null,
                                                      GSSContext.INDEFINITE_LIFETIME);


            secCtx.initSecContext(new byte[0], 0, 1);

View Full Code Here

Examples of org.ietf.jgss.GSSManager

     * @throws GSSException
     */
    private static void doHandShake(int localPort) throws IOException,
            GSSException {
        ServerSocket ss = new ServerSocket(localPort);
        GSSManager manager = GSSManager.getInstance();


        /*
         * Create a GSSContext to receive the incoming request from the client. 
         * Use null for the server credentials passed in to tell the underlying 
         * mechanism to use whatever credentials it has available that can be 
         * used to accept this connection.
         */
        GSSCredential serverCreds = manager.createCredential(manager
                .createName(SERVICE_NAME, null),
                GSSCredential.DEFAULT_LIFETIME, new Oid(
                        SocksProxyConstants.KERBEROS_V5_OID),
                GSSCredential.ACCEPT_ONLY);


        while (true) {
            logger.debug("Waiting for incoming connection on port {} ...",
                    localPort);
            GSSContext context = manager.createContext(serverCreds);
            Socket socket = ss.accept();


            try {
                DataInputStream inStream = new DataInputStream(socket
                        .getInputStream());

View Full Code Here

Examples of org.ietf.jgss.GSSManager


  public void testRequestWithAuthorization() throws Exception {
    String token = KerberosTestUtils.doAsClient(new Callable<String>() {
      @Override
      public String call() throws Exception {
        GSSManager gssManager = GSSManager.getInstance();
        GSSContext gssContext = null;
        try {
          String servicePrincipal = KerberosTestUtils.getServerPrincipal();
          Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
          GSSName serviceName = gssManager.createName(servicePrincipal,
              oid);
          oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
          gssContext = gssManager.createContext(serviceName, oid, null,
                                                  GSSContext.DEFAULT_LIFETIME);
          gssContext.requestCredDeleg(true);
          gssContext.requestMutualAuth(true);


          byte[] inToken = new byte[0];

View Full Code Here

Examples of org.ietf.jgss.GSSManager


  public void testRequestWithAuthorization() throws Exception {
    String token = KerberosTestUtils.doAsClient(new Callable<String>() {
      @Override
      public String call() throws Exception {
        GSSManager gssManager = GSSManager.getInstance();
        GSSContext gssContext = null;
        try {
          String servicePrincipal = KerberosTestUtils.getServerPrincipal();
          GSSName serviceName = gssManager.createName(servicePrincipal, GSSUtil.NT_GSS_KRB5_PRINCIPAL);
          gssContext = gssManager.createContext(serviceName, GSSUtil.GSS_KRB5_MECH_OID, null,
                                                GSSContext.DEFAULT_LIFETIME);
          gssContext.requestCredDeleg(true);
          gssContext.requestMutualAuth(true);


          byte[] inToken = new byte[0];

View Full Code Here

Examples of org.ietf.jgss.GSSManager

    protected GSSContext createGSSContext() throws GSSException {
        boolean useKerberosOid = MessageUtils.isTrue(
            messageContext.getContextualProperty(PROPERTY_USE_KERBEROS_OID));
        Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID);


        GSSManager gssManager = GSSManager.getInstance();
        
        String spn = getCompleteServicePrincipalName();
        GSSName gssService = gssManager.createName(spn, null);
        
        return gssManager.createContext(gssService.canonicalize(oid), 
                   oid, null, GSSContext.DEFAULT_LIFETIME);
    }

View Full Code Here

Examples of org.ietf.jgss.GSSManager

    /**
     * Obtain a service ticket
     */
    public byte[] run() {
        try {
            GSSManager gssManager = GSSManager.getInstance();
            Oid oid = new Oid("1.3.6.1.5.5.2");


            GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
            secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);


            secContext.requestMutualAuth(mutualAuth);
            secContext.requestCredDeleg(Boolean.FALSE);
        
            byte[] token = new byte[0];

View Full Code Here

Examples of org.ietf.jgss.GSSManager

    /**
     * Validate a service ticket
     */
    public byte[] run() {
        try {
            GSSManager gssManager = GSSManager.getInstance();
            Oid oid = new Oid("1.3.6.1.5.5.2");


            GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
            secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);


            return secContext.acceptSecContext(ticket, 0, ticket.length);
        } catch (GSSException e) {
            if (log.isDebugEnabled()) {
                log.debug("Error in obtaining a Kerberos token", e);

View Full Code Here

Examples of org.ietf.jgss.GSSManager

        this.serviceName = serviceName;
        this.isUsernameServiceNameForm = isUsernameServiceNameForm;
    }


    public KerberosContext run() throws GSSException, WSSecurityException {
        GSSManager gssManager = GSSManager.getInstance();


        Oid kerberos5Oid = new Oid("1.2.840.113554.1.2.2");
        GSSName gssClient = gssManager.createName(clientPrincipal.getName(), GSSName.NT_USER_NAME);
        GSSCredential credentials = 
            gssManager.createCredential(
                gssClient, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.INITIATE_ONLY
            );


        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
        GSSContext secContext =
            gssManager.createContext(
                gssService, kerberos5Oid, credentials, GSSContext.DEFAULT_LIFETIME
            );


        secContext.requestMutualAuth(false);

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.