Examples of org.ietf.jgss.Oid

org.ietf.jgss.Oid
This class represents Universal Object Identifiers (Oids) and their associated operations.
Oids are hierarchically globally-interpretable identifiers used within the GSS-API framework to identify mechanisms and name formats.
The structure and encoding of Oids is defined in ISOIEC-8824 and ISOIEC-8825. For example the Oid representation of Kerberos V5 mechanism is "1.2.840.113554.1.2.2"
The GSSName name class contains public static Oid objects representing the standard name types defined in GSS-API. @author Mayank Upadhyay @version 1.10, 06/22/06 @since 1.4

        }




        private Oid createKerberosOid() throws GSSException
        {
            return new Oid( "1.2.840.113554.1.2.2" );
        }

View Full Code Here

    byte serviceTicket[] = null;
    serviceTicket = (byte[]) (byte[]) Subject.doAs(subject, new PrivilegedAction<byte[]>() {
      public byte[] run() {
        try {
          GSSManager manager = GSSManager.getInstance();
          Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
          Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1");
          GSSName serverName = manager.createName(servicePrincipalName,
              krb5PrincipalNameType);
          final GSSContext context = manager.createContext(serverName, krb5Oid, null, 0);
          byte[] token = new byte[0];
          context.requestMutualAuth(false);

View Full Code Here


    public Principal run() {
        try {
            GSSManager gssManager = GSSManager.getInstance();
        
            Oid kerberos5Oid = new Oid("1.2.840.113554.1.2.2");
            GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
            GSSCredential credentials = 
                gssManager.createCredential(
                    gssService, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.ACCEPT_ONLY
                );

View Full Code Here

     * Obtain a service ticket
     */
    public byte[] run() {
        try {
            GSSManager gssManager = GSSManager.getInstance();
            Oid oid = new Oid("1.3.6.1.5.5.2");


            GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
            secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);


            secContext.requestMutualAuth(mutualAuth);

View Full Code Here

     * Validate a service ticket
     */
    public byte[] run() {
        try {
            GSSManager gssManager = GSSManager.getInstance();
            Oid oid = new Oid("1.3.6.1.5.5.2");


            GSSName gssService = gssManager.createName(serviceName, GSSName.NT_HOSTBASED_SERVICE);
            secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);


            return secContext.acceptSecContext(ticket, 0, ticket.length);

View Full Code Here


    public byte[] run() {
        try {
            GSSManager gssManager = GSSManager.getInstance();
        
            Oid kerberos5Oid = new Oid("1.2.840.113554.1.2.2");
            GSSName gssClient = gssManager.createName(clientPrincipal.getName(), GSSName.NT_USER_NAME);
            GSSCredential credentials = 
                gssManager.createCredential(
                    gssClient, GSSCredential.DEFAULT_LIFETIME, kerberos5Oid, GSSCredential.INITIATE_ONLY
                );

View Full Code Here

    // Get mechanism count from buffer and look for Kerberos 5.
    
    int num = buff.getInt();
    
    for (int i = 0; i < num; i++) {
      Oid oid = new Oid(buff.getBytes());
      
      if (oid.equals(KRB5_MECH)) {
        log.debug("UserAuthGSS: found Kerberos 5");
        
        // Validate initial user before proceeding
        
        if (!auth.validateInitialUser(sess, user)) {
          return Boolean.FALSE;
        }


        GSSManager    mgr   = auth.getGSSManager();
        GSSCredential creds = auth.getGSSCredential(mgr);
        
        if (creds == null) {
          return Boolean.FALSE;
        }


        ctxt = mgr.createContext(creds);
        
        // Send the matching mechanism back to the client


        Buffer  b   = sess.createBuffer(SshConstants.Message.SSH_MSG_USERAUTH_INFO_REQUEST, 0);
        byte [] out = oid.getDER();


        b.putBytes(out);
        sess.writePacket(b);
        
        return null;

View Full Code Here

   * @return The Oid
   */
  
  private static Oid createOID(String rep) {
    try {
      return new Oid(rep);
    } catch (GSSException e) {
      // won't happen
      return null;
    }
  }

View Full Code Here

          GSSContext gssContext = null;
          try {
            GSSManager gssManager = GSSManager.getInstance();
            String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
                KerberosAuthenticator.this.url.getHost());
            Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
            GSSName serviceName = gssManager.createName(servicePrincipal,
                                                        oid);
            oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
            gssContext = gssManager.createContext(serviceName, oid, null,
                                                  GSSContext.DEFAULT_LIFETIME);

View Full Code Here

         * 
         * Unfortunately SPNEGO is JRE >=1.6.
         */
        
        /** Try SPNEGO by default, fall back to Kerberos later if error */
        negotiationOid  = new Oid(SPNEGO_OID);
        
        boolean tryKerberos = false;
        try{
            GSSManager manager = GSSManager.getInstance();
            GSSName serverName = manager.createName("HTTP/"+server, null); 
            context = manager.createContext(
                    serverName.canonicalize(negotiationOid), negotiationOid, null,
                    GSSContext.DEFAULT_LIFETIME);
            context.requestMutualAuth(true); 
            context.requestCredDeleg(true);
        } catch (GSSException ex){
            // BAD MECH means we are likely to be using 1.5, fall back to Kerberos MECH.
            // Rethrow any other exception.
            if (ex.getMajor() == GSSException.BAD_MECH ){
                log.debug("GSSException BAD_MECH, retry with Kerberos MECH");
                tryKerberos = true;
            } else {
                throw ex;
            }
            
        }
        if (tryKerberos){
            /* Kerberos v5 GSS-API mechanism defined in RFC 1964.*/
            log.debug("Using Kerberos MECH " + KERBEROS_OID);
            negotiationOid  = new Oid(KERBEROS_OID);
            GSSManager manager = GSSManager.getInstance();
            GSSName serverName = manager.createName("HTTP/"+server, null); 
            context = manager.createContext(
                    serverName.canonicalize(negotiationOid), negotiationOid, null,
                    GSSContext.DEFAULT_LIFETIME);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.ietf.jgss.Oid

com.jcraft.jsch.jgss.GSSContextKrb5

com.massivecraft.mcore.xlib.mongodb.DBPort$GSSAPIAuthenticator

com.mongodb.DBPort$GSSAPIAuthenticator

com.ning.http.client.providers.netty.spnego.SpnegoEngine

com.sun.enterprise.iiop.security.SecurityMechanismSelector

com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosClientSetupAction

com.sun.xml.ws.security.impl.kerberos.KerberosLogin$KerberosServerSetupAction

edu.mit.jgss.GSSCredentialImpl

edu.mit.jgss.GSSExceptionImpl

edu.mit.jgss.GSSManagerImpl

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.