Examples of KerberosTicket

javax.security.auth.kerberos.KerberosTicket

Examples of javax.security.auth.kerberos.KerberosTicket

                    WSSecurityException.ErrorCode.FAILURE,
                    "kerberosLoginError", "No Client principals found after login"
                );
            }
            // Store the TGT
            KerberosTicket tgt = getKerberosTicket(clientSubject, null);


            // Get the service ticket           
            KerberosClientExceptionAction action = 
                new KerberosClientExceptionAction(clientPrincipals.iterator().next(),
                                                  contextAndServiceNameCallback.getServiceName(),
                                                  contextAndServiceNameCallback.isUsernameServiceNameForm());
            KerberosContext krbCtx = null;
            try {
                krbCtx = (KerberosContext) Subject.doAs(clientSubject, action);


                // Get the secret key from KerberosContext if available, otherwise use Kerberos ticket's session key
                Key sessionKey = krbCtx.getSecretKey();
                if (sessionKey != null) {
                    secretKey = new SecretKeySpec(sessionKey.getEncoded(), sessionKey.getAlgorithm());
                } else {
                    KerberosTicket serviceTicket = getKerberosTicket(clientSubject, tgt);
                    secretKey = serviceTicket.getSessionKey();
                }


                ticket = krbCtx.getKerberosToken();
            }
            catch (PrivilegedActionException e) {

View Full Code Here

Examples of javax.security.auth.kerberos.KerberosTicket

   */
  private SecretKey getSessionKey(KerberosTicket tgt) throws WSSecurityException {
    for (Iterator creds = subject.getPrivateCredentials().iterator(); creds.hasNext();) {
      Object cred = creds.next();
      if ((cred instanceof KerberosTicket) && !cred.equals(tgt)) {
        KerberosTicket ticket = (KerberosTicket) cred;
        return ticket.getSessionKey();
      }
    }


    throw new WSSecurityException((new StringBuilder())
        .append("Could not find service ticket with server principal name ")

View Full Code Here

Examples of javax.security.auth.kerberos.KerberosTicket

    secRef.setID(strUri);
    byte tokenData[] = null;


    if (needSession) {
      try {
        KerberosTicket tgt = getTicketGrantingTicket();
        tokenData = getServiceTicketData(servicePrincipalName);
        sessionKey = getSessionKey(tgt);
        krbSession = new KrbSession(SecurityUtil.getSHA1(tokenData), sessionKey);
        krbSession.setClientPrincipalName(user);
        krbSession.setServerPrincipalName(servicePrincipalName);

View Full Code Here

Examples of javax.security.auth.kerberos.KerberosTicket

                WSSecurityException.ErrorCode.FAILURE, 
                "kerberosLoginError",
                "No Client principals found after login");
        }
        // Store the TGT
        KerberosTicket tgt = getKerberosTicket(clientSubject, null);
        
        // Get the service ticket
        KerberosClientAction action =
            new KerberosClientAction(clientPrincipals.iterator().next(), serviceName);
        byte[] ticket = Subject.doAs(clientSubject, action);
        if (ticket == null) {
            throw new WSSecurityException(
                WSSecurityException.ErrorCode.FAILURE, "kerberosServiceTicketError"
            );
        }
        if (log.isDebugEnabled()) {
            log.debug("Successfully retrieved a service ticket");
        }
        
        // Get the Service Ticket (private credential)
        KerberosTicket serviceTicket = getKerberosTicket(clientSubject, tgt);
        if (serviceTicket != null) {
            secretKey = serviceTicket.getSessionKey();
        }
        
        setToken(ticket);
        
        if ("".equals(getValueType())) {

View Full Code Here

Examples of javax.security.auth.kerberos.KerberosTicket

                        WSSecurityException.ErrorCode.FAILURE,
                        "kerberosLoginError", "No Client principals found after login"
                );
            }
            // Store the TGT
            KerberosTicket tgt = getKerberosTicket(clientSubject, null);


            // Get the service ticket
            KerberosClientAction action =
                    new KerberosClientAction(
                            clientPrincipals.iterator().next(), contextAndServiceNameCallback.getServiceName()
                    );
            byte[] ticket = Subject.doAs(clientSubject, action);
            if (ticket == null) {
                throw new WSSecurityException(
                        WSSecurityException.ErrorCode.FAILURE, "kerberosServiceTicketError"
                );
            }


            // Get the Service Ticket (private credential)
            KerberosTicket serviceTicket = getKerberosTicket(clientSubject, tgt);
            if (serviceTicket != null) {
                this.secretKey = serviceTicket.getSessionKey();
            }


            this.ticket = ticket;


        } catch (LoginException e) {

View Full Code Here

Examples of javax.security.auth.kerberos.KerberosTicket

        Thread t = new Thread(new Runnable() {
          
          public void run() {
            String cmd = conf.get("hadoop.kerberos.kinit.command",
                                  "kinit");
            KerberosTicket tgt = getTGT();
            if (tgt == null) {
              return;
            }
            long nextRefresh = getRefreshTime(tgt);
            while (true) {

View Full Code Here

Examples of javax.security.auth.kerberos.KerberosTicket

  public synchronized void checkTGTAndReloginFromKeytab() throws IOException {
    if (!isSecurityEnabled()
        || user.getAuthenticationMethod() != AuthenticationMethod.KERBEROS
        || !isKeytab)
      return;
    KerberosTicket tgt = getTGT();
    if (tgt != null && System.currentTimeMillis() < getRefreshTime(tgt)) {
      return;
    }
    reloginFromKeytab();
  }

View Full Code Here

Examples of javax.security.auth.kerberos.KerberosTicket

    long now = System.currentTimeMillis();
    if (!hasSufficientTimeElapsed(now)) {
      return;
    }


    KerberosTicket tgt = getTGT();
    //Return if TGT is valid and is not going to expire soon.
    if (tgt != null && now < getRefreshTime(tgt)) {
      return;
    }

View Full Code Here

Examples of javax.security.auth.kerberos.KerberosTicket

                "kerberosLoginError", 
                new Object[] {"No Client principals found after login"}
            );
        }
        // Store the TGT
        KerberosTicket tgt = getKerberosTicket(clientSubject, null);


        // Get the service ticket
        KerberosClientExceptionAction action = 
            new KerberosClientExceptionAction(clientPrincipals.iterator().next(), serviceName, isUsernameServiceNameForm);
        KerberosContext krbCtx = null;
        try {
            krbCtx = (KerberosContext) Subject.doAs(clientSubject, action);


            // Get the secret key from KerberosContext if available, otherwise use Kerberos ticket's session key
            Key sessionKey = krbCtx.getSecretKey();
            if (sessionKey != null) {
                secretKey = new SecretKeySpec(sessionKey.getEncoded(), sessionKey.getAlgorithm());
            } else {
                KerberosTicket serviceTicket = getKerberosTicket(clientSubject, tgt);
                secretKey = serviceTicket.getSessionKey();
            }


            setToken(krbCtx.getKerberosToken());
        }
        catch (PrivilegedActionException e) {

View Full Code Here

Examples of javax.security.auth.kerberos.KerberosTicket

          
          @Override
          public void run() {
            String cmd = conf.get("hadoop.kerberos.kinit.command",
                                  "kinit");
            KerberosTicket tgt = getTGT();
            if (tgt == null) {
              return;
            }
            long nextRefresh = getRefreshTime(tgt);
            while (true) {

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.