Examples of org.ietf.jgss.Oid

• org.ietf.jgss.Oid
  This class represents Universal Object Identifiers (Oids) and their associated operations.

  Oids are hierarchically globally-interpretable identifiers used within the GSS-API framework to identify mechanisms and name formats.

  The structure and encoding of Oids is defined in ISOIEC-8824 and ISOIEC-8825. For example the Oid representation of Kerberos V5 mechanism is "1.2.840.113554.1.2.2"

  The GSSName name class contains public static Oid objects representing the standard name types defined in GSS-API. @author Mayank Upadhyay @version 1.10, 06/22/06 @since 1.4

            String spn = "HTTP/" + currentURL.getHost();
            LOG.fine("Adding authorization service ticket for service principal name: " + spn);

            String userKerbOidSt = (String)message.getContextualProperty(PROPERTY_USE_KERBEROS_OID);
            boolean useKerberosOid = "true".equals(userKerbOidSt);
            Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID);

            byte[] token = getToken(authPolicy, spn, oid);
            return HttpAuthHeader.AUTH_TYPE_NEGOTIATE + " " + Base64Utility.encode(token);
        } catch (LoginException e) {
            throw new RuntimeException(e.getMessage(), e);

          GSSContext gssContext = null;
          try {
            GSSManager gssManager = GSSManager.getInstance();
            String servicePrincipal = KerberosUtil.getServicePrincipal("HTTP",
                KerberosAuthenticator.this.url.getHost());
            Oid oid = KerberosUtil.getOidInstance("NT_GSS_KRB5_PRINCIPAL");
            GSSName serviceName = gssManager.createName(servicePrincipal,
                                                        oid);
            oid = KerberosUtil.getOidInstance("GSS_KRB5_MECH_OID");
            gssContext = gssManager.createContext(serviceName, oid, null,
                                                  GSSContext.DEFAULT_LIFETIME);

    public void setup() throws ProtocolException {
        log.trace("Starting");
        try {
            Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
            GSSManager manager = GSSManager.getInstance();
            GSSName serverName = manager.createName(serverNameString, null);
            context = manager.createContext(serverName,
                                            krb5Oid,
                                            null,

                // create the security mech list
                boolean useStateful =
                    config.getAttributeAsBoolean("jacorb.security.sas.stateful", true);

                CompoundSecMech[] compoundSecMech = new CompoundSecMech[1];
                Oid oid = new Oid(sasContext.getMechOID());
                byte[] clientAuthenticationMech = oid.getDER();

                AS_ContextSec asContextSec =
                    new AS_ContextSec(sasValues.targetSupports,
                                      sasValues.targetRequires,
                                      clientAuthenticationMech,

    public GSSUPMechFactory ()
    {
        try
        {
            myMechOid = new Oid("2.23.130.1.1.1");
        }
        catch (GSSException e)
        {
            // logger.error("GSSUPMechanism: " + e);
        }

    }

    public void dispose() throws GSSException
    {
        Provider myProvider = null;
        Oid myMechOid = null;
        GSSNameSpi name = null;
    }

    public void initClient()
    {
        String principal = "";
        try
        {
            Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
            GSSManager gssManager = GSSManager.getInstance();
            clientCreds =
                gssManager.createCredential(null,
                                            GSSCredential.INDEFINITE_LIFETIME,
                                            krb5Oid,

        // generate context
        byte[] contextToken = new byte[0];
        try {
            byte[] target = csmList.mechanism_list[0].as_context_mech.target_name;

            Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
            GSSManager gssManager = GSSManager.getInstance();
            GSSName myPeer = gssManager.createName(target, null, krb5Oid);
            if (clientCreds == null) clientCreds = gssManager.createCredential(null, GSSCredential.INDEFINITE_LIFETIME, krb5Oid, GSSCredential.INITIATE_ONLY);
            GSSContext myContext = gssManager.createContext(myPeer, krb5Oid, clientCreds, GSSContext.INDEFINITE_LIFETIME);
            contextToken = myContext.initSecContext(contextToken, 0, contextToken.length);

    }

    public String getClientPrincipal() {
        String principal = "";
        try {
            Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
            GSSManager gssManager = GSSManager.getInstance();
            if (clientCreds == null) clientCreds = gssManager.createCredential(null, GSSCredential.INDEFINITE_LIFETIME, krb5Oid, GSSCredential.INITIATE_ONLY);
            principal = clientCreds.getName().toString();
        } catch (Exception e) {
            logger.error("Error getting created principal: "+e);

        return principal;
    }

    public void initTarget() {
        try {
            Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
            GSSManager gssManager = GSSManager.getInstance();
            if (targetCreds == null) targetCreds = gssManager.createCredential(null, GSSCredential.INDEFINITE_LIFETIME, krb5Oid, GSSCredential.ACCEPT_ONLY);
        } catch (GSSException e) {
            logger.warn("Error accepting Kerberos context: "+e);
        }