Examples of org.ietf.jgss.GSSManager.createContext()

org.ietf.jgss.GSSManager.createContext()
Factory method for creating a context on the initiator's side. Some mechanism providers might require that the caller be granted permission to initiate a security context. A failed permission check might cause a {@link java.lang.SecurityException SecurityException}to be thrown from this method.
Non-default values for lifetime cannot always be honored by the underlying mechanism, thus applications should be prepared to call {@link GSSContext#getLifetime() getLifetime} on the returnedcontext.
@param peer the name of the target peer. @param mech the Oid of the desired mechanism. Use nullto request the default mechanism. @param myCred the credentials of the initiator. Usenull to act as the default initiator principal. @param lifetime the lifetime, in seconds, requested for thecontext. Use {@link GSSContext#INDEFINITE_LIFETIME GSSContext.INDEFINITE_LIFETIME} to request that the context have the maximum permitted lifetime. Use {@link GSSContext#DEFAULT_LIFETIME GSSContext.DEFAULT_LIFETIME} to request a default lifetime for thecontext. @return an unestablished GSSContext @see GSSContext @throws GSSException containing the following major error codes: {@link GSSException#NO_CRED GSSException.NO_CRED}{@link GSSException#CREDENTIALS_EXPIRED GSSException.CREDENTIALS_EXPIRED}{@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE}{@link GSSException#BAD_MECH GSSException.BAD_MECH}{@link GSSException#FAILURE GSSException.FAILURE}

        
        if (creds == null) {
          return Boolean.FALSE;
        }


        ctxt = mgr.createContext(creds);
        
        // Send the matching mechanism back to the client


        Buffer  b   = sess.createBuffer(SshConstants.Message.SSH_MSG_USERAUTH_INFO_REQUEST, 0);
        byte [] out = oid.getDER();

View Full Code Here

                KerberosAuthenticator.this.url.getHost());
            Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
            GSSName serviceName = gssManager.createName(servicePrincipal,
                                                        oid);
            oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
            gssContext = gssManager.createContext(serviceName, oid, null,
                                                  GSSContext.DEFAULT_LIFETIME);
            gssContext.requestCredDeleg(true);
            gssContext.requestMutualAuth(true);


            byte[] inToken = new byte[0];

View Full Code Here

        
        boolean tryKerberos = false;
        try{
            GSSManager manager = GSSManager.getInstance();
            GSSName serverName = manager.createName("HTTP/"+server, null); 
            context = manager.createContext(
                    serverName.canonicalize(negotiationOid), negotiationOid, null,
                    GSSContext.DEFAULT_LIFETIME);
            context.requestMutualAuth(true); 
            context.requestCredDeleg(true);
        } catch (GSSException ex){

View Full Code Here

            /* Kerberos v5 GSS-API mechanism defined in RFC 1964.*/
            log.debug("Using Kerberos MECH " + KERBEROS_OID);
            negotiationOid  = new Oid(KERBEROS_OID);
            GSSManager manager = GSSManager.getInstance();
            GSSName serverName = manager.createName("HTTP/"+server, null); 
            context = manager.createContext(
                    serverName.canonicalize(negotiationOid), negotiationOid, null,
                    GSSContext.DEFAULT_LIFETIME);
            context.requestMutualAuth(true); 
            context.requestCredDeleg(true);
        }

View Full Code Here

        GSSName serverName = manager.createName(spn, null);


        // TODO Is it correct to use kerberos oid instead of spnego here?
        Oid oid = new Oid(KERBEROS_OID);
        
        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        // TODO Do we need mutual auth. Will the code we have really work with
        // mutual auth?
        context.requestMutualAuth(true);
        // TODO Credential delegation could be a security hole if it was not

View Full Code Here

            }
            final Oid negotiationOid = new Oid(SPNEGO_OID);


            final GSSManager manager = GSSManager.getInstance();
            final GSSName serverName = manager.createName("HTTP@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
            final GSSContext gssContext = manager.createContext(serverName.canonicalize(negotiationOid), negotiationOid, null,
                    DEFAULT_LIFETIME);
            gssContext.requestMutualAuth(true);
            gssContext.requestCredDeleg(true);


            if (token == null) {

View Full Code Here

                    GSSContext gssContext = null;
                    try {
                        LOGGER.debug("Waiting for client connection");
                        socket = serverSocket.accept();
                        LOGGER.debug("Client connected");
                        gssContext = gssManager.createContext((GSSCredential) null);
                        final DataInputStream dataInputStream = new DataInputStream(socket.getInputStream());
                        final DataOutputStream dataOutputStream = new DataOutputStream(socket.getOutputStream());


                        command = dataInputStream.readInt();
                        LOGGER.debug("Command code: " + command);

View Full Code Here

            LOGGER.debug("Sending NAME command.");
            dos.writeInt(GSSTestConstants.CMD_NAME);
            dos.flush();


            GSSManager manager = GSSManager.getInstance();
            gssContext = manager.createContext(manager.createName(spn, null), Constants.KERBEROS_V5, gssCredential,
                    GSSContext.DEFAULT_LIFETIME);


            //            gssContext.requestCredDeleg(true);
            gssContext.requestMutualAuth(true);
            gssContext.requestConf(true);

View Full Code Here

                return false;
            }
            // Assume the GSSContext is stateless
            // TODO: Confirm this assumption
            GSSManager manager = GSSManager.getInstance();
            gssContext = manager.createContext(manager.createCredential(null,
                    GSSCredential.DEFAULT_LIFETIME,
                    new Oid("1.3.6.1.5.5.2"),
                    GSSCredential.ACCEPT_ONLY));


            outToken = gssContext.acceptSecContext(decoded.getBytes(),

View Full Code Here

        try
        {
            GSSName acceptorName = manager.createName(service,
                GSSName.NT_HOSTBASED_SERVICE, KRB5_OID);


            GSSContext secCtx = manager.createContext(acceptorName,
                                                      KRB5_OID,
                                                      null,
                                                      GSSContext.INDEFINITE_LIFETIME);


            secCtx.initSecContext(new byte[0], 0, 1);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.