Package org.apache.ws.security.kerberos

Examples of org.apache.ws.security.kerberos.KrbSession


            new Object[] { "null secret key" });
      }

      principal.setSecretKey(secretKey);

      KrbSession kerberosSession = new KrbSession(ks.getSHA1(), secretKey);
      kerberosSession.setClientPrincipalName(context.getSrcName()
          .toString());
      kerberosSession.setServerPrincipalName(context.getTargName()
          .toString());
      KrbSessionCache.getInstance().addSession(kerberosSession);

      principal.setClientPrincipalName(kerberosSession
          .getClientPrincipalName());
      principal.setServicePrincipalName(kerberosSession
          .getServerPrincipalName());

    } catch (RuntimeException e) {
      log.error(e.getMessage(), e);
      throw new WSSecurityException(3, "kerberosAcceptCtxFailed",
View Full Code Here


              principal = new KerberosTokenPrincipal(context
                  .getSrcName().toString());
              principal.setTokenElement(token);
              principal.setSessionKey(secretKey.getEncoded());
              principal.setSecretKey(secretKey);
              KrbSession kerberosSession = new KrbSession(
                  ks.getSHA1(), secretKey);
              kerberosSession.setClientPrincipalName(context
                  .getSrcName().toString());
              kerberosSession.setServerPrincipalName(context
                  .getTargName().toString());
              KrbSessionCache.getInstance().addSession(
                  kerberosSession);
              principal.setClientPrincipalName(kerberosSession
                  .getClientPrincipalName());
              principal.setServicePrincipalName(kerberosSession
                  .getServerPrincipalName());
            } else {
              secretKey = lastPrincipalFound.getSecretKey();
            }
          } catch (RuntimeException e) {
View Full Code Here

  }

  private void prepare() throws WSSecurityException {

    boolean needSession = false;
    KrbSession krbSession = null;

    krbSession = KrbSessionCache.getInstance().getCurrentSession();

    if (krbSession == null) {
      // Session is null, at client end when initiating a kerberos request.
      // This is not null, at the service end when sending the response back.
      needSession = true;
    }

    secRef = new SecurityTokenReference(document);
    strUri = (new StringBuilder()).append("STRId-").append(secRef.hashCode()).toString();
    secRef.setID(strUri);
    byte tokenData[] = null;

    if (needSession) {
      try {
        KerberosTicket tgt = getTicketGrantingTicket();
        tokenData = getServiceTicketData(servicePrincipalName);
        sessionKey = getSessionKey(tgt);
        krbSession = new KrbSession(SecurityUtil.getSHA1(tokenData), sessionKey);
        krbSession.setClientPrincipalName(user);
        krbSession.setServerPrincipalName(servicePrincipalName);
        KrbSessionCache.getInstance().addSession(krbSession);
      } catch (LoginException e) {
        throw new WSSecurityException(5, "kerberosLoginFailed",
            new Object[] { e.getMessage() });
      } catch (GSSException e) {
        throw new WSSecurityException(5, "kerberosSTReqFailed", new Object[] {
            servicePrincipalName, e.getMessage() });
      } catch (Exception e) {
        throw new WSSecurityException(5, "kerberosSTReqFailed", new Object[] {
            servicePrincipalName, e.getMessage() });
      }

      if (tokenData == null) {
        throw new WSSecurityException(5, "kerberosSTReqFailed", new Object[] {
            servicePrincipalName, "Check service principal exists in KDC" });
      }

      tokenUri = (new StringBuilder()).append("KerbTokenId-").append(tokenData.hashCode())
          .toString();
    } else {
      keyIdentifierType = WSConstants.THUMBPRINT_IDENTIFIER;
    }

    wsDocInfo = new WSDocInfo(document);
    switch (keyIdentifierType) {
    case WSConstants.BST_DIRECT_REFERENCE:
      Reference ref = new Reference(document);
      ref.setURI((new StringBuilder()).append("#").append(tokenUri).toString());
      bstToken = new KerberosSecurity(document);
      ((KerberosSecurity) bstToken).setKerberosToken(tokenData);
      ref.setValueType(bstToken.getValueType());
      secRef.setReference(ref);
      bstToken.setID(tokenUri);
      wsDocInfo.setBst(bstToken.getElement());
      break;

    case WSConstants.THUMBPRINT_IDENTIFIER:
      secRef.setKerberosIdentifierThumb(krbSession);
      sessionKey = krbSession.getSessionKey();
      break;

    default:
      throw new WSSecurityException(0, "unsupportedKeyId");
    }
View Full Code Here

    return false;
  }

  public KrbSession getKerberosSession() {
    KrbSession result = null;
    Element elem = (Element) WSSecurityUtil
        .findElement(
            element,
            "KeyIdentifier",
            "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
View Full Code Here

TOP

Related Classes of org.apache.ws.security.kerberos.KrbSession

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.