本文整理汇总了Java中org.ietf.jgss.GSSName类的典型用法代码示例。如果您正苦于以下问题:Java GSSName类的具体用法?Java GSSName怎么用?Java GSSName使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
GSSName类属于org.ietf.jgss包,在下文中一共展示了GSSName类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: startAsClient
import org.ietf.jgss.GSSName; //导入依赖的package包/类
/**
* Starts as a client
* @param target communication peer
* @param mech GSS mech
* @throws java.lang.Exception
*/
public void startAsClient(final String target, final Oid mech) throws Exception {
doAs(new Action() {
@Override
public byte[] run(Context me, byte[] dummy) throws Exception {
GSSManager m = GSSManager.getInstance();
me.x = (ExtendedGSSContext)m.createContext(
target.indexOf('@') < 0 ?
m.createName(target, null) :
m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
mech,
cred,
GSSContext.DEFAULT_LIFETIME);
return null;
}
}, null);
}
示例2: xRealmAuth
import org.ietf.jgss.GSSName; //导入依赖的package包/类
static void xRealmAuth() throws Exception {
Security.setProperty("auth.login.defaultCallbackHandler", "CrossRealm");
System.setProperty("java.security.auth.login.config", "jaas-localkdc.conf");
System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
FileOutputStream fos = new FileOutputStream("jaas-localkdc.conf");
fos.write(("com.sun.security.jgss.krb5.initiate {\n" +
" com.sun.security.auth.module.Krb5LoginModule\n" +
" required\n" +
" principal=dummy\n" +
" doNotPrompt=false\n" +
" useTicketCache=false\n" +
" ;\n" +
"};").getBytes());
fos.close();
GSSManager m = GSSManager.getInstance();
m.createContext(
m.createName("[email protected]", GSSName.NT_HOSTBASED_SERVICE),
GSSUtil.GSS_KRB5_MECH_OID,
null,
GSSContext.DEFAULT_LIFETIME).initSecContext(new byte[0], 0, 0);
}
示例3: startAsServer
import org.ietf.jgss.GSSName; //导入依赖的package包/类
/**
* Starts as a server with the specified service name
* @param name the service name
* @param mech GSS mech
* @throws java.lang.Exception
*/
public void startAsServer(final String name, final Oid mech, final boolean asInitiator) throws Exception {
doAs(new Action() {
@Override
public byte[] run(Context me, byte[] dummy) throws Exception {
GSSManager m = GSSManager.getInstance();
me.cred = m.createCredential(
name == null ? null :
(name.indexOf('@') < 0 ?
m.createName(name, null) :
m.createName(name, GSSName.NT_HOSTBASED_SERVICE)),
GSSCredential.INDEFINITE_LIFETIME,
mech,
asInitiator?
GSSCredential.INITIATE_AND_ACCEPT:
GSSCredential.ACCEPT_ONLY);
me.x = (ExtendedGSSContext)m.createContext(me.cred);
return null;
}
}, null);
}
示例4: authenticate
import org.ietf.jgss.GSSName; //导入依赖的package包/类
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
Principal authenticatedUser = super.authenticate(gssContext, storeCreds);
return filterLockedAccounts(username, authenticatedUser);
}
// Fail in all other cases
return null;
}
示例5: getOidForType
import org.ietf.jgss.GSSName; //导入依赖的package包/类
private Oid getOidForType(
String type ) {
if ("NT_USER_NAME".equals(type)) {
return GSSName.NT_USER_NAME;
} else if ("NT_HOSTBASED_SERVICE".equals(type)) {
return GSSName.NT_HOSTBASED_SERVICE;
} else if ("NT_MACHINE_UID_NAME".equals(type)) {
return GSSName.NT_MACHINE_UID_NAME;
} else if ("NT_STRING_UID_NAME".equals(type)) {
return GSSName.NT_STRING_UID_NAME;
} else if ("NT_ANONYMOUS".equals(type)) {
return GSSName.NT_ANONYMOUS;
} else if ("NT_EXPORT_NAME".equals(type)) {
return GSSName.NT_EXPORT_NAME;
}
return GSSName.NT_USER_NAME;
}
示例6: generateGSSToken
import org.ietf.jgss.GSSName; //导入依赖的package包/类
protected byte[] generateGSSToken(
final byte[] input,
final Oid oid ) throws GSSException {
byte[] token = input;
if (token == null) {
token = new byte[0];
}
GSSManager manager = getManager();
GSSName serverName = manager.createName(servicePrincipalName, servicePrincipalOid);
GSSContext gssContext = manager.createContext(serverName.canonicalize(oid),
oid,
null,
GSSContext.DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
// Get client to login if not already done
return gssClient.negotiate(gssContext, token);
}
示例7: startAsClient
import org.ietf.jgss.GSSName; //导入依赖的package包/类
/**
* Starts as a client
* @param target communication peer
* @param mech GSS mech
* @throws java.lang.Exception
*/
public void startAsClient(final String target, final Oid mech) throws Exception {
doAs(new Action() {
@Override
public byte[] run(Context me, byte[] dummy) throws Exception {
GSSManager m = GSSManager.getInstance();
me.x = m.createContext(
target.indexOf('@') < 0 ?
m.createName(target, null) :
m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
mech,
cred,
GSSContext.DEFAULT_LIFETIME);
return null;
}
}, null);
}
示例8: startAsServer
import org.ietf.jgss.GSSName; //导入依赖的package包/类
/**
* Starts as a server with the specified service name
* @param name the service name
* @param mech GSS mech
* @throws java.lang.Exception
*/
public void startAsServer(final String name, final Oid mech, final boolean asInitiator) throws Exception {
doAs(new Action() {
@Override
public byte[] run(Context me, byte[] dummy) throws Exception {
GSSManager m = GSSManager.getInstance();
me.cred = m.createCredential(
name == null ? null :
(name.indexOf('@') < 0 ?
m.createName(name, null) :
m.createName(name, GSSName.NT_HOSTBASED_SERVICE)),
GSSCredential.INDEFINITE_LIFETIME,
mech,
asInitiator?
GSSCredential.INITIATE_AND_ACCEPT:
GSSCredential.ACCEPT_ONLY);
me.x = m.createContext(me.cred);
return null;
}
}, null);
}
示例9: authenticate
import org.ietf.jgss.GSSName; //导入依赖的package包/类
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
Principal authenticatedUser = super.authenticate(gssContext, storeCreds);
return filterLockedAccounts(username, authenticatedUser);
}
// Fail in all other cases
return null;
}
示例10: generateGSSToken
import org.ietf.jgss.GSSName; //导入依赖的package包/类
/**
* @since 4.4
*/
protected byte[] generateGSSToken(
final byte[] input, final Oid oid, final String authServer,
final Credentials credentials) throws GSSException {
byte[] inputBuff = input;
if (inputBuff == null) {
inputBuff = new byte[0];
}
final GSSManager manager = getManager();
final GSSName serverName = manager.createName(service + "@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
final GSSCredential gssCredential;
if (credentials instanceof KerberosCredentials) {
gssCredential = ((KerberosCredentials) credentials).getGSSCredential();
} else {
gssCredential = null;
}
final GSSContext gssContext = manager.createContext(
serverName.canonicalize(oid), oid, gssCredential, GSSContext.DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
return gssContext.initSecContext(inputBuff, 0, inputBuff.length);
}
示例11: initiateSecurityContext
import org.ietf.jgss.GSSName; //导入依赖的package包/类
private void initiateSecurityContext( String servicePrincipalName)
throws GSSException {
GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName( servicePrincipalName,
GSSName.NT_HOSTBASED_SERVICE);
final GSSContext context = manager.createContext( serverName, krb5Oid, null,
GSSContext.DEFAULT_LIFETIME);
// The GSS context initiation has to be performed as a privileged action.
this.serviceTicket = Subject.doAs( subject, new PrivilegedAction<byte[]>() {
public byte[] run() {
try {
byte[] token = new byte[0];
// This is a one pass context initialisation.
context.requestMutualAuth( false);
context.requestCredDeleg( false);
return context.initSecContext( token, 0, token.length);
}
catch ( GSSException e) {
e.printStackTrace();
return null;
}
}
});
}
示例12: getUsernameFromGSSContext
import org.ietf.jgss.GSSName; //导入依赖的package包/类
private static String getUsernameFromGSSContext(final GSSContext gssContext, final boolean strip, final ESLogger logger) {
if (gssContext.isEstablished()) {
GSSName gssName = null;
try {
gssName = gssContext.getSrcName();
} catch (final GSSException e) {
logger.error("Unable to get src name from gss context", e);
}
if (gssName != null) {
String name = gssName.toString();
return stripRealmName(name, strip);
}
}
return null;
}
示例13: initGSS
import org.ietf.jgss.GSSName; //导入依赖的package包/类
GSSContext initGSS() throws Exception {
final GSSManager MANAGER = GSSManager.getInstance();
final PrivilegedExceptionAction<GSSCredential> action = new PrivilegedExceptionAction<GSSCredential>() {
@Override
public GSSCredential run() throws GSSException {
return MANAGER.createCredential(null, GSSCredential.DEFAULT_LIFETIME, KrbConstants.SPNEGO, GSSCredential.INITIATE_ONLY);
}
};
final GSSCredential clientcreds = Subject.doAs(initiatorSubject, action);
final GSSContext context = MANAGER.createContext(MANAGER.createName(acceptorPrincipal, GSSName.NT_USER_NAME, KrbConstants.SPNEGO),
KrbConstants.SPNEGO, clientcreds, GSSContext.DEFAULT_LIFETIME);
//TODO make configurable
context.requestMutualAuth(true);
context.requestConf(true);
context.requestInteg(true);
context.requestReplayDet(true);
context.requestSequenceDet(true);
context.requestCredDeleg(false);
return context;
}
示例14: impersonate
import org.ietf.jgss.GSSName; //导入依赖的package包/类
public Context impersonate(final String someone) throws Exception {
try {
GSSCredential creds = Subject.doAs(s, new PrivilegedExceptionAction<GSSCredential>() {
@Override
public GSSCredential run() throws Exception {
GSSManager m = GSSManager.getInstance();
GSSName other = m.createName(someone, GSSName.NT_USER_NAME);
if (Context.this.cred == null) {
Context.this.cred = m.createCredential(GSSCredential.INITIATE_ONLY);
}
return ((ExtendedGSSCredential)Context.this.cred).impersonate(other);
}
});
Context out = new Context();
out.s = s;
out.cred = creds;
out.name = name + " as " + out.cred.getName().toString();
return out;
} catch (PrivilegedActionException pae) {
throw pae.getException();
}
}
示例15: run
import org.ietf.jgss.GSSName; //导入依赖的package包/类
public byte[] run() {
try {
GSSManager gssManager = GSSManager.getInstance();
Oid kerberos5Oid = new Oid(KERBEROS_OID);
GSSCredential credentials = this.delegatedCredential;
GSSName gssService = gssManager.createName(this.serviceName, GSSName.NT_HOSTBASED_SERVICE);
GSSContext secContext = gssManager.createContext(gssService, kerberos5Oid, credentials,
GSSContext.DEFAULT_LIFETIME);
secContext.requestMutualAuth(false);
byte[] token = new byte[0];
byte[] returnedToken = secContext.initSecContext(token, 0, token.length);
secContext.dispose();
return returnedToken;
} catch (GSSException e) {
if (LogManager.isMessageToBeRecorded(LogConstants.CTX_WS, MessageLevel.DETAIL)) {
LogManager.logDetail(LogConstants.CTX_WS, "Error in obtaining a Kerberos token"); //$NON-NLS-1$
}
}
return null;
}