Package org.ietf.jgss

Examples of org.ietf.jgss.GSSName


     * @throws LoginException
     */
    private byte[] getToken(AuthorizationPolicy authPolicy, String spn, Oid oid) throws GSSException,
        LoginException {
        GSSManager manager = GSSManager.getInstance();
        GSSName serverName = manager.createName(spn, null);

        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        // TODO Do we need mutual auth. Will the code we have really work with
        // mutual auth?
        context.requestMutualAuth(true);
        // TODO Credential delegation could be a security hole if it was not
        // intended. Both settings should be configurable
View Full Code Here


     * {@inheritDoc}
     */
    @Override
    public Principal authenticate(GSSContext gssContext, boolean storeCred) {
        if (gssContext.isEstablished()) {
            GSSName gssName = null;
            try {
                gssName = gssContext.getSrcName();
            } catch (GSSException e) {
                log.warn(sm.getString("realmBase.gssNameFail"), e);
            }

            if (gssName!= null) {
                String name = gssName.toString();

                if (isStripRealmForGss()) {
                    int i = name.indexOf('@');
                    if (i > 0) {
                        // Zero so we don;t leave a zero length name
View Full Code Here

    public KerberosContext run() throws GSSException, WSSecurityException {
        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid("1.2.840.113554.1.2.2");
        GSSName gssClient = gssManager.createName(clientPrincipal.getName(), GSSName.NT_USER_NAME);
        GSSCredential credentials =
            gssManager.createCredential(
                gssClient, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.INITIATE_ONLY
            );

        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
        GSSContext secContext =
            gssManager.createContext(
                gssService, kerberos5Oid, credentials, GSSContext.DEFAULT_LIFETIME
            );
View Full Code Here

    public KerberosServiceContext run() throws GSSException, WSSecurityException{

        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid(JGSS_KERBEROS_TICKET_OID);
        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
        GSSCredential credentials =
            gssManager.createCredential(
                gssService, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.ACCEPT_ONLY
            );

        KerberosServiceContext krbServiceCtx = null;
        GSSContext secContext = null;

        try{
            secContext = gssManager.createContext(credentials);
            secContext.acceptSecContext(ticket, 0, ticket.length);

            krbServiceCtx = new KerberosServiceContext();           

            GSSName clientName = secContext.getSrcName();
            krbServiceCtx.setPrincipal(new KerberosPrincipal(clientName.toString()));

            if (!isJava5Or6 && (isOracleJavaVendor || isIBMJavaVendor)) {
                try {
                    @SuppressWarnings("rawtypes")
                    Class inquireType = Class.forName(isOracleJavaVendor ? SUN_JGSS_INQUIRE_TYPE_CLASS : IBM_JGSS_INQUIRE_TYPE_CLASS);
View Full Code Here

        public GSSException run()
        {
            try
            {
                GSSManager manager = GSSManager.getInstance();
                GSSName clientName = manager.createName( userName, GSSName.NT_USER_NAME );
                GSSCredential clientCred = manager.createCredential( clientName,
                                                               8 * 3600,
                                                               createKerberosOid(),
                                                               GSSCredential.INITIATE_ONLY );

                GSSName serverName = manager.createName( serviceName + "@" + hostName, GSSName.NT_HOSTBASED_SERVICE );
                GSSContext context = manager.createContext( serverName,
                                                      createKerberosOid(),
                                                      clientCred,
                                                      GSSContext.DEFAULT_LIFETIME );
                context.requestMutualAuth( true );
View Full Code Here

      public byte[] run() {
        try {
          GSSManager manager = GSSManager.getInstance();
          Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
          Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1");
          GSSName serverName = manager.createName(servicePrincipalName,
              krb5PrincipalNameType);
          final GSSContext context = manager.createContext(serverName, krb5Oid, null, 0);
          byte[] token = new byte[0];
          context.requestMutualAuth(false);
          context.requestCredDeleg(false);
View Full Code Here

        String service = conSettings.getSaslProtocol() + "@" + conSettings.getSaslServerName();
        GSSManager manager = GSSManager.getInstance();

        try
        {
            GSSName acceptorName = manager.createName(service,
                GSSName.NT_HOSTBASED_SERVICE, KRB5_OID);

            GSSContext secCtx = manager.createContext(acceptorName,
                                                      KRB5_OID,
                                                      null,
View Full Code Here

        if (SyncResources.LOGIN_MODE_LOGIN_PASSWORD.equals(getResources().getLoginMode())) {
            subject = service.authenticate(getResources().getLogin(), getResources().getPassword());
        } else {
            GSSManager manager = GSSManager.getInstance();
            GSSCredential clientCred = manager.createCredential(GSSCredential.INITIATE_ONLY);
            GSSName peerName = manager.createName("WFServer", null);
            GSSContext context = manager.createContext(peerName, (Oid) null, clientCred, GSSContext.DEFAULT_LIFETIME);
            context.requestMutualAuth(false);

            byte[] token = new byte[0];
            token = context.initSecContext(token, 0, token.length);
View Full Code Here

        if (SyncResources.LOGIN_MODE_LOGIN_PASSWORD.equals(getResources().getLoginMode())) {
            subject = service.authenticate(getResources().getLogin(), getResources().getPassword());
        } else {
            GSSManager manager = GSSManager.getInstance();
            GSSCredential clientCred = manager.createCredential(GSSCredential.INITIATE_ONLY);
            GSSName peerName = manager.createName("WFServer", null);
            GSSContext context = manager.createContext(peerName, (Oid) null, clientCred, GSSContext.DEFAULT_LIFETIME);
            context.requestMutualAuth(false);

            byte[] token = new byte[0];
            token = context.initSecContext(token, 0, token.length);
View Full Code Here

        byte[] token = input;
        if (token == null) {
            token = new byte[0];
        }
        final GSSManager manager = getManager();
        final GSSName serverName = manager.createName("HTTP@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
        final GSSContext gssContext = manager.createContext(
                serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        gssContext.requestMutualAuth(true);
        gssContext.requestCredDeleg(true);
        return gssContext.initSecContext(token, 0, token.length);
    }
View Full Code Here

TOP

Related Classes of org.ietf.jgss.GSSName

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.