Examples of org.ietf.jgss.Oid

• org.ietf.jgss.Oid
  This class represents Universal Object Identifiers (Oids) and their associated operations.

  Oids are hierarchically globally-interpretable identifiers used within the GSS-API framework to identify mechanisms and name formats.

  The structure and encoding of Oids is defined in ISOIEC-8824 and ISOIEC-8825. For example the Oid representation of Kerberos V5 mechanism is "1.2.840.113554.1.2.2"

  The GSSName name class contains public static Oid objects representing the standard name types defined in GSS-API. @author Mayank Upadhyay @version 1.10, 06/22/06 @since 1.4

        LoginException {
        GSSManager manager = GSSManager.getInstance();
        GSSName serverName = manager.createName(spn, null);

        // TODO Is it correct to use kerberos oid instead of spnego here?
        Oid oid = new Oid(KERBEROS_OID);

        GSSContext context = manager
                .createContext(serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
        // TODO Do we need mutual auth. Will the code we have really work with
        // mutual auth?

  private GSSManager gssManager;

  public void testGetMechs() throws Exception{
    Oid[] mechs = gssManager.getMechs();
    Oid kerberosMech = new Oid("1.2.840.113554.1.2.2");
    Oid[] expectedMechs = new Oid[]{kerberosMech};
    assertTrue(Arrays.equals(expectedMechs, mechs));
  }

    Oid[] expectedMechs = new Oid[]{kerberosMech};
    assertTrue(Arrays.equals(expectedMechs, mechs));
  }

  public void testGetMechsForName() throws Exception {
    Oid nameType = GSSName.NT_ANONYMOUS;
    Oid[] mechs = gssManager.getMechsForName(nameType);
    assertEquals(0, mechs.length);

    nameType = GSSName.NT_MACHINE_UID_NAME;
    mechs = gssManager.getMechsForName(nameType);
    assertEquals(0, mechs.length);

    nameType = GSSName.NT_STRING_UID_NAME;
    mechs = gssManager.getMechsForName(nameType);
    assertEquals(0, mechs.length);

    nameType = GSSName.NT_USER_NAME;
    mechs = gssManager.getMechsForName(nameType);
    Oid kerberosMech = new Oid("1.2.840.113554.1.2.2");
    Oid[] expectedMechs = new Oid[] { kerberosMech };
    assertTrue(Arrays.equals(expectedMechs, mechs));

    nameType = GSSName.NT_HOSTBASED_SERVICE;
    mechs = gssManager.getMechsForName(nameType);

    mechs = gssManager.getMechsForName(nameType);
    assertTrue(Arrays.equals(expectedMechs, mechs));
  }

  public void testGetNamesForMech() throws Exception {
    Oid kerberosMech = new Oid("1.2.840.113554.1.2.2");
    Oid[] nameTypes = gssManager.getNamesForMech(kerberosMech);
    Oid[] expectedNameTypes = new Oid[] { GSSName.NT_USER_NAME,
        GSSName.NT_HOSTBASED_SERVICE, GSSName.NT_EXPORT_NAME,
        KerberosUtils.KRB5_PRINCIPAL_NAMETYPE };
    assertEquals(expectedNameTypes.length, nameTypes.length);

    gssName = gssManager.createName("service@host",
        GSSName.NT_HOSTBASED_SERVICE);
    assertEquals(GSSName.NT_HOSTBASED_SERVICE, gssName.getStringNameType());

    final Oid kerberosPrincipalOid = new Oid("1.2.840.113554.1.2.2.1");
    gssName = gssManager.createName("kerberosPrincipal",
        kerberosPrincipalOid);
    assertEquals(kerberosPrincipalOid, gssName.getStringNameType());

    byte[] encoded = new byte[] { 4, 1, 0, 11, 6, 9, 42, -122, 72, -122,

    public static byte[] createGSSUPMechOID() {
        // kudos to org.ietf.jgss.Oid for the Oid utility need to strip the "oid:" part of the GSSUPMechOID first.

        byte[] retval = {};
        try {
            Oid oid = new Oid(GSSUPMechOID.value.substring(4));
            retval = oid.getDER();
        } catch (GSSException e) {
            JacORBLogger.ROOT_LOGGER.caughtExceptionEncodingGSSUPMechOID(e);
        }
        return retval;
    }

            }

            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("init " + authServer);
            }
            final Oid negotiationOid = new Oid(SPNEGO_OID);

            final GSSManager manager = GSSManager.getInstance();
            final GSSName serverName = manager.createName("HTTP@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
            final GSSContext gssContext = manager.createContext(serverName.canonicalize(negotiationOid), negotiationOid, null,
                    DEFAULT_LIFETIME);

            // Assume the GSSContext is stateless
            // TODO: Confirm this assumption
            GSSManager manager = GSSManager.getInstance();
            gssContext = manager.createContext(manager.createCredential(null,
                    GSSCredential.DEFAULT_LIFETIME,
                    new Oid("1.3.6.1.5.5.2"),
                    GSSCredential.ACCEPT_ONLY));

            outToken = gssContext.acceptSecContext(decoded.getBytes(),
                    decoded.getOffset(), decoded.getLength());

                            b.append("\n\t\t\t" + assocOptions.get(j));
                        }
                    }
                    try {
                        if (asContext.client_authentication_mech.length > 0) {
                            Oid oid = new Oid(asContext.client_authentication_mech);
                            b.append("\n\t\tclient_auth_mech_OID:" + oid);
                        } else {
                            b.append("\n\t\tclient_auth_mech_OID: undefined");
                        }
                    } catch (Exception e) {
                        b.append("\n\t\tclient_auth_mech_OID: (invalid)" + e.getMessage());
                    } finally {
                        b.append("\n\t\ttarget_name:" + new String(asContext.target_name));
                    }
                }

                SAS_ContextSec sasContext = m.sas_context_mech;
                if (sasContext != null) {
                    b.append("\n\tSAS_ContextSec\n\t\tTarget Requires:");
                    keys = assocOptions.keys();
                    while (keys.hasMoreElements()) {
                        Integer j = keys.nextElement();
                        if (isSet(sasContext.target_requires, j.intValue())) {
                            b.append("\n\t\t\t" + assocOptions.get(j));
                        }
                    }
                    b.append("\n\t\tTarget Supports:");
                    keys = assocOptions.keys();
                    while (keys.hasMoreElements()) {
                        Integer j = keys.nextElement();
                        if (isSet(sasContext.target_supports, j.intValue())) {
                            b.append("\n\t\t\t" + assocOptions.get(j));
                        }
                    }
                    b.append("\n\t\tprivilege authorities:" + Arrays.toString(sasContext.privilege_authorities));
                    byte[][] nameTypes = sasContext.supported_naming_mechanisms;
                    for (int j = 0; j < nameTypes.length; j++) {
                        try {
                            if (nameTypes[j].length > 0) {
                                Oid oid = new Oid(nameTypes[j]);
                                b.append("\n\t\tSupported Naming Mechanim[" + j + "]: " + oid);
                            } else {
                                b.append("\n\t\tSupported Naming Mechanim[" + j + "]:  undefined");
                            }
                        } catch (Exception e) {

        if (ctx == null) {
            // first step in the authentication process
            GSSManager manager = GSSManager.getInstance();
            GSSName serverName = manager.createName(request
                    .getServiceKerberosName(), null);
            Oid krb5OID = new Oid(SocksProxyConstants.KERBEROS_V5_OID);

            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("Available mechs:");
                for (Oid o : manager.getMechs()) {
                    if (o.equals(krb5OID)) {