本文整理匯總了Java中org.ietf.jgss.GSSException類的典型用法代碼示例。如果您正苦於以下問題:Java GSSException類的具體用法?Java GSSException怎麽用?Java GSSException使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
GSSException類屬於org.ietf.jgss包,在下文中一共展示了GSSException類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: validateServiceTicket
import org.ietf.jgss.GSSException; //導入依賴的package包/類
public static String validateServiceTicket(Subject subject, final byte[] serviceTicket)
throws GSSException, IllegalAccessException, NoSuchFieldException, ClassNotFoundException,
PrivilegedActionException {
// Kerberos version 5 OID
Oid krb5Oid = KerberosUtils.getOidInstance("GSS_KRB5_MECH_OID");
// Accept the context and return the client principal name.
return Subject.doAs(subject, new PrivilegedExceptionAction<String>() {
@Override
public String run() throws Exception {
String clientName = null;
// Identify the server that communications are being made to.
GSSManager manager = GSSManager.getInstance();
GSSContext context = manager.createContext((GSSCredential) null);
context.acceptSecContext(serviceTicket, 0, serviceTicket.length);
clientName = context.getSrcName().toString();
return clientName;
}
});
}
示例2: main
import org.ietf.jgss.GSSException; //導入依賴的package包/類
public static void main(String[] args) throws Exception {
GSSCredential cred = null;
GSSContext ctx = GSSManager.getInstance().createContext(cred);
String var =
/*0000*/ "60 1C 06 06 2B 06 01 05 05 02 A0 12 30 10 A0 0E " +
/*0010*/ "30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A ";
byte[] token = new byte[var.length()/3];
for (int i=0; i<token.length; i++) {
token[i] = Integer.valueOf(var.substring(3*i,3*i+2), 16).byteValue();
}
try {
ctx.acceptSecContext(token, 0, token.length);
} catch (GSSException gsse) {
System.out.println("Expected exception: " + gsse);
}
}
示例3: testBad
import org.ietf.jgss.GSSException; //導入依賴的package包/類
static void testBad(String s) throws Exception {
System.err.println("Trying " + s);
try {
new ObjectIdentifier(s);
throw new Exception("should be invalid ObjectIdentifier");
} catch (IOException ioe) {
System.err.println(ioe);
}
try {
new Oid(s);
throw new Exception("should be invalid Oid");
} catch (GSSException gsse) {
;
}
try {
new EncryptedPrivateKeyInfo(s, new byte[8]);
throw new Exception("should be invalid algorithm");
} catch (NoSuchAlgorithmException e) {
;
}
}
示例4: closeSession
import org.ietf.jgss.GSSException; //導入依賴的package包/類
/**
* Closes the session. If any {@link GSSContext} is present in the session
* then it is closed.
*
* @param message the error message
*/
@Override
protected void closeSession(String message) {
GSSContext ctx = (GSSContext) getSession().getAttribute(GSS_CONTEXT);
if (ctx != null) {
try {
ctx.dispose();
} catch (GSSException e) {
e.printStackTrace();
super.closeSession(message, e);
return;
}
}
super.closeSession(message);
}
示例5: authenticate
import org.ietf.jgss.GSSException; //導入依賴的package包/類
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
Principal authenticatedUser = super.authenticate(gssContext, storeCreds);
return filterLockedAccounts(username, authenticatedUser);
}
// Fail in all other cases
return null;
}
示例6: generateGSSToken
import org.ietf.jgss.GSSException; //導入依賴的package包/類
protected byte[] generateGSSToken(
final byte[] input,
final Oid oid ) throws GSSException {
byte[] token = input;
if (token == null) {
token = new byte[0];
}
GSSManager manager = getManager();
GSSName serverName = manager.createName(servicePrincipalName, servicePrincipalOid);
GSSContext gssContext = manager.createContext(serverName.canonicalize(oid),
oid,
null,
GSSContext.DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
// Get client to login if not already done
return gssClient.negotiate(gssContext, token);
}
示例7: negotiate
import org.ietf.jgss.GSSException; //導入依賴的package包/類
/**
* Called when SPNEGO client-service authentication is taking place.
*
* @param context
* @param negotiationToken
* @return
* @throws GSSException
*/
public byte[] negotiate( GSSContext context, byte[] negotiationToken ) throws GSSException {
if (subject == null) {
loginViaJAAS(); // throw GSSException if fail to login
}
// If we do not have the service ticket it will be retrieved
// from the TGS on a call to initSecContext().
NegotiateContextAction negotiationAction = new NegotiateContextAction(context, negotiationToken);
// Run the negotiation as the initiator
// The service ticket will then be cached in the Subject's
// private credentials, as the subject.
negotiationToken = (byte[]) Subject.doAs(subject, negotiationAction);
if (negotiationAction.getGSSException() != null) {
throw negotiationAction.getGSSException();
}
return negotiationToken;
}
示例8: run
import org.ietf.jgss.GSSException; //導入依賴的package包/類
public Object run() {
try {
// If we do not have the service ticket it will be retrieved
// from the TGS on the first call to initSecContext(). The
// subject's private credentials are checked for the service ticket.
// If we run this action as the initiator subject, the service ticket
// will be stored in the subject's credentials and will not need
// to be retrieved next time the client wishes to talk to the
// server (acceptor).
Subject subject = Subject.getSubject(AccessController.getContext());
int beforeNumSubjectCreds = traceBeforeNegotiate();
negotiationToken = context.initSecContext(negotiationToken, 0, negotiationToken.length);
traceAfterNegotiate(beforeNumSubjectCreds);
} catch (GSSException e) {
// Trace out some info
traceServiceTickets();
exception = e;
}
return negotiationToken;
}
示例9: getOidInstance
import org.ietf.jgss.GSSException; //導入依賴的package包/類
public static Oid getOidInstance(String oidName)
throws ClassNotFoundException, GSSException, NoSuchFieldException,
IllegalAccessException {
Class<?> oidClass;
if (IBM_JAVA) {
if ("NT_GSS_KRB5_PRINCIPAL".equals(oidName)) {
// IBM JDK GSSUtil class does not have field for krb5 principal oid
return new Oid("1.2.840.113554.1.2.2.1");
}
oidClass = Class.forName("com.ibm.security.jgss.GSSUtil");
} else {
oidClass = Class.forName("sun.security.jgss.GSSUtil");
}
Field oidField = oidClass.getDeclaredField(oidName);
return (Oid)oidField.get(oidClass);
}
示例10: authenticate
import org.ietf.jgss.GSSException; //導入依賴的package包/類
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
Principal authenticatedUser = super.authenticate(gssContext, storeCreds);
return filterLockedAccounts(username, authenticatedUser);
}
// Fail in all other cases
return null;
}
示例11: dispose
import org.ietf.jgss.GSSException; //導入依賴的package包/類
/**
* Logout. Since server uses LoginContext to login/pre-authenticate, we must
* also logout when we are done using this object.
*
* <p>
* Generally, instantiators of this class should be the only to call
* dispose() as it indicates that this class will no longer be used.
* </p>
*/
public void dispose() {
if (null != this.serverCredentials) {
try {
this.serverCredentials.dispose();
} catch (GSSException e) {
LOGGER.log(Level.WARNING, "Dispose failed.", e);
}
}
if (null != this.loginContext) {
try {
this.loginContext.logout();
} catch (LoginException le) {
LOGGER.log(Level.WARNING, "Logout failed.", le);
}
}
}
示例12: generateGSSToken
import org.ietf.jgss.GSSException; //導入依賴的package包/類
/**
* @since 4.4
*/
protected byte[] generateGSSToken(
final byte[] input, final Oid oid, final String authServer,
final Credentials credentials) throws GSSException {
byte[] inputBuff = input;
if (inputBuff == null) {
inputBuff = new byte[0];
}
final GSSManager manager = getManager();
final GSSName serverName = manager.createName(service + "@" + authServer, GSSName.NT_HOSTBASED_SERVICE);
final GSSCredential gssCredential;
if (credentials instanceof KerberosCredentials) {
gssCredential = ((KerberosCredentials) credentials).getGSSCredential();
} else {
gssCredential = null;
}
final GSSContext gssContext = manager.createContext(
serverName.canonicalize(oid), oid, gssCredential, GSSContext.DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
return gssContext.initSecContext(inputBuff, 0, inputBuff.length);
}
示例13: getOidInstance
import org.ietf.jgss.GSSException; //導入依賴的package包/類
public static Oid getOidInstance(String oidName)
throws ClassNotFoundException, GSSException, NoSuchFieldException,
IllegalAccessException {
Class<?> oidClass;
if (IBM_JAVA) {
if ("NT_GSS_KRB5_PRINCIPAL".equals(oidName)) {
// IBM JDK GSSUtil class does not have field for krb5 principal oid
return new Oid("1.2.840.113554.1.2.2.1");
}
oidClass = Class.forName("com.ibm.security.jgss.GSSUtil");
} else {
oidClass = Class.forName("sun.security.jgss.GSSUtil");
}
Field oidField = oidClass.getDeclaredField(oidName);
return (Oid) oidField.get(oidClass);
}
示例14: shouldFailAuthenticateWithPlainTextNoCredentials
import org.ietf.jgss.GSSException; //導入依賴的package包/類
@Test
public void shouldFailAuthenticateWithPlainTextNoCredentials() throws Exception {
final Cluster cluster = Cluster.build().create();
final Client client = cluster.connect();
try {
client.submit("1+1").all().get();
fail("This should not succeed as the client did not provide credentials");
} catch(Exception ex) {
final Throwable root = ExceptionUtils.getRootCause(ex);
assertEquals(GSSException.class, root.getClass());
// removed this assert as the text of the message changes based on kerberos config - stupid kerberos
// assertThat(root.getMessage(), startsWith("Invalid name provided"));
} finally {
cluster.close();
}
}
示例15: getClientCredential
import org.ietf.jgss.GSSException; //導入依賴的package包/類
/**
* Returns the GSS-API interface for creating a security context.
*
* @param subject the person to be authenticated
* @return GSSCredential to be used for creating a security context.
* @throws PrivilegedActionException
*/
public static GSSCredential getClientCredential(final Subject subject)
throws PrivilegedActionException {
final PrivilegedExceptionAction<GSSCredential> action =
new PrivilegedExceptionAction<GSSCredential>() {
public GSSCredential run() throws GSSException {
return MANAGER.createCredential(
null
, GSSCredential.DEFAULT_LIFETIME
, SpnegoProvider.SPNEGO_OID
, GSSCredential.INITIATE_ONLY);
}
};
return Subject.doAs(subject, action);
}