當前位置: 首頁>>代碼示例>>Java>>正文


Java Subject.getPrivateCredentials方法代碼示例

本文整理匯總了Java中javax.security.auth.Subject.getPrivateCredentials方法的典型用法代碼示例。如果您正苦於以下問題:Java Subject.getPrivateCredentials方法的具體用法?Java Subject.getPrivateCredentials怎麽用?Java Subject.getPrivateCredentials使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在javax.security.auth.Subject的用法示例。


在下文中一共展示了Subject.getPrivateCredentials方法的11個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: isRelated

import javax.security.auth.Subject; //導入方法依賴的package包/類
@Override
public boolean isRelated(Subject subject, Principal princ) {
    if (princ == null) return false;
    Set<Principal> principals =
            subject.getPrincipals(Principal.class);
    if (principals.contains(princ)) {
        // bound to this principal
        return true;
    }
    for (KeyTab pc: subject.getPrivateCredentials(KeyTab.class)) {
        if (!pc.isBound()) {
            return true;
        }
    }
    return false;
}
 
開發者ID:SunburstApps,項目名稱:OpenJSharp,代碼行數:17,代碼來源:Krb5ProxyImpl.java

示例2: validateSubject

import javax.security.auth.Subject; //導入方法依賴的package包/類
private void validateSubject(Subject subject) {
  Set<Object> set = subject.getPrivateCredentials();
  boolean foundTGT = false;
  if (set != null && set.size() > 0) {
    for (Object obj : set) {
      if (obj instanceof KerberosTicket) {
        KerberosTicket kt = (KerberosTicket) obj;
        String serverName = kt.getServer().getName();
        if (serverName.startsWith(TGT_SERVER_NAME_PREFIX)) {
          foundTGT = true;
        }
      }
    }
  }
  if (!foundTGT) {
    String errorMsg = null;
    if (loadFromTicketCache) {
      errorMsg = "Unable to load Kerberos TGT. Consider kinit.";
    } else {
      errorMsg = "Login failed for principal '" + userPrincipal + "' using keytab '" + keytabPath
          + "'. Specify correct keytab file path";
    }
    logger.error(errorMsg);
    throw new AuthenticationFailedException(errorMsg);
  }
}
 
開發者ID:ampool,項目名稱:monarch,代碼行數:27,代碼來源:KerberosAuthInit.java

示例3: main

import javax.security.auth.Subject; //導入方法依賴的package包/類
public static void main(String[] args) {
    System.setSecurityManager(new SecurityManager());
    Subject subject = new Subject();
    final Set principals = subject.getPrincipals();
    principals.add(new X500Principal("CN=Alice"));
    final Set credentials = subject.getPrivateCredentials();
    credentials.add("Dummy credential");
    new Thread() {
        {
            start();
        }
        public void run() {
            X500Principal p = new X500Principal("CN=Bob");
            while (!finished) {
                principals.add(p);
                principals.remove(p);
            }
        }
    };
    for (int i = 0; i < 1000; i++) {
        synchronized (credentials) {
            for (Iterator it = credentials.iterator(); it.hasNext(); ) {
                it.next();
            }
        }
    }
    finished = true;
}
 
開發者ID:lambdalab-mirror,項目名稱:jdk8u-jdk,代碼行數:29,代碼來源:Synch2.java

示例4: test3

import javax.security.auth.Subject; //導入方法依賴的package包/類
@Test(dataProvider = "Provider2")
public void test3(Subject s) {
    s.getPrivateCredentials(String.class);
}
 
開發者ID:lambdalab-mirror,項目名稱:jdk8u-jdk,代碼行數:5,代碼來源:MoreThenOnePrincipals.java

示例5: isRelated

import javax.security.auth.Subject; //導入方法依賴的package包/類
@Override
public boolean isRelated(boolean isClient,
        AccessControlContext acc, Principal p) {

    if (p == null) return false;
    try {
        Subject subject = AccessController.doPrivileged(
                (PrivilegedExceptionAction<Subject>)
                        () -> Krb5Util.getSubject(
                                isClient ? GSSCaller.CALLER_SSL_CLIENT
                                        : GSSCaller.CALLER_SSL_SERVER,
                                acc));
        if (subject == null) {
            if (debug != null && Debug.isOn("session")) {
                System.out.println("Kerberos credentials are" +
                        " not present in the current Subject;" +
                        " check if " +
                        " javax.security.auth.useSubjectAsCreds" +
                        " system property has been set to false");
            }
            return false;
        }
        Set<Principal> principals =
                subject.getPrincipals(Principal.class);
        if (principals.contains(p)) {
            // bound to this principal
            return true;
        } else {
            if (isClient) {
                return false;
            } else {
                for (KeyTab pc : subject.getPrivateCredentials(KeyTab.class)) {
                    if (!pc.isBound()) {
                        return true;
                    }
                }
                return false;
            }
        }
    } catch (PrivilegedActionException pae) {
        if (debug != null && Debug.isOn("session")) {
            System.out.println("Attempt to obtain" +
                    " subject failed! " + pae);
        }
        return false;
    }

}
 
開發者ID:AdoptOpenJDK,項目名稱:openjdk-jdk10,代碼行數:49,代碼來源:Krb5KeyExchangeService.java

示例6: testAddAll

import javax.security.auth.Subject; //導入方法依賴的package包/類
private static void testAddAll() {
    // Create a well formed subject and additional collections
    Subject mtSubj = makeSubj(false, false, false);
    Set<Principal> morePrincs = new HashSet<>(Arrays.asList(tmplAddPrincs));
    Set<Object> morePubVals = new HashSet<>(Arrays.asList(tmplAddPubVals));
    Set<Object> morePrvVals = new HashSet<>(Arrays.asList(tmplAddPrvVals));

    // Run one success test for each Subject family to verify the
    // overloaded method works as intended.
    Set<Principal> setPrin = mtSubj.getPrincipals();
    Set<Object> setPubCreds = mtSubj.getPublicCredentials();
    Set<Object> setPrvCreds = mtSubj.getPrivateCredentials();
    int prinOrigSize = setPrin.size();
    int pubOrigSize = setPubCreds.size();
    int prvOrigSize = setPrvCreds.size();

    System.out.println("------ addAll() -----");

    // Add the new members, then check the resulting size of the
    // Subject attributes to verify they've increased by the proper
    // amounts.
    if ((validTestCollection(methAdd, setPrin, morePrincs) != true) ||
        (setPrin.size() != prinOrigSize + morePrincs.size()))
    {
        throw new RuntimeException("Failed addAll() on principals");
    }
    if ((validTestCollection(methAdd, setPubCreds,
            morePubVals) != true) ||
        (setPubCreds.size() != pubOrigSize + morePubVals.size()))
    {
        throw new RuntimeException("Failed addAll() on public creds");
    }
    if ((validTestCollection(methAdd, setPrvCreds,
            morePrvVals) != true) ||
        (setPrvCreds.size() != prvOrigSize + morePrvVals.size()))
    {
        throw new RuntimeException("Failed addAll() on private creds");
    }
    System.out.println("Positive addAll() test passed");

    // Now add null elements into each container, then retest
    morePrincs.add(null);
    morePubVals.add(null);
    morePrvVals.add(null);

    System.out.println("* Testing addAll w/ null values on Principals");
    nullTestCollection(methAdd, mtSubj.getPrincipals(), null);
    nullTestCollection(methAdd, mtSubj.getPrincipals(), morePrincs);

    System.out.println("* Testing addAll w/ null values on Public Creds");
    nullTestCollection(methAdd, mtSubj.getPublicCredentials(), null);
    nullTestCollection(methAdd, mtSubj.getPublicCredentials(),
            morePubVals);

    System.out.println("* Testing addAll w/ null values on Private Creds");
    nullTestCollection(methAdd, mtSubj.getPrivateCredentials(), null);
    nullTestCollection(methAdd, mtSubj.getPrivateCredentials(),
            morePrvVals);
}
 
開發者ID:AdoptOpenJDK,項目名稱:openjdk-jdk10,代碼行數:60,代碼來源:SubjectNullTests.java

示例7: testRemoveAll

import javax.security.auth.Subject; //導入方法依賴的package包/類
private static void testRemoveAll() {
    // Create a well formed subject and additional collections
    Subject mtSubj = makeSubj(false, false, false);
    Set<Principal> remPrincs = new HashSet<>();
    Set<Object> remPubVals = new HashSet<>();
    Set<Object> remPrvVals = new HashSet<>();

    remPrincs.add(new KerberosPrincipal("mtwain/[email protected]"));
    remPubVals.add("mtwain");
    remPrvVals.add("5Cl3M3nz");

    // Run one success test for each Subject family to verify the
    // overloaded method works as intended.
    Set<Principal> setPrin = mtSubj.getPrincipals();
    Set<Object> setPubCreds = mtSubj.getPublicCredentials();
    Set<Object> setPrvCreds = mtSubj.getPrivateCredentials();
    int prinOrigSize = setPrin.size();
    int pubOrigSize = setPubCreds.size();
    int prvOrigSize = setPrvCreds.size();

    System.out.println("------ removeAll() -----");

    // Remove the specified members, then check the resulting size of the
    // Subject attributes to verify they've decreased by the proper
    // amounts.
    if ((validTestCollection(methRemove, setPrin, remPrincs) != true) ||
        (setPrin.size() != prinOrigSize - remPrincs.size()))
    {
        throw new RuntimeException("Failed removeAll() on principals");
    }
    if ((validTestCollection(methRemove, setPubCreds,
            remPubVals) != true) ||
        (setPubCreds.size() != pubOrigSize - remPubVals.size()))
    {
        throw new RuntimeException("Failed removeAll() on public creds");
    }
    if ((validTestCollection(methRemove, setPrvCreds,
            remPrvVals) != true) ||
        (setPrvCreds.size() != prvOrigSize - remPrvVals.size()))
    {
        throw new RuntimeException("Failed removeAll() on private creds");
    }
    System.out.println("Positive removeAll() test passed");

    // Now add null elements into each container, then retest
    remPrincs.add(null);
    remPubVals.add(null);
    remPrvVals.add(null);

    System.out.println("* Testing removeAll w/ null values on Principals");
    nullTestCollection(methRemove, mtSubj.getPrincipals(), null);
    nullTestCollection(methRemove, mtSubj.getPrincipals(), remPrincs);

    System.out.println(
            "* Testing removeAll w/ null values on Public Creds");
    nullTestCollection(methRemove, mtSubj.getPublicCredentials(), null);
    nullTestCollection(methRemove, mtSubj.getPublicCredentials(),
            remPubVals);

    System.out.println(
            "* Testing removeAll w/ null values on Private Creds");
    nullTestCollection(methRemove, mtSubj.getPrivateCredentials(), null);
    nullTestCollection(methRemove, mtSubj.getPrivateCredentials(),
            remPrvVals);
}
 
開發者ID:AdoptOpenJDK,項目名稱:openjdk-jdk10,代碼行數:66,代碼來源:SubjectNullTests.java

示例8: testRetainAll

import javax.security.auth.Subject; //導入方法依賴的package包/類
private static void testRetainAll() {
    // Create a well formed subject and additional collections
    Subject mtSubj = makeSubj(false, false, false);
    Set<Principal> remPrincs = new HashSet<>(Arrays.asList(tmplAddPrincs));
    Set<Object> remPubVals = new HashSet<>(Arrays.asList(tmplAddPubVals));
    Set<Object> remPrvVals = new HashSet<>(Arrays.asList(tmplAddPrvVals));

    // Add in values that exist within the Subject
    remPrincs.add(princVals[2]);
    remPubVals.add(pubVals[2]);
    remPrvVals.add(privVals[2]);

    // Run one success test for each Subject family to verify the
    // overloaded method works as intended.
    Set<Principal> setPrin = mtSubj.getPrincipals();
    Set<Object> setPubCreds = mtSubj.getPublicCredentials();
    Set<Object> setPrvCreds = mtSubj.getPrivateCredentials();
    int prinOrigSize = setPrin.size();
    int pubOrigSize = setPubCreds.size();
    int prvOrigSize = setPrvCreds.size();

    System.out.println("------ retainAll() -----");

    // Retain the specified members (those that exist in the Subject)
    // and validate the results.
    if (validTestCollection(methRetain, setPrin, remPrincs) == false ||
        setPrin.size() != 1 || setPrin.contains(princVals[2]) == false)
    {
        throw new RuntimeException("Failed retainAll() on principals");
    }

    if (validTestCollection(methRetain, setPubCreds,
            remPubVals) == false ||
        setPubCreds.size() != 1 ||
        setPubCreds.contains(pubVals[2]) == false)
    {
        throw new RuntimeException("Failed retainAll() on public creds");
    }
    if (validTestCollection(methRetain, setPrvCreds,
            remPrvVals) == false ||
        setPrvCreds.size() != 1 ||
        setPrvCreds.contains(privVals[2]) == false)
    {
        throw new RuntimeException("Failed retainAll() on private creds");
    }
    System.out.println("Positive retainAll() test passed");

    // Now add null elements into each container, then retest
    remPrincs.add(null);
    remPubVals.add(null);
    remPrvVals.add(null);

    System.out.println("* Testing retainAll w/ null values on Principals");
    nullTestCollection(methRetain, mtSubj.getPrincipals(), null);
    nullTestCollection(methRetain, mtSubj.getPrincipals(), remPrincs);

    System.out.println(
            "* Testing retainAll w/ null values on Public Creds");
    nullTestCollection(methRetain, mtSubj.getPublicCredentials(), null);
    nullTestCollection(methRetain, mtSubj.getPublicCredentials(),
            remPubVals);

    System.out.println(
            "* Testing retainAll w/ null values on Private Creds");
    nullTestCollection(methRetain, mtSubj.getPrivateCredentials(), null);
    nullTestCollection(methRetain, mtSubj.getPrivateCredentials(),
            remPrvVals);
}
 
開發者ID:AdoptOpenJDK,項目名稱:openjdk-jdk10,代碼行數:69,代碼來源:SubjectNullTests.java

示例9: testAuthenticatedClientsAllowed

import javax.security.auth.Subject; //導入方法依賴的package包/類
@Test public void testAuthenticatedClientsAllowed() throws Exception {
  // Create the subject for the client
  final Subject clientSubject = AvaticaJaasKrbUtil.loginUsingKeytab(
      SpnegoTestUtil.CLIENT_PRINCIPAL, clientKeytab);
  final Set<Principal> clientPrincipals = clientSubject.getPrincipals();
  // Make sure the subject has a principal
  assertFalse(clientPrincipals.isEmpty());

  // Get a TGT for the subject (might have many, different encryption types). The first should
  // be the default encryption type.
  Set<KerberosTicket> privateCredentials =
          clientSubject.getPrivateCredentials(KerberosTicket.class);
  assertFalse(privateCredentials.isEmpty());
  KerberosTicket tgt = privateCredentials.iterator().next();
  assertNotNull(tgt);
  LOG.info("Using TGT with etype: {}", tgt.getSessionKey().getAlgorithm());

  // The name of the principal
  final String principalName = clientPrincipals.iterator().next().getName();

  // Run this code, logged in as the subject (the client)
  byte[] response = Subject.doAs(clientSubject, new PrivilegedExceptionAction<byte[]>() {
    @Override public byte[] run() throws Exception {
      // Logs in with Kerberos via GSS
      GSSManager gssManager = GSSManager.getInstance();
      Oid oid = new Oid(SpnegoTestUtil.JGSS_KERBEROS_TICKET_OID);
      GSSName gssClient = gssManager.createName(principalName, GSSName.NT_USER_NAME);
      GSSCredential credential = gssManager.createCredential(gssClient,
          GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.INITIATE_ONLY);

      // Passes the GSSCredential into the HTTP client implementation
      final AvaticaCommonsHttpClientSpnegoImpl httpClient =
          new AvaticaCommonsHttpClientSpnegoImpl(httpServerUrl, credential);

      return httpClient.send(new byte[0]);
    }
  });

  // We should get a response which is "OK" with our client's name
  assertNotNull(response);
  assertEquals("OK " + SpnegoTestUtil.CLIENT_PRINCIPAL,
      new String(response, StandardCharsets.UTF_8));
}
 
開發者ID:apache,項目名稱:calcite-avatica,代碼行數:44,代碼來源:HttpServerSpnegoWithoutJaasTest.java

示例10: testAuthenticatedClientsAllowed

import javax.security.auth.Subject; //導入方法依賴的package包/類
@Test public void testAuthenticatedClientsAllowed() throws Exception {
  Assume.assumeThat("Test disabled on Windows", File.separatorChar, is('/'));

  // Create the subject for the client
  final Subject clientSubject = AvaticaJaasKrbUtil.loginUsingKeytab(
      SpnegoTestUtil.CLIENT_PRINCIPAL, clientKeytab);
  final Set<Principal> clientPrincipals = clientSubject.getPrincipals();
  // Make sure the subject has a principal
  assertFalse(clientPrincipals.isEmpty());

  // Get a TGT for the subject (might have many, different encryption types). The first should
  // be the default encryption type.
  Set<KerberosTicket> privateCredentials =
          clientSubject.getPrivateCredentials(KerberosTicket.class);
  assertFalse(privateCredentials.isEmpty());
  KerberosTicket tgt = privateCredentials.iterator().next();
  assertNotNull(tgt);
  LOG.info("Using TGT with etype: {}", tgt.getSessionKey().getAlgorithm());

  // The name of the principal
  final String principalName = clientPrincipals.iterator().next().getName();

  // Run this code, logged in as the subject (the client)
  byte[] response = Subject.doAs(clientSubject, new PrivilegedExceptionAction<byte[]>() {
    @Override public byte[] run() throws Exception {
      // Logs in with Kerberos via GSS
      GSSManager gssManager = GSSManager.getInstance();
      Oid oid = new Oid(SpnegoTestUtil.JGSS_KERBEROS_TICKET_OID);
      GSSName gssClient = gssManager.createName(principalName, GSSName.NT_USER_NAME);
      GSSCredential credential = gssManager.createCredential(gssClient,
          GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.INITIATE_ONLY);

      // Passes the GSSCredential into the HTTP client implementation
      final AvaticaCommonsHttpClientSpnegoImpl httpClient =
          new AvaticaCommonsHttpClientSpnegoImpl(httpServerUrl, credential);

      return httpClient.send(new byte[0]);
    }
  });

  // We should get a response which is "OK" with our client's name
  assertNotNull(response);
  assertEquals("OK " + SpnegoTestUtil.CLIENT_PRINCIPAL,
      new String(response, StandardCharsets.UTF_8));
}
 
開發者ID:apache,項目名稱:calcite-avatica,代碼行數:46,代碼來源:HttpServerSpnegoWithJaasTest.java

示例11: test1

import javax.security.auth.Subject; //導入方法依賴的package包/類
/**
 * Policy file grants access to the private Credential,belonging to a
 * Subject with at least two associated Principals:"com.sun.security.auth
 * .NTUserPrincipal", with the name,"NTUserPrincipal-1", and
 * "com.sun.security.auth.UnixPrincipal", with the name, "UnixPrincipals-1".
 *
 * For test1 and test2, subjects are associated with none or only one of
 * principals mentioned above, SecurityException is expected.
 * For test 3 and test 4, subjects are associated with two or more
 * Principals (above principals are included), no exception is expected.
 *
 */

@Test(dataProvider = "Provider1", expectedExceptions = SecurityException.class)
public void test1(Subject s) {
    s.getPrivateCredentials(String.class);
}
 
開發者ID:lambdalab-mirror,項目名稱:jdk8u-jdk,代碼行數:18,代碼來源:MoreThenOnePrincipals.java


注:本文中的javax.security.auth.Subject.getPrivateCredentials方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。