Examples of org.ietf.jgss.Oid

• org.ietf.jgss.Oid
  This class represents Universal Object Identifiers (Oids) and their associated operations.

  Oids are hierarchically globally-interpretable identifiers used within the GSS-API framework to identify mechanisms and name formats.

  The structure and encoding of Oids is defined in ISOIEC-8824 and ISOIEC-8825. For example the Oid representation of Kerberos V5 mechanism is "1.2.840.113554.1.2.2"

  The GSSName name class contains public static Oid objects representing the standard name types defined in GSS-API. @author Mayank Upadhyay @version 1.10, 06/22/06 @since 1.4

    }

    public KerberosContext run() throws GSSException, WSSecurityException {
        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid("1.2.840.113554.1.2.2");
        GSSName gssClient = gssManager.createName(clientPrincipal.getName(), GSSName.NT_USER_NAME);
        GSSCredential credentials =
            gssManager.createCredential(
                gssClient, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.INITIATE_ONLY
            );

     */
    public KerberosServiceContext run() throws GSSException, WSSecurityException {

        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid(JGSS_KERBEROS_TICKET_OID);
        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
        GSSCredential credentials =
            gssManager.createCredential(
                gssService, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.ACCEPT_ONLY
            );

                new PrivilegedExceptionAction<GSSCredential>() {
                    @Override
                    public GSSCredential run() throws GSSException {
                        return manager.createCredential(null,
                                GSSCredential.DEFAULT_LIFETIME,
                                new Oid("1.3.6.1.5.5.2"),
                                GSSCredential.ACCEPT_ONLY);
                    }
                };
            gssContext = manager.createContext(Subject.doAs(lc.getSubject(), action));

        public Void run() throws Exception {
          GSSContext gssContext = null;
          try {
            GSSManager gssManager = GSSManager.getInstance();
            String servicePrincipal = "HTTP/" + KerberosAuthenticator.this.url.getHost();
            Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
            GSSName serviceName = gssManager.createName(servicePrincipal,
                                                        oid);
            oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
            gssContext = gssManager.createContext(serviceName, oid, null,
                                                  GSSContext.DEFAULT_LIFETIME);

         * mechanism to use whatever credentials it has available that can be
         * used to accept this connection.
         */
        GSSCredential serverCreds = manager.createCredential(manager
                .createName(SERVICE_NAME, null),
                GSSCredential.DEFAULT_LIFETIME, new Oid(
                        SocksProxyConstants.KERBEROS_V5_OID),
                GSSCredential.ACCEPT_ONLY);

        while (true) {
            logger.debug("Waiting for incoming connection on port {} ...",

                    .getAttribute(GSS_CONTEXT);
            if (ctx == null) {
                GSSManager manager = GSSManager.getInstance();
                GSSName serverName = manager.createName(request
                        .getServiceKerberosName(), null);
                Oid krb5OID = new Oid(SocksProxyConstants.KERBEROS_V5_OID);

                if (logger.isDebugEnabled()) {
                    logger.debug("Available mechs:");
                    for (Oid o : manager.getMechs()) {
                        if (o.equals(krb5OID)) {

        try {
            String spn = getCompleteServicePrincipalName(currentURI);

            boolean useKerberosOid = MessageUtils.isTrue(
                message.getContextualProperty(PROPERTY_USE_KERBEROS_OID));
            Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID);

            byte[] token = getToken(authPolicy, spn, oid, message);
            return HttpAuthHeader.AUTH_TYPE_NEGOTIATE + " " + Base64Utility.encode(token);
        } catch (LoginException e) {
            throw new RuntimeException(e.getMessage(), e);

            String spn = "HTTP/" + currentURL.getHost();
            LOG.fine("Adding authorization service ticket for service principal name: " + spn);

            String userKerbOidSt = (String)message.getContextualProperty(PROPERTY_USE_KERBEROS_OID);
            boolean useKerberosOid = "true".equals(userKerbOidSt);
            Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID);

            byte[] token = getToken(authPolicy, spn, oid);
            return HttpAuthHeader.AUTH_TYPE_NEGOTIATE + " " + Base64Utility.encode(token);
        } catch (LoginException e) {
            throw new RuntimeException(e.getMessage(), e);

    }

    public KerberosContext run() throws GSSException, WSSecurityException {
        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid("1.2.840.113554.1.2.2");
        GSSName gssClient = gssManager.createName(clientPrincipal.getName(), GSSName.NT_USER_NAME);
        GSSCredential credentials =
            gssManager.createCredential(
                gssClient, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.INITIATE_ONLY
            );

     */
    public KerberosServiceContext run() throws GSSException, WSSecurityException{

        GSSManager gssManager = GSSManager.getInstance();

        Oid kerberos5Oid = new Oid(JGSS_KERBEROS_TICKET_OID);
        GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
        GSSCredential credentials =
            gssManager.createCredential(
                gssService, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.ACCEPT_ONLY
            );