Examples of org.ietf.jgss.GSSManager.createContext()

org.ietf.jgss.GSSManager.createContext()
Factory method for creating a context on the initiator's side. Some mechanism providers might require that the caller be granted permission to initiate a security context. A failed permission check might cause a {@link java.lang.SecurityException SecurityException}to be thrown from this method.
Non-default values for lifetime cannot always be honored by the underlying mechanism, thus applications should be prepared to call {@link GSSContext#getLifetime() getLifetime} on the returnedcontext.
@param peer the name of the target peer. @param mech the Oid of the desired mechanism. Use nullto request the default mechanism. @param myCred the credentials of the initiator. Usenull to act as the default initiator principal. @param lifetime the lifetime, in seconds, requested for thecontext. Use {@link GSSContext#INDEFINITE_LIFETIME GSSContext.INDEFINITE_LIFETIME} to request that the context have the maximum permitted lifetime. Use {@link GSSContext#DEFAULT_LIFETIME GSSContext.DEFAULT_LIFETIME} to request a default lifetime for thecontext. @return an unestablished GSSContext @see GSSContext @throws GSSException containing the following major error codes: {@link GSSException#NO_CRED GSSException.NO_CRED}{@link GSSException#CREDENTIALS_EXPIRED GSSException.CREDENTIALS_EXPIRED}{@link GSSException#BAD_NAMETYPE GSSException.BAD_NAMETYPE}{@link GSSException#BAD_MECH GSSException.BAD_MECH}{@link GSSException#FAILURE GSSException.FAILURE}

    private byte[] getToken(AuthorizationPolicy authPolicy, String spn, Oid oid) throws GSSException, 
        LoginException {
        GSSManager manager = GSSManager.getInstance();
        GSSName serverName = manager.createName(spn, null);


        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        // TODO Do we need mutual auth. Will the code we have really work with
        // mutual auth?
        context.requestMutualAuth(true);
        // TODO Credential delegation could be a security hole if it was not

View Full Code Here

                KerberosAuthenticator.this.url.getHost());
            Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
            GSSName serviceName = gssManager.createName(servicePrincipal,
                                                        oid);
            oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
            gssContext = gssManager.createContext(serviceName, oid, null,
                                                  GSSContext.DEFAULT_LIFETIME);
            gssContext.requestCredDeleg(true);
            gssContext.requestMutualAuth(true);


            byte[] inToken = new byte[0];

View Full Code Here

        try
        {
            GSSName acceptorName = manager.createName(service,
                GSSName.NT_HOSTBASED_SERVICE, KRB5_OID);


            GSSContext secCtx = manager.createContext(acceptorName,
                                                      KRB5_OID,
                                                      null,
                                                      GSSContext.INDEFINITE_LIFETIME);


            secCtx.initSecContext(new byte[0], 0, 1);

View Full Code Here

        log.trace("Starting");
        try {
            Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
            GSSManager manager = GSSManager.getInstance();
            GSSName serverName = manager.createName(serverNameString, null);
            context = manager.createContext(serverName,
                                            krb5Oid,
                                            null,
                                            GSSContext.DEFAULT_LIFETIME);
            context.requestMutualAuth(mutualAuth);
            context.requestConf(confidential);

View Full Code Here

        GSSAPIServerProtocol result = (GSSAPIServerProtocol) super.clone();


        result.startupLatch = new Latch();
        try {
            GSSManager manager = GSSManager.getInstance();
            result.context = manager.createContext((GSSCredential) null);
            result.context.requestMutualAuth(mutualAuth);
            result.context.requestConf(confidential);
            result.context.requestInteg(integrity);
            result.context.requestCredDeleg(true);
        } catch (GSSException e) {

View Full Code Here


            Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
            GSSManager gssManager = GSSManager.getInstance();
            GSSName myPeer = gssManager.createName(target, null, krb5Oid);
            if (clientCreds == null) clientCreds = gssManager.createCredential(null, GSSCredential.INDEFINITE_LIFETIME, krb5Oid, GSSCredential.INITIATE_ONLY);
            GSSContext myContext = gssManager.createContext(myPeer, krb5Oid, clientCreds, GSSContext.INDEFINITE_LIFETIME);
            contextToken = myContext.initSecContext(contextToken, 0, contextToken.length);
        } catch (Exception e) {
            logger.error("Error creating Kerberos context: "+e);
        }
        return contextToken;

View Full Code Here


        try {
            Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
            GSSManager gssManager = GSSManager.getInstance();
            if (targetCreds == null) targetCreds = gssManager.createCredential(null, GSSCredential.INDEFINITE_LIFETIME, krb5Oid, GSSCredential.ACCEPT_ONLY);
            validatedContext = gssManager.createContext(targetCreds);
            token = validatedContext.acceptSecContext(contextToken, 0, contextToken.length);
        } catch (GSSException e) {
            logger.error("Error accepting Kerberos context: "+e);
        }
        if (token == null) {

View Full Code Here

            GSSContext gssContext = (GSSContext) schemeContext;
            if (gssContext == null)
            {
               log.debug("Creating new GSSContext.");
               GSSManager manager = GSSManager.getInstance();
               gssContext = manager.createContext((GSSCredential) null);


               negotiationContext.setSchemeContext(gssContext);
            }


            if (gssContext.isEstablished())

View Full Code Here

            @Override
            public Void run() throws Exception {
                GSSManager gssManager = GSSManager.getInstance();
                GSSName serverName = gssManager.createName("HTTP/" + DefaultServer.getDefaultServerAddress().getHostString(), null);


                GSSContext context = gssManager.createContext(serverName, SPNEGO, null, GSSContext.DEFAULT_LIFETIME);


                byte[] token = new byte[0];


                boolean gotOur200 = false;
                while (!context.isEstablished()) {

View Full Code Here

      }
    };


    final GSSCredential clientcreds = Subject.doAs(subject, action);


    final GSSContext context = MANAGER.createContext(MANAGER.createName(
        "HTTP@" + url.getHost(), GSSName.NT_HOSTBASED_SERVICE, new Oid(
            "1.3.6.1.5.5.2")), new Oid("1.3.6.1.5.5.2"),
            clientcreds, GSSContext.DEFAULT_LIFETIME);


    context.requestMutualAuth(true);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.