Examples of GSSCredential

Examples of org.ietf.jgss.GSSCredential

472
473
474
475
476
477
478
479
480
481
482
                    if (i > 0) {
                        // Zero so we don;t leave a zero length name
                        name = name.substring(0, i);
                    }
                }
                GSSCredential gssCredential = null;
                if (storeCred && gssContext.getCredDelegState()) {
                    try {
                        gssCredential = gssContext.getDelegCred();
                    } catch (GSSException e) {
                        if (log.isDebugEnabled()) {
View Full Code Here

Examples of org.ietf.jgss.GSSCredential

85
86
87
88
89
90
91
92
93
94
95
         * Create a GSSContext to receive the incoming request from the client.
         * Use null for the server credentials passed in to tell the underlying
         * mechanism to use whatever credentials it has available that can be
         * used to accept this connection.
         */
        GSSCredential serverCreds = manager.createCredential(manager
                .createName(SERVICE_NAME, null),
                GSSCredential.DEFAULT_LIFETIME, new Oid(
                        SocksProxyConstants.KERBEROS_V5_OID),
                GSSCredential.ACCEPT_ONLY);

View Full Code Here

Examples of org.ietf.jgss.GSSCredential

330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
          @Override
          public AuthenticationToken run() throws Exception {
            AuthenticationToken token = null;
            GSSContext gssContext = null;
            GSSCredential gssCreds = null;
            try {
              gssCreds = gssManager.createCredential(
                  gssManager.createName(
                      KerberosUtil.getServicePrincipal("HTTP", serverName),
                      KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL")),
                  GSSCredential.INDEFINITE_LIFETIME,
                  new Oid[]{
                    KerberosUtil.getOidInstance("GSS_SPNEGO_MECH_OID"),
                    KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID")},
                  GSSCredential.ACCEPT_ONLY);
              gssContext = gssManager.createContext(gssCreds);
              byte[] serverToken = gssContext.acceptSecContext(clientToken, 0, clientToken.length);
              if (serverToken != null && serverToken.length > 0) {
                String authenticate = base64.encodeToString(serverToken);
                response.setHeader(KerberosAuthenticator.WWW_AUTHENTICATE,
                                   KerberosAuthenticator.NEGOTIATE + " " + authenticate);
              }
              if (!gssContext.isEstablished()) {
                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                LOG.trace("SPNEGO in progress");
              } else {
                String clientPrincipal = gssContext.getSrcName().toString();
                KerberosName kerberosName = new KerberosName(clientPrincipal);
                String userName = kerberosName.getShortName();
                token = new AuthenticationToken(userName, clientPrincipal, getType());
                response.setStatus(HttpServletResponse.SC_OK);
                LOG.trace("SPNEGO completed for principal [{}]", clientPrincipal);
              }
            } finally {
              if (gssContext != null) {
                gssContext.dispose();
              }
              if (gssCreds != null) {
                gssCreds.dispose();
              }
            }
            return token;
          }
        });
View Full Code Here

Examples of org.ietf.jgss.GSSCredential

2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
      }

      GSSName clientName = gssManager.createName(
    clientPrincipal.getName(), KerberosUtil.krb5NameType);

      GSSCredential clientCred = gssManager.createCredential(
    clientName, GSSCredential.INDEFINITE_LIFETIME,
    KerberosUtil.krb5MechOid, GSSCredential.INITIATE_ONLY);

      GSSName serverName = gssManager.createName(
    serverPrincipal.getName(), KerberosUtil.krb5NameType);
View Full Code Here

Examples of org.ietf.jgss.GSSCredential

1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
  {
      if (requestDispatcher == null)
    throw new NullPointerException("null dispatcher is passed in");

      KerberosKey serverKey;
      GSSCredential serverCred;
      try {
    // make sure that serverPrincipal is in serverSubject
    if (serverSubject != null &&
        !serverSubject.getPrincipals().contains(serverPrincipal))
    {
        throw new UnsupportedConstraintException(
      "Failed to find serverPrincipal " + serverPrincipal +
      "in serverSubject's principal set, cannot listen.");
    }

    // getKey checks AuthenticationPermission "listen"
    serverKey = getKey(serverSubject, serverPrincipal);

    if (serverKey == null) {
        throw new UnsupportedConstraintException(
      "No valid Kerberos key in the server subject for " +
      serverPrincipal + ", cannot listen.");
    }

    synchronized (classLock) {
        if (gssManager == null) {
      gssManager = GSSManager.getInstance();
        }
    }

    try {
        serverCred = (GSSCredential) Security.doPrivileged(
      new PrivilegedExceptionAction() {
        public Object run() throws GSSException {
            return KerberosUtil.getGSSCredential(
          serverSubject, serverPrincipal,
          gssManager, GSSCredential.ACCEPT_ONLY);
        }
          });
    } catch (PrivilegedActionException pe) {
        GSSException ge = (GSSException) pe.getException();
        throw new UnsupportedConstraintException(
      "Failed to get GSSCredential for server principal: " +
      serverPrincipal, ge);
    }
      } catch (UnsupportedConstraintException uce) {
    if (logger.isLoggable(Levels.FAILED)) {
        KerberosUtil.logThrow(
      logger, Levels.FAILED, this.getClass(),
      "listen", "listen for {0}\nthrows",
      new Object[] {this}, uce);
    }
    throw uce;
      } catch (SecurityException se) {
    if (logger.isLoggable(Levels.FAILED)) {
        KerberosUtil.logThrow(
      logger, Levels.FAILED, this.getClass(),
      "listen", "listen for {0}\nthrows",
      new Object[] {this}, se);
    }
    throw se;
      }

      ServerSocket serverSocket;
      boolean done = false;
      try {
    if (ssf != null) {
        serverSocket = ssf.createServerSocket(port);
        if (logger.isLoggable(Level.FINE)) {
      logger.log(Level.FINE, "created {0} using factory " +
           "{1}", new Object[]{serverSocket, ssf});
        }
    } else {
        serverSocket = new ServerSocket(port);
        logger.log(Level.FINE, "created {0}", serverSocket);
    }
    done = true;
      } finally {
    if (!done) {
        try {
      serverCred.dispose();
        } catch (GSSException e) {}
    }
      }

      ListenHandleImpl listenHandle = new ListenHandleImpl(
View Full Code Here

Examples of org.ietf.jgss.GSSCredential

62
63
64
65
66
67
68
69
70
71
72
    public KerberosContext run() throws GSSException, WSSecurityException {
        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid("1.2.840.113554.1.2.2");
        GSSName gssClient = gssManager.createName(clientPrincipal.getName(), GSSName.NT_USER_NAME);
        GSSCredential credentials =
            gssManager.createCredential(
                gssClient, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.INITIATE_ONLY
            );

        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
View Full Code Here

Examples of org.ietf.jgss.GSSCredential

72
73
74
75
76
77
78
79
80
81
82
        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid(JGSS_KERBEROS_TICKET_OID);
        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
        GSSCredential credentials =
            gssManager.createCredential(
                gssService, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.ACCEPT_ONLY
            );

        KerberosServiceContext krbServiceCtx = null;
View Full Code Here

Examples of org.ietf.jgss.GSSCredential

71
72
73
74
75
76
77
78
79
80
81
            if (!loaded) {
                return;
            }
            // Creates a secure channel in gpel.
            MyProxyClient myProxyClient = this.engine.getMyProxyClient();
            GSSCredential proxy = myProxyClient.getProxy();
            UserX509Credential credential = new UserX509Credential(
                    proxy, XBayaSecurity.getTrustedCertificates());
            try {
                workflowClient.setUserX509Credential(credential);
            } catch (WorkflowEngineException e) {
View Full Code Here

Examples of org.ietf.jgss.GSSCredential

81
82
83
84
85
86
87
88
89
90
91
                .getMyProxyServer(), this.configuration.getMyProxyPort(),
                this.configuration.getMyProxyUsername(), this.configuration
                .getMyProxyPassphrase(), this.configuration
                .getMyProxyLifetime());
        client.load();
        GSSCredential proxy = client.getProxy();
        UserX509Credential credential = new UserX509Credential(proxy,
                trustedCertificates);
        this.workflowClient = WorkflowEngineManager.getWorkflowClient(XBayaConstants.DEFAULT_GPEL_ENGINE_URL,
                credential);
View Full Code Here

Examples of org.ietf.jgss.GSSCredential

311
312
313
314
315
316
317
318
319
320
321
    public void XtestSecurity() throws WorkflowEngineException, IOException,
            GeneralSecurityException {
        boolean userCred = true;

        URI engineURL = XBayaConstants.DEFAULT_GPEL_ENGINE_URL;
        GSSCredential proxy = null;

        String trustedcerts = System.getProperty("trustedcerts");
        String certskey = System.getProperty("certskey");

        UserX509Credential credential;
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.