Package org.ietf.jgss

Examples of org.ietf.jgss.GSSManager

51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
    }
   
    public byte[] run() {
        try {
            if (secContext == null) {
                GSSManager gssManager = GSSManager.getInstance();
                Oid oid = new Oid("1.3.6.1.5.5.2");
               
                GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
                secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);
               
                secContext.requestMutualAuth(mutualAuth);
                secContext.requestCredDeleg(Boolean.FALSE);
            }
       
View Full Code Here
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
    }
   
    public byte[] run() {
        try {
            if (secContext == null) {
                GSSManager gssManager = GSSManager.getInstance();
                Oid oid = new Oid("1.3.6.1.5.5.2");
               
                GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
                secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);
            }
       
            return secContext.acceptSecContext(ticket, 0, ticket.length);
        } catch (GSSException e) {
            if (log.isDebugEnabled()) {
View Full Code Here
93
94
95
96
97
98
99
100
101
102
103
104
105
            final byte[] input, final Oid oid, final String authServer) throws GSSException {
        byte[] inputBuff = input;
        if (inputBuff == null) {
            inputBuff = new byte[0];
        }
        final GSSManager manager = getManager();
        final GSSName serverName = manager.createName("HTTP@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
        final GSSContext gssContext = manager.createContext(
                serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        gssContext.requestMutualAuth(true);
        gssContext.requestCredDeleg(true);
        return gssContext.initSecContext(inputBuff, 0, inputBuff.length);
    }
View Full Code Here
79
80
81
82
83
84
85
86
87
88
89
90
91
     */
    protected void init(String server) throws GSSException {
         LOG.debug("init " + server);
         /* Kerberos v5 GSS-API mechanism defined in RFC 1964. */
         Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
         GSSManager manager = GSSManager.getInstance();
         GSSName serverName = manager.createName("HTTP/"+server, null);
         context = manager.createContext(serverName, krb5Oid, null,
                                    GSSContext.DEFAULT_LIFETIME);
         context.requestMutualAuth(true);
         context.requestCredDeleg(true);
         state = INITIATED;
    }
View Full Code Here
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
                        HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
                return false;
            }
            // Assume the GSSContext is stateless
            // TODO: Confirm this assumption
            final GSSManager manager = GSSManager.getInstance();
            // IBM JDK only understands indefinite lifetime
            final int credentialLifetime;
            if (Globals.IS_IBM_JVM) {
                credentialLifetime = GSSCredential.INDEFINITE_LIFETIME;
            } else {
                credentialLifetime = GSSCredential.DEFAULT_LIFETIME;
            }
            final PrivilegedExceptionAction<GSSCredential> action =
                new PrivilegedExceptionAction<GSSCredential>() {
                    @Override
                    public GSSCredential run() throws GSSException {
                        return manager.createCredential(null,
                                credentialLifetime,
                                new Oid("1.3.6.1.5.5.2"),
                                GSSCredential.ACCEPT_ONLY);
                    }
                };
            gssContext = manager.createContext(Subject.doAs(lc.getSubject(), action));

            outToken = Subject.doAs(lc.getSubject(), new AcceptAction(gssContext, decoded));

            if (outToken == null) {
                if (log.isDebugEnabled()) {
View Full Code Here
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
                        HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
                return false;
            }
            // Assume the GSSContext is stateless
            // TODO: Confirm this assumption
            final GSSManager manager = GSSManager.getInstance();
            // IBM JDK only understands indefinite lifetime
            final int credentialLifetime;
            if (Globals.IS_IBM_JVM) {
                credentialLifetime = GSSCredential.INDEFINITE_LIFETIME;
            } else {
                credentialLifetime = GSSCredential.DEFAULT_LIFETIME;
            }
            final PrivilegedExceptionAction<GSSCredential> action =
                new PrivilegedExceptionAction<GSSCredential>() {
                    @Override
                    public GSSCredential run() throws GSSException {
                        return manager.createCredential(null,
                                credentialLifetime,
                                new Oid("1.3.6.1.5.5.2"),
                                GSSCredential.ACCEPT_ONLY);
                    }
                };
            gssContext = manager.createContext(Subject.doAs(lc.getSubject(), action));

            outToken = Subject.doAs(lc.getSubject(), new AcceptAction(gssContext, decoded));

            if (outToken == null) {
                if (log.isDebugEnabled()) {
View Full Code Here
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
        public GSSException run()
        {
            try
            {
                GSSManager manager = GSSManager.getInstance();
                GSSName clientName = manager.createName( userName, GSSName.NT_USER_NAME );
                GSSCredential clientCred = manager.createCredential( clientName,
                    8 * 3600,
                    createKerberosOid(),
                    GSSCredential.INITIATE_ONLY );

                GSSName serverName = manager.createName( serviceName + "@" + hostName, GSSName.NT_HOSTBASED_SERVICE );
                GSSContext context = manager.createContext( serverName,
                    createKerberosOid(),
                    clientCred,
                    GSSContext.DEFAULT_LIFETIME );
                context.requestMutualAuth( true );
                context.requestConf( true );
View Full Code Here
103
104
105
106
107
108
109
110
111
112
113
114
115
      return null;
    }
    byte[] token = Base64.decode(response);

    try {
      GSSManager gssManager = GSSManager.getInstance();
      GSSCredential gssCred = gssManager.createCredential(null, GSSCredential.DEFAULT_LIFETIME, SPNEGO_MECH_OID, GSSCredential.ACCEPT_ONLY);
      GSSContext gssContext = gssManager.createContext(gssCred);
      byte[] tokenForPeer = gssContext.acceptSecContext(token, 0, token.length);
      if (!gssContext.isEstablished()) {
        throw new AuthException("Couldn't establish GSS context");
      }
      if (tokenForPeer != null) {
View Full Code Here
129
130
131
132
133
134
135
136
137
138
139
140
141
    protected GSSContext createGSSContext() throws GSSException {
        boolean useKerberosOid = MessageUtils.isTrue(
            messageContext.getContextualProperty(PROPERTY_USE_KERBEROS_OID));
        Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID);

        GSSManager gssManager = GSSManager.getInstance();
       
        String spn = getCompleteServicePrincipalName();
        GSSName gssService = gssManager.createName(spn, null);
       
        return gssManager.createContext(gssService.canonicalize(oid),
                   oid, null, GSSContext.DEFAULT_LIFETIME);
    }
View Full Code Here
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
    private byte[] getToken(AuthorizationPolicy authPolicy,
                            String spn,
                            Oid oid,
                            Message message) throws GSSException,
        LoginException {
        GSSManager manager = GSSManager.getInstance();
        GSSName serverName = manager.createName(spn, null);

        GSSCredential delegatedCred =
            (GSSCredential)message.getContextualProperty(GSSCredential.class.getName());
       
        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, delegatedCred, GSSContext.DEFAULT_LIFETIME);
       
        context.requestCredDeleg(isCredDelegationRequired(message));

        // If the delegated cred is not null then we only need the context to
View Full Code Here
TOP

Related Classes of org.ietf.jgss.GSSManager

  • au.net.ocean.httpclient.auth.spnego.SPNegoCredentials$CreateGSSContextAction
  • au.net.ocean.security.auth.gss.AbstractGSSCredentials$CreateGSSContextAction
  • com.feth.play.module.pa.providers.wwwauth.negotiate.SpnegoAuthProvider
  • com.jcraft.jsch.jgss.GSSContextKrb5
  • com.massivecraft.mcore.xlib.mongodb.DBPort$GSSAPIAuthenticator
  • com.mongodb.DBPort$GSSAPIAuthenticator
  • com.ning.http.client.providers.netty.spnego.SpnegoEngine
  • com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosClientSetupAction
  • com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosServerSetupAction
  • com.xebialabs.overthere.cifs.winrm.WsmanKerberosScheme
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.