Package org.ietf.jgss

Examples of org.ietf.jgss.GSSName

453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
     * {@inheritDoc}
     */
    @Override
    public Principal authenticate(GSSContext gssContext, boolean storeCred) {
        if (gssContext.isEstablished()) {
            GSSName gssName = null;
            try {
                gssName = gssContext.getSrcName();
            } catch (GSSException e) {
                log.warn(sm.getString("realmBase.gssNameFail"), e);
            }
           
            if (gssName!= null) {
                String name = gssName.toString();
               
                if (isStripRealmForGss()) {
                    int i = name.indexOf('@');
                    if (i > 0) {
                        // Zero so we don;t leave a zero length name
View Full Code Here
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
        public GSSException run()
        {
            try
            {
                GSSManager manager = GSSManager.getInstance();
                GSSName clientName = manager.createName( userName, GSSName.NT_USER_NAME );
                GSSCredential clientCred = manager.createCredential( clientName,
                    8 * 3600,
                    createKerberosOid(),
                    GSSCredential.INITIATE_ONLY );

                GSSName serverName = manager.createName( serviceName + "@" + hostName, GSSName.NT_HOSTBASED_SERVICE );
                GSSContext context = manager.createContext( serverName,
                    createKerberosOid(),
                    clientCred,
                    GSSContext.DEFAULT_LIFETIME );
                context.requestMutualAuth( true );
View Full Code Here
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
           
            GSSContext gssContext = createGSSContext();

            Subject.doAs(serviceSubject, new ValidateServiceTicketAction(gssContext, serviceTicket));
           
            GSSName srcName = gssContext.getSrcName();
            if (srcName == null) {
                throw new NotAuthorizedException(getFaultResponse());
            }
           
            String complexUserName = srcName.toString();
           
            String simpleUserName = complexUserName;
            int index = simpleUserName.lastIndexOf('@');
            if (index > 0) {
                simpleUserName = simpleUserName.substring(0, index);
View Full Code Here
132
133
134
135
136
137
138
139
140
141
        Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID);

        GSSManager gssManager = GSSManager.getInstance();
       
        String spn = getCompleteServicePrincipalName();
        GSSName gssService = gssManager.createName(spn, null);
       
        return gssManager.createContext(gssService.canonicalize(oid),
                   oid, null, GSSContext.DEFAULT_LIFETIME);
    }
View Full Code Here
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
                            String spn,
                            Oid oid,
                            Message message) throws GSSException,
        LoginException {
        GSSManager manager = GSSManager.getInstance();
        GSSName serverName = manager.createName(spn, null);

        GSSCredential delegatedCred =
            (GSSCredential)message.getContextualProperty(GSSCredential.class.getName());
       
        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, delegatedCred, GSSContext.DEFAULT_LIFETIME);
       
        context.requestCredDeleg(isCredDelegationRequired(message));

        // If the delegated cred is not null then we only need the context to
        // immediately return a ticket based on this credential without attempting
View Full Code Here
128
129
130
131
132
133
134
135
136
137
138
139
140
141
     * @throws LoginException
     */
    private byte[] getToken(AuthorizationPolicy authPolicy, String spn, Oid oid) throws GSSException,
        LoginException {
        GSSManager manager = GSSManager.getInstance();
        GSSName serverName = manager.createName(spn, null);

        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        // TODO Do we need mutual auth. Will the code we have really work with
        // mutual auth?
        context.requestMutualAuth(true);
        // TODO Credential delegation could be a security hole if it was not
        // intended. Both settings should be configurable
View Full Code Here
266
267
268
269
270
271
272
273
274
275
276
          try {
            GSSManager gssManager = GSSManager.getInstance();
            String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
                KerberosAuthenticator.this.url.getHost());
            Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
            GSSName serviceName = gssManager.createName(servicePrincipal,
                                                        oid);
            oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
            gssContext = gssManager.createContext(serviceName, oid, null,
                                                  GSSContext.DEFAULT_LIFETIME);
            gssContext.requestCredDeleg(true);
View Full Code Here
292
293
294
295
296
297
298
299
300
301
302
        String service = conSettings.getSaslProtocol() + "@" + conSettings.getSaslServerName();
        GSSManager manager = GSSManager.getInstance();

        try
        {
            GSSName acceptorName = manager.createName(service,
                GSSName.NT_HOSTBASED_SERVICE, KRB5_OID);

            GSSContext secCtx = manager.createContext(acceptorName,
                                                      KRB5_OID,
                                                      null,
View Full Code Here
107
108
109
110
111
112
113
114
115
116
117
    public void setup() throws ProtocolException {
        log.trace("Starting");
        try {
            Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
            GSSManager manager = GSSManager.getInstance();
            GSSName serverName = manager.createName(serverNameString, null);
            context = manager.createContext(serverName,
                                            krb5Oid,
                                            null,
                                            GSSContext.DEFAULT_LIFETIME);
            context.requestMutualAuth(mutualAuth);
View Full Code Here
101
102
103
104
105
106
107
108
109
110
111
        try {
            byte[] target = csmList.mechanism_list[0].as_context_mech.target_name;

            Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
            GSSManager gssManager = GSSManager.getInstance();
            GSSName myPeer = gssManager.createName(target, null, krb5Oid);
            if (clientCreds == null) clientCreds = gssManager.createCredential(null, GSSCredential.INDEFINITE_LIFETIME, krb5Oid, GSSCredential.INITIATE_ONLY);
            GSSContext myContext = gssManager.createContext(myPeer, krb5Oid, clientCreds, GSSContext.INDEFINITE_LIFETIME);
            contextToken = myContext.initSecContext(contextToken, 0, contextToken.length);
        } catch (Exception e) {
            logger.error("Error creating Kerberos context: "+e);
View Full Code Here
TOP

Related Classes of org.ietf.jgss.GSSName

  • au.net.ocean.httpclient.auth.spnego.SPNegoCredentials
  • au.net.ocean.security.auth.gss.AbstractGSSCredentials
  • com.jcraft.jsch.jgss.GSSContextKrb5
  • com.massivecraft.mcore.xlib.mongodb.DBPort$GSSAPIAuthenticator
  • com.mongodb.DBPort$GSSAPIAuthenticator
  • com.ning.http.client.providers.netty.spnego.SpnegoEngine
  • com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosClientSetupAction
  • com.xebialabs.overthere.cifs.winrm.WsmanKerberosScheme
  • com.xebialabs.overthere.cifs.winrm.WsmanSPNegoScheme
  • CtorTests2
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.