Examples of org.ietf.jgss.GSSManager

org.ietf.jgss.GSSManager
tify who the client wishes to be GSSName userName = manager.createName("duke", GSSName.NT_USER_NAME); // Identify the name of the server. This uses a Kerberos specific // name format. GSSName serverName = manager.createName("nfs/foo.sun.com", krb5PrincipalNameType); // Acquire credentials for the user GSSCredential userCreds = manager.createCredential(userName, GSSCredential.DEFAULT_LIFETIME, krb5Mechanism, GSSCredential.INITIATE_ONLY); // Instantiate and initialize a security context that will be // established with the server GSSContext context = manager.createContext(serverName, krb5Mechanism, userCreds, GSSContext.DEFAULT_LIFETIME);
The server side might use the following variation of this source:
```
 // Acquire credentials for the server GSSCredential serverCreds = manager.createCredential(serverName,  GSSCredential.DEFAULT_LIFETIME,  krb5Mechanism,  GSSCredential.ACCEPT_ONLY);  // Instantiate and initialize a security context that will // wait for an establishment request token from the client GSSContext context = manager.createContext(serverCreds); 
```
@author Mayank Upadhyay @version 1.10, 11/17/05 @see GSSName @see GSSCredential @see GSSContext @since 1.4


        public GSSException run()
        {
            try
            {
                GSSManager manager = GSSManager.getInstance();
                GSSName clientName = manager.createName( userName, GSSName.NT_USER_NAME );
                GSSCredential clientCred = manager.createCredential( clientName,
                                                               8 * 3600,
                                                               createKerberosOid(),
                                                               GSSCredential.INITIATE_ONLY );


                GSSName serverName = manager.createName( serviceName + "@" + hostName, GSSName.NT_HOSTBASED_SERVICE );
                GSSContext context = manager.createContext( serverName,
                                                      createKerberosOid(),
                                                      clientCred,
                                                      GSSContext.DEFAULT_LIFETIME );
                context.requestMutualAuth( true );
                context.requestConf( true );

View Full Code Here

      throws GSSException {


    Subject.doAs(subject, new PrivilegedAction<GSSContext>() {
      public GSSContext run() {
        try {
          GSSManager gssManager = null;
          gssManager = GSSManager.getInstance();
          gssContext = gssManager.createContext((GSSCredential) null);
          byte[] token = ks.getToken();
          gssContext.acceptSecContext(token, 0, token.length);
          return gssContext;
        } catch (GSSException e) {
          e.printStackTrace();

View Full Code Here

  private byte[] getServiceTicketData(final String servicePrincipalName) throws GSSException {
    byte serviceTicket[] = null;
    serviceTicket = (byte[]) (byte[]) Subject.doAs(subject, new PrivilegedAction<byte[]>() {
      public byte[] run() {
        try {
          GSSManager manager = GSSManager.getInstance();
          Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
          Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1");
          GSSName serverName = manager.createName(servicePrincipalName,
              krb5PrincipalNameType);
          final GSSContext context = manager.createContext(serverName, krb5Oid, null, 0);
          byte[] token = new byte[0];
          context.requestMutualAuth(false);
          context.requestCredDeleg(false);
          return context.initSecContext(token, 0, token.length);
        } catch (GSSException e) {

View Full Code Here


    private String getKerberosUser()
    {
        log.debug("Obtaining userID from kerberos");
        String service = conSettings.getSaslProtocol() + "@" + conSettings.getSaslServerName();
        GSSManager manager = GSSManager.getInstance();


        try
        {
            GSSName acceptorName = manager.createName(service,
                GSSName.NT_HOSTBASED_SERVICE, KRB5_OID);


            GSSContext secCtx = manager.createContext(acceptorName,
                                                      KRB5_OID,
                                                      null,
                                                      GSSContext.INDEFINITE_LIFETIME);


            secCtx.initSecContext(new byte[0], 0, 1);

View Full Code Here

        remoteContext = new InitialContext(environment);
        AuthenticationService service = getService(AuthenticationServiceHome.JNDI_NAME, AuthenticationServiceHome.class);
        if (SyncResources.LOGIN_MODE_LOGIN_PASSWORD.equals(getResources().getLoginMode())) {
            subject = service.authenticate(getResources().getLogin(), getResources().getPassword());
        } else {
            GSSManager manager = GSSManager.getInstance();
            GSSCredential clientCred = manager.createCredential(GSSCredential.INITIATE_ONLY);
            GSSName peerName = manager.createName("WFServer", null);
            GSSContext context = manager.createContext(peerName, (Oid) null, clientCred, GSSContext.DEFAULT_LIFETIME);
            context.requestMutualAuth(false);


            byte[] token = new byte[0];
            token = context.initSecContext(token, 0, token.length);
            subject = service.authenticate(token);

View Full Code Here

        remoteContext = new InitialContext(environment);
        AuthenticationService service = getService(AuthenticationServiceHome.JNDI_NAME, AuthenticationServiceHome.class);
        if (SyncResources.LOGIN_MODE_LOGIN_PASSWORD.equals(getResources().getLoginMode())) {
            subject = service.authenticate(getResources().getLogin(), getResources().getPassword());
        } else {
            GSSManager manager = GSSManager.getInstance();
            GSSCredential clientCred = manager.createCredential(GSSCredential.INITIATE_ONLY);
            GSSName peerName = manager.createName("WFServer", null);
            GSSContext context = manager.createContext(peerName, (Oid) null, clientCred, GSSContext.DEFAULT_LIFETIME);
            context.requestMutualAuth(false);


            byte[] token = new byte[0];
            token = context.initSecContext(token, 0, token.length);
            subject = service.authenticate(token);

View Full Code Here

            final byte[] input, final Oid oid, final String authServer) throws GSSException {
        byte[] token = input;
        if (token == null) {
            token = new byte[0];
        }
        final GSSManager manager = getManager();
        final GSSName serverName = manager.createName("HTTP@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
        final GSSContext gssContext = manager.createContext(
                serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        gssContext.requestMutualAuth(true);
        gssContext.requestCredDeleg(true);
        return gssContext.initSecContext(token, 0, token.length);
    }

View Full Code Here

        this.serviceName = serviceName;
    }


    public Principal run() {
        try {
            GSSManager gssManager = GSSManager.getInstance();
        
            Oid kerberos5Oid = new Oid("1.2.840.113554.1.2.2");
            GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
            GSSCredential credentials = 
                gssManager.createCredential(
                    gssService, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.ACCEPT_ONLY
                );
            
            GSSContext secContext =
                gssManager.createContext(credentials);
            secContext.acceptSecContext(ticket, 0, ticket.length);
 
            GSSName clientName = secContext.getSrcName();
            secContext.dispose();
            return new KerberosPrincipal(clientName.toString());

View Full Code Here

    /**
     * Obtain a service ticket
     */
    public byte[] run() {
        try {
            GSSManager gssManager = GSSManager.getInstance();
            Oid oid = new Oid("1.3.6.1.5.5.2");


            GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
            secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);


            secContext.requestMutualAuth(mutualAuth);
            secContext.requestCredDeleg(Boolean.FALSE);
        
            byte[] token = new byte[0];

View Full Code Here

    /**
     * Validate a service ticket
     */
    public byte[] run() {
        try {
            GSSManager gssManager = GSSManager.getInstance();
            Oid oid = new Oid("1.3.6.1.5.5.2");


            GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
            secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);


            return secContext.acceptSecContext(ticket, 0, ticket.length);
        } catch (GSSException e) {
            if (log.isDebugEnabled()) {
                log.debug("Error in obtaining a Kerberos token", e);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.ietf.jgss.GSSManager

au.net.ocean.httpclient.auth.spnego.SPNegoCredentials$CreateGSSContextAction

au.net.ocean.security.auth.gss.AbstractGSSCredentials$CreateGSSContextAction

com.feth.play.module.pa.providers.wwwauth.negotiate.SpnegoAuthProvider

com.jcraft.jsch.jgss.GSSContextKrb5

com.massivecraft.mcore.xlib.mongodb.DBPort$GSSAPIAuthenticator

com.mongodb.DBPort$GSSAPIAuthenticator

com.ning.http.client.providers.netty.spnego.SpnegoEngine

com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosClientSetupAction

com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosServerSetupAction

com.xebialabs.overthere.cifs.winrm.WsmanKerberosScheme

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.