当前位置: 首页>>代码示例>>Java>>正文


Java GSSContext.initSecContext方法代码示例

本文整理汇总了Java中org.ietf.jgss.GSSContext.initSecContext方法的典型用法代码示例。如果您正苦于以下问题:Java GSSContext.initSecContext方法的具体用法?Java GSSContext.initSecContext怎么用?Java GSSContext.initSecContext使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.ietf.jgss.GSSContext的用法示例。


在下文中一共展示了GSSContext.initSecContext方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: generateGSSToken

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
/**
 * @since 4.4
 */
protected byte[] generateGSSToken(
        final byte[] input, final Oid oid, final String authServer,
        final Credentials credentials) throws GSSException {
    byte[] inputBuff = input;
    if (inputBuff == null) {
        inputBuff = new byte[0];
    }
    final GSSManager manager = getManager();
    final GSSName serverName = manager.createName(service + "@" + authServer, GSSName.NT_HOSTBASED_SERVICE);

    final GSSCredential gssCredential;
    if (credentials instanceof KerberosCredentials) {
        gssCredential = ((KerberosCredentials) credentials).getGSSCredential();
    } else {
        gssCredential = null;
    }

    final GSSContext gssContext = manager.createContext(
            serverName.canonicalize(oid), oid, gssCredential, GSSContext.DEFAULT_LIFETIME);
    gssContext.requestMutualAuth(true);
    gssContext.requestCredDeleg(true);
    return gssContext.initSecContext(inputBuff, 0, inputBuff.length);
}
 
开发者ID:MyPureCloud,项目名称:purecloud-iot,代码行数:27,代码来源:GGSSchemeBase.java

示例2: run

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
public byte[] run() {
    try {
        GSSManager gssManager = GSSManager.getInstance();
    
        Oid kerberos5Oid = new Oid(KERBEROS_OID);
        GSSCredential credentials = this.delegatedCredential;
        
        GSSName gssService = gssManager.createName(this.serviceName, GSSName.NT_HOSTBASED_SERVICE);
        GSSContext secContext = gssManager.createContext(gssService, kerberos5Oid, credentials,
                GSSContext.DEFAULT_LIFETIME);
     
        secContext.requestMutualAuth(false);
        byte[] token = new byte[0];
        byte[] returnedToken = secContext.initSecContext(token, 0, token.length);
        secContext.dispose();
        return returnedToken;
    } catch (GSSException e) {
        if (LogManager.isMessageToBeRecorded(LogConstants.CTX_WS, MessageLevel.DETAIL)) {
            LogManager.logDetail(LogConstants.CTX_WS, "Error in obtaining a Kerberos token"); //$NON-NLS-1$
        }
    }
    return null;
}
 
开发者ID:kenweezy,项目名称:teiid,代码行数:24,代码来源:DelegateKerberosClient.java

示例3: generateGSSToken

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
protected byte[] generateGSSToken(
        final byte[] input, final Oid oid, final String authServer) throws GSSException {
    byte[] token = input;
    if (token == null) {
        token = new byte[0];
    }
    GSSManager manager = getManager();
    GSSName serverName = manager.createName("[email protected]" + authServer, GSSName.NT_HOSTBASED_SERVICE);
    GSSContext gssContext = manager.createContext(
            serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
    gssContext.requestMutualAuth(true);
    gssContext.requestCredDeleg(true);
    return gssContext.initSecContext(token, 0, token.length);
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:15,代码来源:GGSSchemeBase.java

示例4: generateTicket

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
private String generateTicket() throws GSSException {
  final GSSManager manager = GSSManager.getInstance();
  // Oid for kerberos principal name
  Oid krb5PrincipalOid = new Oid("1.2.840.113554.1.2.2.1");
  Oid KERB_V5_OID = new Oid("1.2.840.113554.1.2.2");
  final GSSName clientName = manager.createName(principal,
      krb5PrincipalOid);
  final GSSCredential clientCred = manager.createCredential(clientName,
      8 * 3600,
      KERB_V5_OID,
      GSSCredential.INITIATE_ONLY);

  final GSSName serverName = manager.createName(principal, krb5PrincipalOid);

  final GSSContext context = manager.createContext(serverName,
      KERB_V5_OID,
      clientCred,
      GSSContext.DEFAULT_LIFETIME);
  context.requestMutualAuth(true);
  context.requestConf(false);
  context.requestInteg(true);

  final byte[] outToken = context.initSecContext(new byte[0], 0, 0);
  StringBuffer outputBuffer = new StringBuffer();
  outputBuffer.append("Negotiate ");
  outputBuffer.append(Base64.encodeBytes(outToken).replace("\n", ""));
  System.out.print("Ticket is: " + outputBuffer);
  return outputBuffer.toString();
}
 
开发者ID:fengchen8086,项目名称:ditb,代码行数:30,代码来源:HttpDoAsClient.java

示例5: generateGSSToken

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
protected byte[] generateGSSToken(
        final byte[] input, final Oid oid, final String authServer) throws GSSException {
    byte[] token = input;
    if (token == null) {
        token = new byte[0];
    }
    final GSSManager manager = getManager();
    final GSSName serverName = manager.createName("[email protected]" + authServer, GSSName.NT_HOSTBASED_SERVICE);
    final GSSContext gssContext = manager.createContext(
            serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
    gssContext.requestMutualAuth(true);
    gssContext.requestCredDeleg(true);
    return gssContext.initSecContext(token, 0, token.length);
}
 
开发者ID:reportportal,项目名称:client-java-httpclient-repacked,代码行数:15,代码来源:GGSSchemeBase.java

示例6: generateGSSToken

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
@Override
protected byte[] generateGSSToken(final byte[] input, final Oid oid,
        final String authServer, final Credentials credentials)
        throws GSSException {
    byte[] inputBuff = input;
    if (inputBuff == null) {
        inputBuff = new byte[0];
    }
    final GSSManager manager = getManager();
    final GSSName serverName = manager.createName("[email protected]" + authServer,
            GSSName.NT_HOSTBASED_SERVICE);

    final GSSCredential gssCredential;
    if (credentials instanceof KerberosCredentials) {
        gssCredential = ((KerberosCredentials) credentials)
                .getGSSCredential();
    } else {
        gssCredential = null;
    }

    final GSSContext gssContext = manager.createContext(
            serverName.canonicalize(oid), oid, gssCredential,
            GSSContext.DEFAULT_LIFETIME);
    gssContext.requestMutualAuth(true);
    gssContext.requestCredDeleg(true);
    return gssContext.initSecContext(inputBuff, 0, inputBuff.length);
}
 
开发者ID:johrstrom,项目名称:cloud-meter,代码行数:28,代码来源:FixedSPNegoScheme.java

示例7: generateTicket

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
private String generateTicket() throws GSSException {
  final GSSManager manager = GSSManager.getInstance();
  // Oid for kerberos principal name
  Oid krb5PrincipalOid = new Oid("1.2.840.113554.1.2.2.1");
  Oid KERB_V5_OID = new Oid("1.2.840.113554.1.2.2");
  final GSSName clientName = manager.createName("hbase/[email protected]",
      krb5PrincipalOid);
  final GSSCredential clientCred = manager.createCredential(clientName,
      8 * 3600,
      KERB_V5_OID,
      GSSCredential.INITIATE_ONLY);

  final GSSName serverName = manager.createName("hbase/[email protected]", krb5PrincipalOid);

  final GSSContext context = manager.createContext(serverName,
      KERB_V5_OID,
      clientCred,
      GSSContext.DEFAULT_LIFETIME);
  context.requestMutualAuth(true);
  context.requestConf(false);
  context.requestInteg(true);

  final byte[] outToken = context.initSecContext(new byte[0], 0, 0);
  StringBuffer outputBuffer = new StringBuffer();
  outputBuffer.append("Negotiate ");
  outputBuffer.append(new BASE64Encoder().encode(outToken).replace("\n", ""));
  System.out.print("Ticket is: " + outputBuffer);
  return outputBuffer.toString();
}
 
开发者ID:grokcoder,项目名称:pbase,代码行数:30,代码来源:HttpDoAsClient.java

示例8: getKerberosUser

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
private String getKerberosUser()
{
    log.debug("Obtaining userID from kerberos");
    String service = conSettings.getSaslProtocol() + "@" + conSettings.getSaslServerName();
    GSSManager manager = GSSManager.getInstance();

    try
    {
        GSSName acceptorName = manager.createName(service,
            GSSName.NT_HOSTBASED_SERVICE, KRB5_OID);

        GSSContext secCtx = manager.createContext(acceptorName,
                                                  KRB5_OID,
                                                  null,
                                                  GSSContext.INDEFINITE_LIFETIME);

        secCtx.initSecContext(new byte[0], 0, 1);

        if (secCtx.getSrcName() != null)
        {
            return secCtx.getSrcName().toString();
        }

    }
    catch (GSSException e)
    {
        log.warn("Unable to retrieve userID from Kerberos due to error",e);
    }

    return null;
}
 
开发者ID:wso2,项目名称:andes,代码行数:32,代码来源:ClientDelegate.java

示例9: encodeGSSAPIAuthenticationPacket

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
/**
 * Encodes the authentication packet for supported authentication methods.
 * 
 * @param request the socks proxy request data
 * @return the encoded buffer
 * @throws GSSException when something fails while using GSSAPI
 */
private IoBuffer encodeGSSAPIAuthenticationPacket(final SocksProxyRequest request) throws GSSException {
    GSSContext ctx = (GSSContext) getSession().getAttribute(GSS_CONTEXT);
    if (ctx == null) {
        // first step in the authentication process
        GSSManager manager = GSSManager.getInstance();
        GSSName serverName = manager.createName(request.getServiceKerberosName(), null);
        Oid krb5OID = new Oid(SocksProxyConstants.KERBEROS_V5_OID);

        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Available mechs:");
            for (Oid o : manager.getMechs()) {
                if (o.equals(krb5OID)) {
                    LOGGER.debug("Found Kerberos V OID available");
                }
                LOGGER.debug("{} with oid = {}", manager.getNamesForMech(o), o);
            }
        }

        ctx = manager.createContext(serverName, krb5OID, null, GSSContext.DEFAULT_LIFETIME);

        ctx.requestMutualAuth(true); // Mutual authentication
        ctx.requestConf(false);
        ctx.requestInteg(false);

        getSession().setAttribute(GSS_CONTEXT, ctx);
    }

    byte[] token = (byte[]) getSession().getAttribute(GSS_TOKEN);
    if (token != null) {
        LOGGER.debug("  Received Token[{}] = {}", token.length, ByteUtilities.asHex(token));
    }
    IoBuffer buf = null;

    if (!ctx.isEstablished()) {
        // token is ignored on the first call
        if (token == null) {
            token = new byte[32];
        }

        token = ctx.initSecContext(token, 0, token.length);

        // Send a token to the server if one was generated by
        // initSecContext
        if (token != null) {
            LOGGER.debug("  Sending Token[{}] = {}", token.length, ByteUtilities.asHex(token));

            getSession().setAttribute(GSS_TOKEN, token);
            buf = IoBuffer.allocate(4 + token.length);
            buf.put(new byte[] { SocksProxyConstants.GSSAPI_AUTH_SUBNEGOTIATION_VERSION,
                    SocksProxyConstants.GSSAPI_MSG_TYPE });

            buf.put(ByteUtilities.intToNetworkByteOrder(token.length, 2));
            buf.put(token);
        }
    }

    return buf;
}
 
开发者ID:eclipse,项目名称:neoscada,代码行数:66,代码来源:Socks5LogicHandler.java

示例10: main

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
public static void main(String[] args)
        throws Exception {

    Oid oldOid = new Oid("1.3.6.1.5.6.2");
    new OneKDC(null).writeJAASConf();

    System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
    GSSManager m = GSSManager.getInstance();
    boolean found = false;

    // Test 1: the getMechsForName() method accepts it.
    for (Oid tmp: m.getMechsForName(oldOid)) {
        if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) {
            found = true;
            break;
        }
    }
    if (!found) {
        throw new Exception("Cannot found krb5 mech for old name type");
    }

    // Test 2: the createName() method accepts it.
    GSSName name = m.createName("[email protected]", oldOid);

    // Test 3: its getStringNameType() output is correct
    if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) {
        throw new Exception("GSSName not correct name type");
    }

    // Test 4: everything still works.
    GSSContext c1 = m.createContext(
            name,
            GSSUtil.GSS_KRB5_MECH_OID,
            null,
            GSSContext.DEFAULT_LIFETIME);
    byte[] token = c1.initSecContext(new byte[0], 0, 0);

    Context s;
    s = Context.fromJAAS("server");
    s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
    s.x().acceptSecContext(token, 0, token.length);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:43,代码来源:Test5653.java

示例11: getGSSContext

import org.ietf.jgss.GSSContext; //导入方法依赖的package包/类
private GSSContext getGSSContext(final GssAciServerDetails serverDetails) throws AciHttpException, IOException {
    LOGGER.trace("getGSSContext() called...");

    try {
        LOGGER.debug("Setting up to try and create a GSSContext...");

        // Krb5 Oids, see RFC 1964...
        final Oid krb5Mechanism = new Oid("1.2.840.113554.1.2.2");
        final Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1");

        // Prepare stuff for setting up the context...
        final GSSManager manager = GSSManager.getInstance();
        final GSSName serverName = manager.createName(serverDetails.getServiceName(), krb5PrincipalNameType);

        // Set up the context...
        final GSSContext context = manager.createContext(serverName, krb5Mechanism, null, GSSContext.DEFAULT_LIFETIME);
        context.requestConf(true);
        context.requestMutualAuth(true);
        context.requestReplayDet(true);
        context.requestSequenceDet(true);

        // Do the context establishment loop...
        byte[] token = EMPTY_BYTE_ARRAY;

        while (!context.isEstablished()) {
            // token is ignored on the first call
            token = context.initSecContext(token, 0, token.length);

            if (token != null) {
                LOGGER.debug("Sending GSS action to the ACI server for context token...");

                // Build the parameter set...
                final ActionParameters parameters = new ActionParameters();
                parameters.add(AciConstants.PARAM_ACTION, "GSS");
                parameters.add("gssServiceName", new String(Base64.encodeBase64(token), "UTF-8"));

                // Execute the action and process the response...
                final AciResponseInputStream response = super.executeAction(serverDetails, parameters);
                token = new GssContextTokenProcessor().process(response);

                // Ensure that we close the stream to release the connection, otherwise another will be used and the
                // subsequent action will fail as it wasn't made on the same connection as this token exchange...
                IOUtils.getInstance().closeQuietly(response);
            }
        }

        // display context information
        LOGGER.debug("Successfully established a GSSContext...");
        LOGGER.debug("Remaining lifetime in seconds = {}", context.getLifetime());
        LOGGER.debug("Context mechanism             = {}", context.getMech());
        LOGGER.debug("Initiator                     = {}", context.getSrcName());
        LOGGER.debug("Acceptor                      = {}", context.getTargName());

        // Return the context...
        return context;
    } catch (final GSSException gsse) {
        throw new AciHttpException("Unable to establish a GSSContext.", gsse);
    } catch (final UnsupportedEncodingException uee) {
        throw new AciHttpException("Unable to establish a GSSContext due to an unsupported encoding.", uee);
    } catch (final ProcessorException pe) {
        throw new AciHttpException("Unable to parse the context response.", pe);
    } catch (final AciErrorException aee) {
        throw new AciHttpException("Unable to establish a GSSContext with the ACI Server.", aee);
    }
}
 
开发者ID:hpe-idol,项目名称:java-aci-api-ng,代码行数:66,代码来源:GssAciHttpClientImpl.java


注:本文中的org.ietf.jgss.GSSContext.initSecContext方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。