Examples of org.ietf.jgss.Oid

• org.ietf.jgss.Oid
  This class represents Universal Object Identifiers (Oids) and their associated operations.

  Oids are hierarchically globally-interpretable identifiers used within the GSS-API framework to identify mechanisms and name formats.

  The structure and encoding of Oids is defined in ISOIEC-8824 and ISOIEC-8825. For example the Oid representation of Kerberos V5 mechanism is "1.2.840.113554.1.2.2"

  The GSSName name class contains public static Oid objects representing the standard name types defined in GSS-API. @author Mayank Upadhyay @version 1.10, 06/22/06 @since 1.4

    }

    public static synchronized boolean isSupported() {
        if (ourIsNegotiateSupported == null) {
            try {
                Oid spnegoOid = new Oid("1.3.6.1.5.5.2");
                ourIsNegotiateSupported = Boolean.valueOf(Arrays.asList(GSSManager.getInstance().getMechs()).contains(spnegoOid));
            } catch (GSSException gsse) {
                ourIsNegotiateSupported = Boolean.FALSE;
            }
        }

        }
    }

    private void initializeContext() throws GSSException {
        if (mySpnegoOid == null) {
            mySpnegoOid = new Oid("1.3.6.1.5.5.2");
        }
        GSSName serverName = myGSSManager.createName(getServerPrincipalName(), GSSName.NT_HOSTBASED_SERVICE);
        myGSSContext = myGSSManager.createContext(serverName, mySpnegoOid, null, GSSContext.DEFAULT_LIFETIME);
    }

    public static byte[] createGSSUPMechOID() {
        // kudos to org.ietf.jgss.Oid for the Oid utility need to strip the "oid:" part of the GSSUPMechOID first.

        byte[] retval = {};
        try {
            Oid oid = new Oid(GSSUPMechOID.value.substring(4));
            retval = oid.getDER();
        } catch (GSSException e) {
            log.warn("Caught exception while encoding GSSUPMechOID", e);
        }
        return retval;
    }

     * @param server servername only (e.g: radar.it.su.se)
     */
    protected void init(String server) throws GSSException {
         LOG.debug("init " + server);
         /* Kerberos v5 GSS-API mechanism defined in RFC 1964. */
         Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
         GSSManager manager = GSSManager.getInstance();
         GSSName serverName = manager.createName("HTTP/"+server, null);
         context = manager.createContext(serverName, krb5Oid, null,
                                    GSSContext.DEFAULT_LIFETIME);
         context.requestMutualAuth(true);

                new PrivilegedExceptionAction<GSSCredential>() {
                    @Override
                    public GSSCredential run() throws GSSException {
                        return manager.createCredential(null,
                                credentialLifetime,
                                new Oid("1.3.6.1.5.5.2"),
                                GSSCredential.ACCEPT_ONLY);
                    }
                };
            gssContext = manager.createContext(Subject.doAs(lc.getSubject(), action));

     * the SPNEGO mechanism.
     *
     * @return Object Identifier of the GSS-API mechanism
     */
    private static Oid getOid() {
        Oid oid = null;
        try {
            oid = new Oid("1.3.6.1.5.5.2");
        } catch (GSSException gsse) {
            gsse.printStackTrace();
        }
        return oid;
    }

                new PrivilegedExceptionAction<GSSCredential>() {
                    @Override
                    public GSSCredential run() throws GSSException {
                        return manager.createCredential(null,
                                credentialLifetime,
                                new Oid("1.3.6.1.5.5.2"),
                                GSSCredential.ACCEPT_ONLY);
                    }
                };
            gssContext = manager.createContext(Subject.doAs(lc.getSubject(), action));

        }


        private Oid createKerberosOid() throws GSSException
        {
            return new Oid( "1.2.840.113554.1.2.2" );
        }

    }

    protected GSSContext createGSSContext() throws GSSException {
        boolean useKerberosOid = MessageUtils.isTrue(
            messageContext.getContextualProperty(PROPERTY_USE_KERBEROS_OID));
        Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID);

        GSSManager gssManager = GSSManager.getInstance();

        String spn = getCompleteServicePrincipalName();
        GSSName gssService = gssManager.createName(spn, null);

        try {
            String spn = getCompleteServicePrincipalName(currentURI);

            boolean useKerberosOid = MessageUtils.isTrue(
                message.getContextualProperty(PROPERTY_USE_KERBEROS_OID));
            Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID);

            byte[] token = getToken(authPolicy, spn, oid, message);
            return HttpAuthHeader.AUTH_TYPE_NEGOTIATE + " " + Base64Utility.encode(token);
        } catch (LoginException e) {
            throw new RuntimeException(e.getMessage(), e);