Examples of org.ietf.jgss.GSSManager.createContext()

org.ietf.jgss.GSSManager.createContext()
Factory method for creating a context on the initiator's side. Some mechanism providers might require that the caller be granted permission to initiate a security context. A failed permission check might cause a {@link java.lang.SecurityException SecurityException}to be thrown from this method.
Non-default values for lifetime cannot always be honored by the underlying mechanism, thus applications should be prepared to call {@link GSSContext#getLifetime() getLifetime} on the returnedcontext.
@param peer the name of the target peer. @param mech the Oid of the desired mechanism. Use nullto request the default mechanism. @param myCred the credentials of the initiator. Usenull to act as the default initiator principal. @param lifetime the lifetime, in seconds, requested for thecontext. Use {@link GSSContext#INDEFINITE_LIFETIME GSSContext.INDEFINITE_LIFETIME} to request that the context have the maximum permitted lifetime. Use {@link GSSContext#DEFAULT_LIFETIME GSSContext.DEFAULT_LIFETIME} to request a default lifetime for thecontext. @return an unestablished GSSContext @see GSSContext @throws GSSException containing the following major error codes: {@link GSSException#NO_CRED GSSException.NO_CRED}{@link GSSException#CREDENTIALS_EXPIRED GSSException.CREDENTIALS_EXPIRED}{@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE}{@link GSSException#BAD_MECH GSSException.BAD_MECH}{@link GSSException#FAILURE GSSException.FAILURE}

            if (secContext == null) {
                GSSManager gssManager = GSSManager.getInstance();
                Oid oid = new Oid("1.3.6.1.5.5.2");
                
                GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
                secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);
                
                secContext.requestMutualAuth(mutualAuth);
                secContext.requestCredDeleg(Boolean.FALSE);
            }

View Full Code Here

            if (secContext == null) {
                GSSManager gssManager = GSSManager.getInstance();
                Oid oid = new Oid("1.3.6.1.5.5.2");
                
                GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
                secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);
            }
        
            return secContext.acceptSecContext(ticket, 0, ticket.length);
        } catch (GSSException e) {
            if (log.isDebugEnabled()) {

View Full Code Here

        if (inputBuff == null) {
            inputBuff = new byte[0];
        }
        final GSSManager manager = getManager();
        final GSSName serverName = manager.createName("HTTP@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
        final GSSContext gssContext = manager.createContext(
                serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        gssContext.requestMutualAuth(true);
        gssContext.requestCredDeleg(true);
        return gssContext.initSecContext(inputBuff, 0, inputBuff.length);
    }

View Full Code Here

         LOG.debug("init " + server);
         /* Kerberos v5 GSS-API mechanism defined in RFC 1964. */
         Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
         GSSManager manager = GSSManager.getInstance();
         GSSName serverName = manager.createName("HTTP/"+server, null); 
         context = manager.createContext(serverName, krb5Oid, null,
                                    GSSContext.DEFAULT_LIFETIME);
         context.requestMutualAuth(true); 
         context.requestCredDeleg(true);
         state = INITIATED;
    }

View Full Code Here

                                credentialLifetime,
                                new Oid("1.3.6.1.5.5.2"),
                                GSSCredential.ACCEPT_ONLY);
                    }
                };
            gssContext = manager.createContext(Subject.doAs(lc.getSubject(), action));


            outToken = Subject.doAs(lc.getSubject(), new AcceptAction(gssContext, decoded));


            if (outToken == null) {
                if (log.isDebugEnabled()) {

View Full Code Here

                                credentialLifetime,
                                new Oid("1.3.6.1.5.5.2"),
                                GSSCredential.ACCEPT_ONLY);
                    }
                };
            gssContext = manager.createContext(Subject.doAs(lc.getSubject(), action));


            outToken = Subject.doAs(lc.getSubject(), new AcceptAction(gssContext, decoded));


            if (outToken == null) {
                if (log.isDebugEnabled()) {

View Full Code Here

                    8 * 3600,
                    createKerberosOid(),
                    GSSCredential.INITIATE_ONLY );


                GSSName serverName = manager.createName( serviceName + "@" + hostName, GSSName.NT_HOSTBASED_SERVICE );
                GSSContext context = manager.createContext( serverName,
                    createKerberosOid(),
                    clientCred,
                    GSSContext.DEFAULT_LIFETIME );
                context.requestMutualAuth( true );
                context.requestConf( true );

View Full Code Here

    byte[] token = Base64.decode(response);


    try {
      GSSManager gssManager = GSSManager.getInstance();
      GSSCredential gssCred = gssManager.createCredential(null, GSSCredential.DEFAULT_LIFETIME, SPNEGO_MECH_OID, GSSCredential.ACCEPT_ONLY);
      GSSContext gssContext = gssManager.createContext(gssCred);
      byte[] tokenForPeer = gssContext.acceptSecContext(token, 0, token.length);
      if (!gssContext.isEstablished()) {
        throw new AuthException("Couldn't establish GSS context");
      }
      if (tokenForPeer != null) {

View Full Code Here

        GSSManager gssManager = GSSManager.getInstance();
        
        String spn = getCompleteServicePrincipalName();
        GSSName gssService = gssManager.createName(spn, null);
        
        return gssManager.createContext(gssService.canonicalize(oid), 
                   oid, null, GSSContext.DEFAULT_LIFETIME);
    }
    
    protected Subject loginAndGetSubject() throws LoginException {

View Full Code Here

        GSSName serverName = manager.createName(spn, null);


        GSSCredential delegatedCred = 
            (GSSCredential)message.getContextualProperty(GSSCredential.class.getName());
        
        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, delegatedCred, GSSContext.DEFAULT_LIFETIME);
        
        context.requestCredDeleg(isCredDelegationRequired(message));


        // If the delegated cred is not null then we only need the context to

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.