当前位置: 首页>>代码示例>>Java>>正文


Java GSSManager.getInstance方法代码示例

本文整理汇总了Java中org.ietf.jgss.GSSManager.getInstance方法的典型用法代码示例。如果您正苦于以下问题:Java GSSManager.getInstance方法的具体用法?Java GSSManager.getInstance怎么用?Java GSSManager.getInstance使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.ietf.jgss.GSSManager的用法示例。


在下文中一共展示了GSSManager.getInstance方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: xRealmAuth

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
static void xRealmAuth() throws Exception {
    Security.setProperty("auth.login.defaultCallbackHandler", "CrossRealm");
    System.setProperty("java.security.auth.login.config", "jaas-localkdc.conf");
    System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
    FileOutputStream fos = new FileOutputStream("jaas-localkdc.conf");
    fos.write(("com.sun.security.jgss.krb5.initiate {\n" +
            "    com.sun.security.auth.module.Krb5LoginModule\n" +
            "    required\n" +
            "    principal=dummy\n" +
            "    doNotPrompt=false\n" +
            "    useTicketCache=false\n" +
            "    ;\n" +
            "};").getBytes());
    fos.close();

    GSSManager m = GSSManager.getInstance();
    m.createContext(
            m.createName("[email protected]", GSSName.NT_HOSTBASED_SERVICE),
            GSSUtil.GSS_KRB5_MECH_OID,
            null,
            GSSContext.DEFAULT_LIFETIME).initSecContext(new byte[0], 0, 0);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:23,代码来源:CrossRealm.java

示例2: main

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
    new OneKDC(null).writeJAASConf();
    System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");

    GSSManager gm = GSSManager.getInstance();
    GSSCredential cred = gm.createCredential(GSSCredential.INITIATE_AND_ACCEPT);
    int time = cred.getRemainingLifetime();
    int time2 = cred.getRemainingInitLifetime(null);
    // The test KDC issues a TGT with a default lifetime of 11 hours
    int elevenhrs = 11*3600;
    if (time > elevenhrs+60 || time < elevenhrs-60) {
        throw new Exception("getRemainingLifetime returns wrong value.");
    }
    if (time2 > elevenhrs+60 || time2 < elevenhrs-60) {
        throw new Exception("getRemainingInitLifetime returns wrong value.");
    }
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:18,代码来源:LifeTimeInSeconds.java

示例3: main

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
    new OneKDC(null).writeJAASConf();
    System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");

    GSSManager gm = GSSManager.getInstance();
    GSSCredential cred = gm.createCredential(GSSCredential.INITIATE_AND_ACCEPT);
    int time = cred.getRemainingLifetime();
    int time2 = cred.getRemainingInitLifetime(null);
    // The test KDC issues a TGT with a default lifetime of 11 hours
    int elevenhrs = KDC.DEFAULT_LIFETIME;
    if (time > elevenhrs+60 || time < elevenhrs-60) {
        throw new Exception("getRemainingLifetime returns wrong value.");
    }
    if (time2 > elevenhrs+60 || time2 < elevenhrs-60) {
        throw new Exception("getRemainingInitLifetime returns wrong value.");
    }
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:18,代码来源:LifeTimeInSeconds.java

示例4: initiateSecurityContext

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
private void initiateSecurityContext( String servicePrincipalName)
    throws GSSException {
  GSSManager manager = GSSManager.getInstance();
  GSSName serverName = manager.createName( servicePrincipalName,
      GSSName.NT_HOSTBASED_SERVICE);
  final GSSContext context = manager.createContext( serverName, krb5Oid, null,
      GSSContext.DEFAULT_LIFETIME);
  // The GSS context initiation has to be performed as a privileged action.
  this.serviceTicket = Subject.doAs( subject, new PrivilegedAction<byte[]>() {
    public byte[] run() {
      try {
        byte[] token = new byte[0];
        // This is a one pass context initialisation.
        context.requestMutualAuth( false);
        context.requestCredDeleg( false);
        return context.initSecContext( token, 0, token.length);
      }
      catch ( GSSException e) {
        e.printStackTrace();
        return null;
      }
    }
  });

}
 
开发者ID:kholia,项目名称:TGS-REP,代码行数:26,代码来源:Client.java

示例5: initGSS

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
GSSContext initGSS() throws Exception {
    final GSSManager MANAGER = GSSManager.getInstance();

    final PrivilegedExceptionAction<GSSCredential> action = new PrivilegedExceptionAction<GSSCredential>() {
        @Override
        public GSSCredential run() throws GSSException {
            return MANAGER.createCredential(null, GSSCredential.DEFAULT_LIFETIME, KrbConstants.SPNEGO, GSSCredential.INITIATE_ONLY);
        }
    };

    final GSSCredential clientcreds = Subject.doAs(initiatorSubject, action);

    final GSSContext context = MANAGER.createContext(MANAGER.createName(acceptorPrincipal, GSSName.NT_USER_NAME, KrbConstants.SPNEGO),
            KrbConstants.SPNEGO, clientcreds, GSSContext.DEFAULT_LIFETIME);

    //TODO make configurable
    context.requestMutualAuth(true);
    context.requestConf(true);
    context.requestInteg(true);
    context.requestReplayDet(true);
    context.requestSequenceDet(true);
    context.requestCredDeleg(false);

    return context;
}
 
开发者ID:codecentric,项目名称:elasticsearch-shield-kerberos-realm,代码行数:26,代码来源:KerberizedClient.java

示例6: run

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public byte[] run() {
    try {
        GSSManager gssManager = GSSManager.getInstance();
    
        Oid kerberos5Oid = new Oid(KERBEROS_OID);
        GSSCredential credentials = this.delegatedCredential;
        
        GSSName gssService = gssManager.createName(this.serviceName, GSSName.NT_HOSTBASED_SERVICE);
        GSSContext secContext = gssManager.createContext(gssService, kerberos5Oid, credentials,
                GSSContext.DEFAULT_LIFETIME);
     
        secContext.requestMutualAuth(false);
        byte[] token = new byte[0];
        byte[] returnedToken = secContext.initSecContext(token, 0, token.length);
        secContext.dispose();
        return returnedToken;
    } catch (GSSException e) {
        if (LogManager.isMessageToBeRecorded(LogConstants.CTX_WS, MessageLevel.DETAIL)) {
            LogManager.logDetail(LogConstants.CTX_WS, "Error in obtaining a Kerberos token"); //$NON-NLS-1$
        }
    }
    return null;
}
 
开发者ID:kenweezy,项目名称:teiid,代码行数:24,代码来源:DelegateKerberosClient.java

示例7: getGSSKerberosCredential

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
private GSSKerberosCredential getGSSKerberosCredential(final String protocol, final String forHost)
        throws GeneralSecurityException {
    SubjectIdentity subjectIdentity = getSubjectIdentity(protocol, forHost);
    if (subjectIdentity == null) {
        throw ROOT_LOGGER.noSubjectIdentityForProtocolAndHost(protocol, forHost);
    }

    final GSSManager manager = GSSManager.getInstance();
    try {
        GSSCredential gssCredential = Subject.doAs(subjectIdentity.getSubject(),
                (PrivilegedExceptionAction<GSSCredential>) () -> manager.createCredential(null,
                        GSSCredential.DEFAULT_LIFETIME, new Oid[] { KERBEROS_V5, SPNEGO }, GSSCredential.ACCEPT_ONLY));

        return new GSSKerberosCredential(gssCredential);
    } catch (PrivilegedActionException e) {
        throw new GeneralSecurityException(e.getCause());
    }
}
 
开发者ID:wildfly,项目名称:wildfly-core,代码行数:19,代码来源:SecurityRealmService.java

示例8: createGssToken

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
/**
 * Initializes the GSS context and creates the initial token.
 */
private byte[] createGssToken()
   throws GSSException, UnknownHostException
{
   GSSManager manager = GSSManager.getInstance();

   // Oids for Kerberos5
   Oid mech = new Oid( "1.2.840.113554.1.2.2" );
   Oid nameType = new Oid( "1.2.840.113554.1.2.2.1" );

   // Canonicalize hostname to create SPN like MIT Kerberos does
   String host = InetAddress.getByName( socket.getHost() ).getCanonicalHostName();
   int port = socket.getPort();

   GSSName serverName = manager.createName( "MSSQLSvc/" + host + ":" + port, nameType );

   Logger.println( "GSS: Using SPN " + serverName );

   _gssContext = manager.createContext( serverName, mech, null, GSSContext.DEFAULT_LIFETIME );
   _gssContext.requestMutualAuth( true );  // FIXME: may fail, check via _gssContext.getMutualAuthState()

   byte[] token = _gssContext.initSecContext( new byte[0], 0, 0 );
   Logger.println( "GSS: Created GSS token (length: " + token.length + ")" );

   return token;
}
 
开发者ID:milesibastos,项目名称:jTDS,代码行数:29,代码来源:TdsCore.java

示例9: xRealmAuth

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
static void xRealmAuth() throws Exception {
    Security.setProperty("auth.login.defaultCallbackHandler", "CrossRealm");
    System.setProperty("java.security.auth.login.config", "jaas-localkdc.conf");
    System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
    new File("jaas-localkdc.conf").deleteOnExit();
    FileOutputStream fos = new FileOutputStream("jaas-localkdc.conf");
    fos.write(("com.sun.security.jgss.krb5.initiate {\n" +
            "    com.sun.security.auth.module.Krb5LoginModule\n" +
            "    required\n" +
            "    principal=dummy\n" +
            "    doNotPrompt=false\n" +
            "    useTicketCache=false\n" +
            "    ;\n" +
            "};").getBytes());
    fos.close();

    GSSManager m = GSSManager.getInstance();
    m.createContext(
            m.createName("[email protected]", GSSName.NT_HOSTBASED_SERVICE),
            GSSUtil.GSS_KRB5_MECH_OID,
            null,
            GSSContext.DEFAULT_LIFETIME).initSecContext(new byte[0], 0, 0);
}
 
开发者ID:aducode,项目名称:openjdk-source-code-learn,代码行数:24,代码来源:CrossRealm.java

示例10: initiateSecurityContext

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
private void initiateSecurityContext() throws GSSException {
    GSSManager manager = GSSManager.getInstance();
    GSSName gssSPN = manager.createName(spn, null);

    final GSSContext context = manager.createContext(gssSPN, new Oid(SPNEGO_OID), null,
            GSSContext.DEFAULT_LIFETIME);

    // The GSS context initiation has to be performed as a privilegedv action.
    this.serviceTicket = Subject.doAs(subject, new PrivilegedAction<byte[]>() {
        public byte[] run() {
            try {
                byte[] token = new byte[0];
                context.requestMutualAuth(true);
                context.requestCredDeleg(true);
                return context.initSecContext(token, 0, token.length);
            } catch (GSSException e) {
                String msg = e.getMessage();
                if (StringUtils.isBlank(msg)) {
                    msg = "Authentication failed.";
                }
                log.error(msg, e);
                throw new AuthenticationException(msg, e);
            }
        }
    });
}
 
开发者ID:vmware,项目名称:vco-powershel-plugin,代码行数:27,代码来源:KerberosTokenGenerator.java

示例11: getGSSCredential

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
private static GSSCredential getGSSCredential(final String userName) throws SaslException {
    try {
        Oid krb5Mechanism = new Oid(GSSAPI_OID);
        GSSManager manager = GSSManager.getInstance();
        GSSName name = manager.createName(userName, GSSName.NT_USER_NAME);
        return manager.createCredential(name, GSSCredential.INDEFINITE_LIFETIME, krb5Mechanism, GSSCredential.INITIATE_ONLY);
    } catch (GSSException e) {
        throw new SaslException("Unable to create GSSAPI credential", e);
    }
}
 
开发者ID:mongodb,项目名称:mongosql-auth-java,代码行数:11,代码来源:Gssapi.java

示例12: run

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public AuthenticationMechanismOutcome run() throws GSSException {
    NegotiationContext negContext = exchange.getAttachment(NegotiationContext.ATTACHMENT_KEY);
    if (negContext == null) {
        negContext = new NegotiationContext();
        exchange.putAttachment(NegotiationContext.ATTACHMENT_KEY, negContext);
        // Also cache it on the connection for future calls.
        exchange.getConnection().putAttachment(NegotiationContext.ATTACHMENT_KEY, negContext);
    }

    GSSContext gssContext = negContext.getGssContext();
    if (gssContext == null) {
        GSSManager manager = GSSManager.getInstance();
        gssContext = manager.createContext((GSSCredential) null);

        negContext.setGssContext(gssContext);
    }

    byte[] respToken = gssContext.acceptSecContext(challenge.array(), challenge.arrayOffset(), challenge.limit());
    negContext.setResponseToken(respToken);

    if (negContext.isEstablished()) {

        if (respToken != null) {
            // There will be no further challenge but we do have a token so set it here.
            exchange.getResponseHeaders().add(WWW_AUTHENTICATE,
                    NEGOTIATE_PREFIX + FlexBase64.encodeString(respToken, false));
        }
        IdentityManager identityManager = securityContext.getIdentityManager();
        final Account account = identityManager.verify(new GSSContextCredential(negContext.getGssContext()));
        if (account != null) {
            securityContext.authenticationComplete(account, name, false);
            return AuthenticationMechanismOutcome.AUTHENTICATED;
        } else {
            return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
        }
    } else {
        // This isn't a failure but as the context is not established another round trip with the client is needed.
        return AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
    }
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:41,代码来源:GSSAPIAuthenticationMechanism.java

示例13: main

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public static void main(String[] argv) throws Exception {
    GSSManager man = GSSManager.getInstance();
    String s = "[email protected]";
    GSSName name = man.createName(s, GSSName.NT_USER_NAME);
    byte[] exported = name.export();
    // Offset of the length of the mech name. Length in big endian
    int lenOffset = exported.length - s.length() - 4;
    // Make it huge
    exported[lenOffset] = 0x7f;
    try {
        man.createName(exported, GSSName.NT_EXPORT_NAME);
    } catch (GSSException gsse) {
        System.out.println(gsse);
    }
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:16,代码来源:GssMemoryIssues.java

示例14: main

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
public static void main(String[] argv) throws Exception {
    try {
        GSSManager manager = GSSManager.getInstance();
        GSSName name = manager.createName("anonymous", GSSName.NT_ANONYMOUS);
        boolean anonymous = name.isAnonymous();
        if (anonymous == false) {
            throw new RuntimeException("GSSName.isAnonymous() returns false for GSSName.NT_ANONYMOUS");
        }
    } catch (GSSException e) {
        System.out.println("Not supported, ignored!");
    }
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:13,代码来源:CtorTests2.java

示例15: check

import org.ietf.jgss.GSSManager; //导入方法依赖的package包/类
/**
 * Checks the correct bound
 * @param a get a creds for this principal, null for default one
 * @param b expected name, null for still unbound, "NOCRED" for no creds
 * @param objs princs, keys and keytabs in the subject
 */
private static void check(final String a, String b, Object... objs)
        throws Exception {
    Subject subj = new Subject();
    for (Object obj: objs) {
        if (obj instanceof KerberosPrincipal) {
            subj.getPrincipals().add((KerberosPrincipal)obj);
        } else if (obj instanceof KerberosKey || obj instanceof KeyTab) {
            subj.getPrivateCredentials().add(obj);
        }
    }
    final GSSManager man = GSSManager.getInstance();
    try {
        String result = Subject.doAs(
                subj, new PrivilegedExceptionAction<String>() {
            @Override
            public String run() throws GSSException {
                GSSCredential cred = man.createCredential(
                        a == null ? null : man.createName(r(a), null),
                        GSSCredential.INDEFINITE_LIFETIME,
                        GSSUtil.GSS_KRB5_MECH_OID,
                        GSSCredential.ACCEPT_ONLY);
                GSSName name = cred.getName();
                return name == null ? null : name.toString();
            }
        });
        if (!Objects.equals(result, r(b))) {
            throw new Exception("Check failed: getInstance(" + a
                    + ") has name " + result + ", not " + b);
        }
    } catch (PrivilegedActionException e) {
        if (!"NOCRED".equals(b)) {
            throw new Exception("Check failed: getInstance(" + a
                    + ") is null " + ", but not one with name " + b);
        }
    }
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:43,代码来源:ServiceCredsCombination.java


注:本文中的org.ietf.jgss.GSSManager.getInstance方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。