本文整理汇总了Java中org.ietf.jgss.GSSManager.createContext方法的典型用法代码示例。如果您正苦于以下问题:Java GSSManager.createContext方法的具体用法?Java GSSManager.createContext怎么用?Java GSSManager.createContext使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.ietf.jgss.GSSManager
的用法示例。
在下文中一共展示了GSSManager.createContext方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generateGSSToken
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
protected byte[] generateGSSToken(
final byte[] input,
final Oid oid ) throws GSSException {
byte[] token = input;
if (token == null) {
token = new byte[0];
}
GSSManager manager = getManager();
GSSName serverName = manager.createName(servicePrincipalName, servicePrincipalOid);
GSSContext gssContext = manager.createContext(serverName.canonicalize(oid),
oid,
null,
GSSContext.DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
// Get client to login if not already done
return gssClient.negotiate(gssContext, token);
}
示例2: generateGSSToken
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
/**
* @since 4.4
*/
protected byte[] generateGSSToken(
final byte[] input, final Oid oid, final String authServer,
final Credentials credentials) throws GSSException {
byte[] inputBuff = input;
if (inputBuff == null) {
inputBuff = new byte[0];
}
final GSSManager manager = getManager();
final GSSName serverName = manager.createName(service + "@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
final GSSCredential gssCredential;
if (credentials instanceof KerberosCredentials) {
gssCredential = ((KerberosCredentials) credentials).getGSSCredential();
} else {
gssCredential = null;
}
final GSSContext gssContext = manager.createContext(
serverName.canonicalize(oid), oid, gssCredential, GSSContext.DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
return gssContext.initSecContext(inputBuff, 0, inputBuff.length);
}
示例3: initiateSecurityContext
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
private void initiateSecurityContext( String servicePrincipalName)
throws GSSException {
GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName( servicePrincipalName,
GSSName.NT_HOSTBASED_SERVICE);
final GSSContext context = manager.createContext( serverName, krb5Oid, null,
GSSContext.DEFAULT_LIFETIME);
// The GSS context initiation has to be performed as a privileged action.
this.serviceTicket = Subject.doAs( subject, new PrivilegedAction<byte[]>() {
public byte[] run() {
try {
byte[] token = new byte[0];
// This is a one pass context initialisation.
context.requestMutualAuth( false);
context.requestCredDeleg( false);
return context.initSecContext( token, 0, token.length);
}
catch ( GSSException e) {
e.printStackTrace();
return null;
}
}
});
}
示例4: initGSS
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
GSSContext initGSS() throws Exception {
final GSSManager MANAGER = GSSManager.getInstance();
final PrivilegedExceptionAction<GSSCredential> action = new PrivilegedExceptionAction<GSSCredential>() {
@Override
public GSSCredential run() throws GSSException {
return MANAGER.createCredential(null, GSSCredential.DEFAULT_LIFETIME, KrbConstants.SPNEGO, GSSCredential.INITIATE_ONLY);
}
};
final GSSCredential clientcreds = Subject.doAs(initiatorSubject, action);
final GSSContext context = MANAGER.createContext(MANAGER.createName(acceptorPrincipal, GSSName.NT_USER_NAME, KrbConstants.SPNEGO),
KrbConstants.SPNEGO, clientcreds, GSSContext.DEFAULT_LIFETIME);
//TODO make configurable
context.requestMutualAuth(true);
context.requestConf(true);
context.requestInteg(true);
context.requestReplayDet(true);
context.requestSequenceDet(true);
context.requestCredDeleg(false);
return context;
}
示例5: run
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public byte[] run() {
try {
GSSManager gssManager = GSSManager.getInstance();
Oid kerberos5Oid = new Oid(KERBEROS_OID);
GSSCredential credentials = this.delegatedCredential;
GSSName gssService = gssManager.createName(this.serviceName, GSSName.NT_HOSTBASED_SERVICE);
GSSContext secContext = gssManager.createContext(gssService, kerberos5Oid, credentials,
GSSContext.DEFAULT_LIFETIME);
secContext.requestMutualAuth(false);
byte[] token = new byte[0];
byte[] returnedToken = secContext.initSecContext(token, 0, token.length);
secContext.dispose();
return returnedToken;
} catch (GSSException e) {
if (LogManager.isMessageToBeRecorded(LogConstants.CTX_WS, MessageLevel.DETAIL)) {
LogManager.logDetail(LogConstants.CTX_WS, "Error in obtaining a Kerberos token"); //$NON-NLS-1$
}
}
return null;
}
示例6: createGssToken
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
/**
* Initializes the GSS context and creates the initial token.
*/
private byte[] createGssToken()
throws GSSException, UnknownHostException
{
GSSManager manager = GSSManager.getInstance();
// Oids for Kerberos5
Oid mech = new Oid( "1.2.840.113554.1.2.2" );
Oid nameType = new Oid( "1.2.840.113554.1.2.2.1" );
// Canonicalize hostname to create SPN like MIT Kerberos does
String host = InetAddress.getByName( socket.getHost() ).getCanonicalHostName();
int port = socket.getPort();
GSSName serverName = manager.createName( "MSSQLSvc/" + host + ":" + port, nameType );
Logger.println( "GSS: Using SPN " + serverName );
_gssContext = manager.createContext( serverName, mech, null, GSSContext.DEFAULT_LIFETIME );
_gssContext.requestMutualAuth( true ); // FIXME: may fail, check via _gssContext.getMutualAuthState()
byte[] token = _gssContext.initSecContext( new byte[0], 0, 0 );
Logger.println( "GSS: Created GSS token (length: " + token.length + ")" );
return token;
}
示例7: testAnonymousServer3
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public void testAnonymousServer3() throws Exception {
GSSManager manager = getGSSManager();
GSSName anonName = manager.createName((String)null, null);
assertTrue(anonName.isAnonymous());
GSSCredential anonCred = manager.createCredential(anonName,
GSSCredential.INDEFINITE_LIFETIME,
(Oid)null,
GSSCredential.INITIATE_AND_ACCEPT);
assertTrue(anonCred.getName().isAnonymous());
// server ctx initalized with anon cred
serverContext = manager.createContext(anonCred);
try {
establishContext();
fail("establishContext() did not throw exception as expected.");
} catch (GSSException e) {
if (e.getMajor() != GSSException.DEFECTIVE_CREDENTIAL) {
e.printStackTrace();
fail("Unexpected GSSException");
}
}
}
示例8: testBadUsage1
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public void testBadUsage1() throws Exception {
GSSManager manager = getGSSManager();
GSSCredential cred = manager.createCredential(null,
GSSCredential.DEFAULT_LIFETIME,
(Oid)null,
GSSCredential.INITIATE_ONLY);
// creates an accepter context with credential that is
// supposed to be used for initiators
serverContext = manager.createContext(cred);
try {
establishContext();
fail("establishContext() did not throw exception as expected.");
} catch (GSSException e) {
if (e.getMajor() != GSSException.DEFECTIVE_CREDENTIAL) {
e.printStackTrace();
fail("Unexpected GSSException");
}
}
}
示例9: testBadUsage2
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public void testBadUsage2() throws Exception {
GSSManager manager = getGSSManager();
GSSCredential cred = manager.createCredential(null,
GSSCredential.DEFAULT_LIFETIME,
(Oid)null,
GSSCredential.ACCEPT_ONLY);
// creates an initiator context with credential that is
// supposed to be used for acceptor
clientContext = manager.createContext(null,
GSSConstants.MECH_OID,
cred,
GSSContext.DEFAULT_LIFETIME);
try {
establishContext();
fail("establishContext() did not throw exception as expected.");
} catch (GSSException e) {
if (e.getMajor() != GSSException.DEFECTIVE_CREDENTIAL) {
e.printStackTrace();
fail("Unexpected GSSException");
}
}
}
示例10: getSocket
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
private GssSocket getSocket(GSSCredential credential)
throws IOException, GSSException {
GSSManager manager = ExtendedGSSManager.getInstance();
this.context = manager.createContext(null,
GSSConstants.MECH_OID,
credential,
GSSContext.DEFAULT_LIFETIME);
// no delegation
this.context.requestCredDeleg(false);
GssSocketFactory factory
= GssSocketFactory.getDefault();
GssSocket socket =
(GssSocket)factory.createSocket(host, port, this.context);
socket.setAuthorization(this.authorization);
return socket;
}
示例11: initiateSecurityContext
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
private void initiateSecurityContext() throws GSSException {
GSSManager manager = GSSManager.getInstance();
GSSName gssSPN = manager.createName(spn, null);
final GSSContext context = manager.createContext(gssSPN, new Oid(SPNEGO_OID), null,
GSSContext.DEFAULT_LIFETIME);
// The GSS context initiation has to be performed as a privilegedv action.
this.serviceTicket = Subject.doAs(subject, new PrivilegedAction<byte[]>() {
public byte[] run() {
try {
byte[] token = new byte[0];
context.requestMutualAuth(true);
context.requestCredDeleg(true);
return context.initSecContext(token, 0, token.length);
} catch (GSSException e) {
String msg = e.getMessage();
if (StringUtils.isBlank(msg)) {
msg = "Authentication failed.";
}
log.error(msg, e);
throw new AuthenticationException(msg, e);
}
}
});
}
示例12: generateGSSToken
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
protected byte[] generateGSSToken(
final byte[] input, final Oid oid, final String authServer) throws GSSException {
byte[] token = input;
if (token == null) {
token = new byte[0];
}
GSSManager manager = getManager();
GSSName serverName = manager.createName("[email protected]" + authServer, GSSName.NT_HOSTBASED_SERVICE);
GSSContext gssContext = manager.createContext(
serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
return gssContext.initSecContext(token, 0, token.length);
}
示例13: run
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public AuthenticationMechanismOutcome run() throws GSSException {
NegotiationContext negContext = exchange.getAttachment(NegotiationContext.ATTACHMENT_KEY);
if (negContext == null) {
negContext = new NegotiationContext();
exchange.putAttachment(NegotiationContext.ATTACHMENT_KEY, negContext);
// Also cache it on the connection for future calls.
exchange.getConnection().putAttachment(NegotiationContext.ATTACHMENT_KEY, negContext);
}
GSSContext gssContext = negContext.getGssContext();
if (gssContext == null) {
GSSManager manager = GSSManager.getInstance();
gssContext = manager.createContext((GSSCredential) null);
negContext.setGssContext(gssContext);
}
byte[] respToken = gssContext.acceptSecContext(challenge.array(), challenge.arrayOffset(), challenge.limit());
negContext.setResponseToken(respToken);
if (negContext.isEstablished()) {
if (respToken != null) {
// There will be no further challenge but we do have a token so set it here.
exchange.getResponseHeaders().add(WWW_AUTHENTICATE,
NEGOTIATE_PREFIX + FlexBase64.encodeString(respToken, false));
}
IdentityManager identityManager = securityContext.getIdentityManager();
final Account account = identityManager.verify(new GSSContextCredential(negContext.getGssContext()));
if (account != null) {
securityContext.authenticationComplete(account, name, false);
return AuthenticationMechanismOutcome.AUTHENTICATED;
} else {
return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
}
} else {
// This isn't a failure but as the context is not established another round trip with the client is needed.
return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
}
}
示例14: init
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
/**
* Init GSSContext for negotiation.
*
* @param server servername only (e.g: radar.it.su.se)
*/
protected void init(String server) throws GSSException {
LOG.debug("init " + server);
/* Kerberos v5 GSS-API mechanism defined in RFC 1964. */
Oid krb5Oid = new Oid("1.2.840.113554.1.2.2");
GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName("HTTP/"+server, null);
context = manager.createContext(serverName, krb5Oid, null,
GSSContext.DEFAULT_LIFETIME);
context.requestMutualAuth(true);
context.requestCredDeleg(true);
state = INITIATED;
}
示例15: generateTicket
import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
private String generateTicket() throws GSSException {
final GSSManager manager = GSSManager.getInstance();
// Oid for kerberos principal name
Oid krb5PrincipalOid = new Oid("1.2.840.113554.1.2.2.1");
Oid KERB_V5_OID = new Oid("1.2.840.113554.1.2.2");
final GSSName clientName = manager.createName(principal,
krb5PrincipalOid);
final GSSCredential clientCred = manager.createCredential(clientName,
8 * 3600,
KERB_V5_OID,
GSSCredential.INITIATE_ONLY);
final GSSName serverName = manager.createName(principal, krb5PrincipalOid);
final GSSContext context = manager.createContext(serverName,
KERB_V5_OID,
clientCred,
GSSContext.DEFAULT_LIFETIME);
context.requestMutualAuth(true);
context.requestConf(false);
context.requestInteg(true);
final byte[] outToken = context.initSecContext(new byte[0], 0, 0);
StringBuffer outputBuffer = new StringBuffer();
outputBuffer.append("Negotiate ");
outputBuffer.append(Base64.encodeBytes(outToken).replace("\n", ""));
System.out.print("Ticket is: " + outputBuffer);
return outputBuffer.toString();
}