本文整理汇总了Java中org.ietf.jgss.GSSContext.getCredDelegState方法的典型用法代码示例。如果您正苦于以下问题:Java GSSContext.getCredDelegState方法的具体用法?Java GSSContext.getCredDelegState怎么用?Java GSSContext.getCredDelegState使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.ietf.jgss.GSSContext
的用法示例。
在下文中一共展示了GSSContext.getCredDelegState方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: processIdentity
import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
private void processIdentity(GSSContext gssContext) throws GSSException, Exception
{
setIdentity(createIdentity(gssContext.getSrcName().toString()));
if (DEBUG)
{
log.debug("context.getCredDelegState() = " + gssContext.getCredDelegState());
log.debug("context.getMutualAuthState() = " + gssContext.getMutualAuthState());
log.debug("context.getSrcName() = " + gssContext.getSrcName().toString());
}
if (gssContext.getCredDelegState()) {
delegatedCredential = gssContext.getDelegCred();
}
negotiationContext.setAuthenticationMethod(SPNEGO);
negotiationContext.setAuthenticated(true);
}
示例2: buildGSSResult
import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
private GSSResult buildGSSResult(NegotiationContext context, String securityDomain) throws LoginException {
if (context.getResponseMessage() instanceof KerberosMessage) {
try {
KerberosMessage km = (KerberosMessage)context.getResponseMessage();
GSSContext securityContext = (GSSContext) context.getSchemeContext();
return new GSSResult(km.getToken(), context.isAuthenticated(), securityContext.getCredDelegState()?securityContext.getDelegCred():null);
} catch (GSSException e) {
// login exception can not take exception
throw new LoginException(e.getMessage());
}
}
throw new LoginException(IntegrationPlugin.Util.gs(IntegrationPlugin.Event.TEIID50103, securityDomain));
}
示例3: go
import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
void go(
boolean forwardable,
boolean requestDelegState,
boolean requestDelegPolicyState,
boolean delegState,
boolean delegPolicyState,
boolean delegated
) throws Exception {
OneKDC kdc = new OneKDC(null);
kdc.setOption(KDC.Option.OK_AS_DELEGATE,
System.getProperty("test.kdc.policy.ok-as-delegate"));
kdc.writeJAASConf();
if (!forwardable) {
// The default OneKDC always includes "forwardable = true"
// in krb5.conf, override it.
KDC.saveConfig(OneKDC.KRB5_CONF, kdc,
"default_keytab_name = " + OneKDC.KTAB);
Config.refresh();
}
Context c, s;
c = Context.fromJAAS("client");
s = Context.fromJAAS("com.sun.security.jgss.krb5.accept");
Oid mech = GSSUtil.GSS_KRB5_MECH_OID;
if (System.getProperty("test.spnego") != null) {
mech = GSSUtil.GSS_SPNEGO_MECH_OID;
}
c.startAsClient(OneKDC.SERVER, mech);
ExtendedGSSContext cx = (ExtendedGSSContext)c.x();
cx.requestCredDeleg(requestDelegState);
cx.requestDelegPolicy(requestDelegPolicyState);
s.startAsServer(mech);
GSSContext sx = s.x();
Context.handshake(c, s);
if (cx.getCredDelegState() != delegState) {
throw new Exception("Initiator cred state error");
}
if (sx.getCredDelegState() != delegState) {
throw new Exception("Acceptor cred state error");
}
if (cx.getDelegPolicyState() != delegPolicyState) {
throw new Exception("Initiator cred policy state error");
}
GSSCredential cred = null;
try {
cred = s.x().getDelegCred();
} catch (GSSException e) {
// leave cred as null
}
if (delegated != (cred != null)) {
throw new Exception("get cred error");
}
}
示例4: doSpnegoAuth
import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
/**
* Performs authentication using the SPNEGO mechanism.
*
* <p>
* Returns null if authentication failed or if the provided
* the auth scheme did not contain the SPNEGO/GSS token.
* </p>
*
* @return SpnegoPrincipal for the given auth scheme.
*/
private SpnegoPrincipal doSpnegoAuth(
final SpnegoAuthScheme scheme, final SpnegoHttpServletResponse resp)
throws GSSException, IOException {
final String principal;
final byte[] gss = scheme.getToken();
if (0 == gss.length) {
LOGGER.finer("GSS data was NULL.");
return null;
}
GSSContext context = null;
GSSCredential delegCred = null;
try {
byte[] token = null;
SpnegoAuthenticator.LOCK.lock();
try {
context = SpnegoAuthenticator.MANAGER.createContext(this.serverCredentials);
token = context.acceptSecContext(gss, 0, gss.length);
} finally {
SpnegoAuthenticator.LOCK.unlock();
}
if (null == token) {
LOGGER.finer("Token was NULL.");
return null;
}
resp.setHeader(Constants.AUTHN_HEADER, Constants.NEGOTIATE_HEADER
+ ' ' + Base64.encode(token));
if (!context.isEstablished()) {
LOGGER.fine("context not established");
resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED, true);
return null;
}
principal = context.getSrcName().toString();
if (this.allowDelegation && context.getCredDelegState()) {
delegCred = context.getDelegCred();
}
} finally {
if (null != context) {
SpnegoAuthenticator.LOCK.lock();
try {
context.dispose();
} finally {
SpnegoAuthenticator.LOCK.unlock();
}
}
}
return new SpnegoPrincipal(principal, KerberosPrincipal.KRB_NT_PRINCIPAL, delegCred);
}