本文整理汇总了Java中sun.security.krb5.internal.Krb5.KRB_AP_ERR_REPEAT属性的典型用法代码示例。如果您正苦于以下问题:Java Krb5.KRB_AP_ERR_REPEAT属性的具体用法?Java Krb5.KRB_AP_ERR_REPEAT怎么用?Java Krb5.KRB_AP_ERR_REPEAT使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类sun.security.krb5.internal.Krb5的用法示例。
在下文中一共展示了Krb5.KRB_AP_ERR_REPEAT属性的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: main
public static void main(String[] args)
throws Exception {
new OneKDC(null).writeJAASConf();
Context c, s;
c = Context.fromJAAS("client");
s = Context.fromJAAS("server");
c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
byte[] first = c.take(new byte[0]);
s.take(first);
s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
try {
s.take(first); // Replay the last token sent
throw new Exception("This method should fail");
} catch (GSSException gsse) {
KrbException ke = (KrbException)gsse.getCause();
if (ke.returnCode() != Krb5.KRB_AP_ERR_REPEAT) {
throw gsse;
}
}
}
示例2: main
public static void main(String[] args)
throws Exception {
new OneKDC(null);
if (args[0].equals("dfl")) {
// Store file in scratch directory
args[0] = "dfl:" + System.getProperty("user.dir") + File.separator;
System.setProperty("sun.security.krb5.rcache", args[0]);
}
Context c, s;
c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
s = Context.fromUserKtab(OneKDC.SERVER, OneKDC.KTAB, true);
c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
byte[] first = c.take(new byte[0]);
c.take(s.take(first));
s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
try {
s.take(first); // Replay the last apreq sent
throw new Exception("This method should fail");
} catch (GSSException gsse) {
gsse.printStackTrace();
KrbException ke = (KrbException)gsse.getCause();
if (ke.returnCode() != Krb5.KRB_AP_ERR_REPEAT) {
throw gsse;
}
}
}
示例3: loadAndCheck
private int loadAndCheck(Path p, AuthTimeWithHash time,
KerberosTime currTime)
throws IOException, KrbApErrException {
int missed = 0;
if (Files.isSymbolicLink(p)) {
throw new IOException("Symlink not accepted");
}
try {
Set<PosixFilePermission> perms =
Files.getPosixFilePermissions(p);
if (uid != -1 &&
(Integer)Files.getAttribute(p, "unix:uid") != uid) {
throw new IOException("Not mine");
}
if (perms.contains(PosixFilePermission.GROUP_READ) ||
perms.contains(PosixFilePermission.GROUP_WRITE) ||
perms.contains(PosixFilePermission.GROUP_EXECUTE) ||
perms.contains(PosixFilePermission.OTHERS_READ) ||
perms.contains(PosixFilePermission.OTHERS_WRITE) ||
perms.contains(PosixFilePermission.OTHERS_EXECUTE)) {
throw new IOException("Accessible by someone else");
}
} catch (UnsupportedOperationException uoe) {
// No POSIX permissions? Ignore it.
}
chan = Files.newByteChannel(p, StandardOpenOption.WRITE,
StandardOpenOption.READ);
long timeLimit = currTime.getSeconds() - readHeader(chan);
long pos = 0;
boolean seeNewButNotSame = false;
while (true) {
try {
pos = chan.position();
AuthTime a = AuthTime.readFrom(chan);
if (a instanceof AuthTimeWithHash) {
if (time.equals(a)) {
// Exact match, must be a replay
throw new KrbApErrException(Krb5.KRB_AP_ERR_REPEAT);
} else if (time.isSameIgnoresHash(a)) {
// Two different authenticators in the same second.
// Remember it
seeNewButNotSame = true;
}
} else {
if (time.isSameIgnoresHash(a)) {
// Two authenticators in the same second. Considered
// same if we haven't seen a new style version of it
if (!seeNewButNotSame) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_REPEAT);
}
}
}
if (a.ctime < timeLimit) {
missed++;
} else {
missed--;
}
} catch (BufferUnderflowException e) {
// Half-written file?
chan.position(pos);
break;
}
}
return missed;
}
示例4: loadAndCheck
private int loadAndCheck(Path p, AuthTimeWithHash time,
KerberosTime currTime)
throws IOException, KrbApErrException {
int missed = 0;
if (Files.isSymbolicLink(p)) {
throw new IOException("Symlink not accepted");
}
try {
Set<PosixFilePermission> perms =
Files.getPosixFilePermissions(p);
if (uid != -1 &&
(Integer)Files.getAttribute(p, "unix:uid") != uid) {
throw new IOException("Not mine");
}
if (perms.contains(PosixFilePermission.GROUP_READ) ||
perms.contains(PosixFilePermission.GROUP_WRITE) ||
perms.contains(PosixFilePermission.GROUP_EXECUTE) ||
perms.contains(PosixFilePermission.OTHERS_READ) ||
perms.contains(PosixFilePermission.OTHERS_WRITE) ||
perms.contains(PosixFilePermission.OTHERS_EXECUTE)) {
throw new IOException("Accessible by someone else");
}
} catch (UnsupportedOperationException uoe) {
// No POSIX permissions? Ignore it.
}
chan = Files.newByteChannel(p, StandardOpenOption.WRITE,
StandardOpenOption.READ);
long timeLimit = currTime.getSeconds() - readHeader(chan);
long pos = 0;
boolean seeNewButNotSame = false;
while (true) {
try {
pos = chan.position();
AuthTime a = AuthTime.readFrom(chan);
if (a instanceof AuthTimeWithHash) {
if (time.equals(a)) {
// Exact match, must be a replay
throw new KrbApErrException(Krb5.KRB_AP_ERR_REPEAT);
} else if (time.sameTimeDiffHash((AuthTimeWithHash)a)) {
// Two different authenticators in the same second.
// Remember it
seeNewButNotSame = true;
}
} else {
if (time.isSameIgnoresHash(a)) {
// Two authenticators in the same second. Considered
// same if we haven't seen a new style version of it
if (!seeNewButNotSame) {
throw new KrbApErrException(Krb5.KRB_AP_ERR_REPEAT);
}
}
}
if (a.ctime < timeLimit) {
missed++;
} else {
missed--;
}
} catch (BufferUnderflowException e) {
// Half-written file?
chan.position(pos);
break;
}
}
return missed;
}