congrats Icon
New! Announcing our next generation AI code completions
Read here
Tabnine Logo
GSSName
Code IndexAdd Tabnine to your IDE (free)

How to use
GSSName
in
org.ietf.jgss

Best Java code snippets using org.ietf.jgss.GSSName (Showing top 20 results out of 918)

Refine searchRefine arrow

  • GSSContext
  • GSSManager
  • Oid
  • Subject
origin: apache/hbase

@Override
public String run() throws HttpAuthenticationException {
 GSSManager manager = GSSManager.getInstance();
 GSSContext gssContext = null;
 String serverPrincipal = SecurityUtil.getPrincipalWithoutRealm(httpUGI.getUserName());
 try {
  Oid kerberosMechOid = new Oid("1.2.840.113554.1.2.2");
  Oid spnegoMechOid = new Oid("1.3.6.1.5.5.2");
  Oid krb5PrincipalOid = new Oid("1.2.840.113554.1.2.2.1");
  GSSName serverName = manager.createName(serverPrincipal, krb5PrincipalOid);
  GSSCredential serverCreds = manager.createCredential(serverName,
    GSSCredential.DEFAULT_LIFETIME,
    new Oid[]{kerberosMechOid, spnegoMechOid},
  byte[] res = gssContext.acceptSecContext(inToken, 0, inToken.length);
  if(res != null) {
   outToken = Base64.getEncoder().encodeToString(res).replace("\n", "");
  return SecurityUtil.getUserFromPrincipal(gssContext.getSrcName().toString());
 } catch (GSSException e) {
  throw new HttpAuthenticationException("Kerberos authentication failed: ", e);
origin: apache/incubator-druid

GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName("HTTP@" + server, GSSName.NT_HOSTBASED_SERVICE);
  manager.createContext(serverName.canonicalize(mechOid), mechOid, null, GSSContext.DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
byte[] outToken = gssContext.initSecContext(inToken, 0, inToken.length);
gssContext.dispose();
origin: org.apache.jmeter/ApacheJMeter_http

  GSSContext createDelegatingGSSContext(final GSSManager manager, final Oid oid, final GSSName serverName,
      final GSSCredential gssCredential) throws GSSException {
    final GSSContext gssContext = manager.createContext(serverName.canonicalize(oid), oid, gssCredential,
        GSSContext.DEFAULT_LIFETIME);
    gssContext.requestMutualAuth(true);
    gssContext.requestCredDeleg(true);
    return gssContext;
  }
}
origin: wildfly/wildfly

public static String validateSecurityContext(Subject subject, final byte[] serviceTicket) throws GSSException {
  // Accept the context and return the client principal name.
  return Subject.doAs(subject, (PrivilegedAction<String>)() -> {
    try {
      // Identify the server that communications are being made
      // to.
      GSSManager manager = GSSManager.getInstance();
      GSSContext context = manager.createContext((GSSCredential) null);
      context.acceptSecContext(serviceTicket, 0, serviceTicket.length);
      return context.getSrcName().toString();
    } catch (Exception e) {
      log.error(Util.getMessage("Krb5TokenKerberosContextProcessingException"),e);
      return null;
    }
  });
}
origin: stackoverflow.com

byte[] token = (byte[]) Subject.doAs(subject, new PrivilegedExceptionAction() {
  @Override
  public Object run() throws PrivilegedActionException, GSSException {
    final GSSManager manager = GSSManager.getInstance();
    GSSName gssName = manager.createName(principalName, GSSName.NT_USER_NAME, KRB5_MECH_OID);
    GSSCredential gssCred = manager.createCredential(gssName.canonicalize(KRB5_MECH_OID),
        GSSCredential.DEFAULT_LIFETIME,
        KRB5_MECH_OID,
    logger.logInformation(className, methodName, "Client TGT obtained: " + gssCred.toString());
    GSSName gssServerName = manager.createName(servicePrincipal, GSSName.NT_USER_NAME);
    GSSContext clientContext = manager.createContext(gssServerName.canonicalize(SPNEGO_MECH_OID),
        SPNEGO_MECH_OID,
        gssCred,
        GSSContext.DEFAULT_LIFETIME);
    logger.logInformation(className, methodName, "Service ticket obtained: " + clientContext.toString());
    token = clientContext.initSecContext(token, 0, token.length);
    clientContext.dispose();
    return token;
origin: wildfly/wildfly

try {
  handler.handle(new Callback[]{nameCallback, passwordCallback, credentialCallback});
  Subject subject = new Subject();
    subject.getPrincipals().add(new KerberosPrincipal(gssName.toString()));
    subject.getPrincipals().add(new NamePrincipal(nameCallback.getName()));
origin: org.apache.cxf/cxf-rt-transports-http

GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName(spn, serviceNameType);
    .createContext(serverName.canonicalize(oid), oid, delegatedCred, GSSContext.DEFAULT_LIFETIME);
context.requestCredDeleg(isCredDelegationRequired(message));
  return context.initSecContext(token, 0, token.length);
  return Subject.doAs(subject, new CreateServiceTicketAction(context, token));
} catch (PrivilegedActionException e) {
  if (e.getCause() instanceof GSSException) {
origin: org.apache.cxf.fediz/fediz-idp-core

protected GSSContext createGSSContext() throws GSSException {
  Oid oid = new Oid("1.2.840.113554.1.2.2");
  GSSManager gssManager = GSSManager.getInstance();
  String spn = "bob@service.ws.apache.org";
  GSSName gssService = gssManager.createName(spn, null);
  return gssManager.createContext(gssService.canonicalize(oid),
                  oid, null, GSSContext.DEFAULT_LIFETIME);
}
origin: prestodb/presto

private Optional<Principal> authenticate(String token)
{
  GSSContext context = doAs(loginContext.getSubject(), () -> gssManager.createContext(serverCredential));
  try {
    byte[] inputToken = Base64.getDecoder().decode(token);
    context.acceptSecContext(inputToken, 0, inputToken.length);
    // We can't hold on to the GSS context because HTTP is stateless, so fail
    // if it can't be set up in a single challenge-response cycle
    if (context.isEstablished()) {
      return Optional.of(new KerberosPrincipal(context.getSrcName().toString()));
    }
    LOG.debug("Failed to establish GSS context for token %s", token);
  }
  catch (GSSException e) {
    // ignore and fail the authentication
    LOG.debug(e, "Authentication failed for token %s", token);
  }
  finally {
    try {
      context.dispose();
    }
    catch (GSSException e) {
      // ignore
    }
  }
  return Optional.empty();
}
origin: apache/cxf

Subject.doAs(serviceSubject, new ValidateServiceTicketAction(gssContext, serviceTicket));
GSSName srcName = gssContext.getSrcName();
if (srcName == null) {
  throw ExceptionUtils.toNotAuthorizedException(null, getFaultResponse());
String complexUserName = srcName.toString();
m.put(SecurityContext.class, createSecurityContext(simpleUserName, complexUserName, gssContext));
if (!gssContext.getCredDelegState()) {
  gssContext.dispose();
  gssContext = null;
origin: apache/directory-kerby

@Override
protected void onConnection(Transport.Connection conn) throws Exception {
  GSSName gssService = manager.createName(serverPrincipal, GSSName.NT_USER_NAME);
  Oid oid = new Oid(AppUtil.JGSS_KERBEROS_OID);
      manager.createCredential(gssService, GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.ACCEPT_ONLY);
    this.context = manager.createContext(credentials);
  } else {
    this.context = manager.createContext(gssService.canonicalize(oid),
                       oid, null, GSSContext.DEFAULT_LIFETIME);
  while (!context.isEstablished()) {
    token = conn.recvToken();
    token = context.acceptSecContext(token, 0, token.length);
    if (token != null) {
      conn.sendToken(token);
  context.dispose();
origin: apache/lens

private byte[] getToken(String spn, Oid oid) throws GSSException, LoginException {
 LoginContext lc = buildLoginContext();
 lc.login();
 Subject subject = lc.getSubject();
 GSSManager manager = GSSManager.getInstance();
 GSSName serverName = manager.createName(spn, null); // 2nd oid
 GSSContext context = manager
     .createContext(serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
 final byte[] token = new byte[0];
 try {
  return Subject.doAs(subject, new CreateServiceTicketAction(context, token));
 } catch (PrivilegedActionException e) {
  if (e.getCause() instanceof GSSException) {
   throw (GSSException) e.getCause();
  }
  log.error("initSecContext", e);
  return null;
 }
}
origin: wildfly/wildfly-core

  GSSContextCredential gssCred = (GSSContextCredential) credential;
  try {
  user = new KerberosPrincipal(gssCred.getGssContext().getSrcName().toString());
  } catch (GSSException e) {
  return null;
addInetPrincipal(supplemental.getSubject().getPrincipals());
origin: com.jaeksoft/jcifs-krb5-jdk7

Key searchSessionKey(Subject subject) throws GSSException{
  MIEName src = new MIEName(gssContext.getSrcName().export());
  MIEName targ = new MIEName(gssContext.getTargName().export());
  Iterator iter = subject.getPrivateCredentials(KerberosTicket.class).iterator();
  while (iter.hasNext()) {
    KerberosTicket ticket = (KerberosTicket) iter.next();
    MIEName client = new MIEName(gssContext.getMech(), ticket.getClient().getName());
    MIEName server = new MIEName(gssContext.getMech(), ticket.getServer().getName());
    if(src.equals(client)&&targ.equals(server)){
      return ticket.getSessionKey();
    }
  }
  return null;
}
public void dispose() throws GSSException {
origin: org.apache.cxf/cxf-bundle-jaxrs

          Message message) throws GSSException, 
LoginException {
GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName(spn, serviceNameType);
    .createContext(serverName.canonicalize(oid), oid, delegatedCred, GSSContext.DEFAULT_LIFETIME);
context.requestCredDeleg(isCredDelegationRequired(message));
origin: dCache/dcache

  protected Subject createSubject() throws GSSException
  {
    Set<KerberosPrincipal> principals = Collections.singleton(new KerberosPrincipal(context.getSrcName().toString()));
    return new Subject(false, principals, Collections.emptySet(), Collections.emptySet());
  }
}
origin: wildfly/wildfly

switch (state) {
  case ACCEPTOR_STATE:
    assert gssContext.isEstablished() == false;
      byte[] response = gssContext.acceptSecContext(message, 0, message.length);
      if (gssContext.isEstablished()) {
        Oid actualMech = gssContext.getMech();
        saslGssapi.tracef("Negotiated mechanism %s", actualMech);
        if (KERBEROS_V5.equals(actualMech) == false) {
          throw saslGssapi.mechNegotiatedMechanismWasNotKerberosV5().toSaslException();
      String targetName = gssContext.getTargName().toString();
      String[] targetNameParts = targetName.split("[/@]");
      boundServerName = targetNameParts.length > 1 ? targetNameParts[1] : targetName;
      authenticationId = gssContext.getSrcName().toString();
    } catch (GSSException e) {
      throw saslGssapi.mechUnableToDeterminePeerName(e).toSaslException();
origin: org.jacorb/jacorb

public String getClientPrincipal()
{
  String principal = "";
  try
  {
    Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
    GSSManager gssManager = GSSManager.getInstance();
    if (clientCreds == null)
    {
      clientCreds = gssManager.createCredential(null,
                           GSSCredential.INDEFINITE_LIFETIME,
                           krb5Oid,
                           GSSCredential.INITIATE_ONLY);
    }
    principal = clientCreds.getName().toString();
  }
  catch (Exception e)
  {
    logger.error("Error getting created principal: "+e);
  }
  return principal;
}
origin: wildfly/wildfly

Principal getPrincipal() {
  if (!isEstablished()) {
    throw new IllegalStateException("No established GSSContext to use for the Principal.");
  }
  if (principal == null) {
    try {
      principal = new KerberosPrincipal(gssContext.getSrcName().toString());
    } catch (GSSException e) {
      throw new IllegalStateException("Unable to create Principal", e);
    }
  }
  return principal;
}
origin: com.impetus.fabric/fabric-jdbc-driver-shaded

GSSContext createGSSContext(
    final GSSManager manager,
    final Oid oid,
    final GSSName serverName,
    final GSSCredential gssCredential) throws GSSException {
  final GSSContext gssContext = manager.createContext(serverName.canonicalize(oid), oid, gssCredential,
      GSSContext.DEFAULT_LIFETIME);
  gssContext.requestMutualAuth(true);
  return gssContext;
}
/**
org.ietf.jgssGSSName

Most used methods

  • toString
  • canonicalize
  • export
  • equals
  • isAnonymous
  • hashCode

Popular in Java

  • Finding current android device location
  • getSupportFragmentManager (FragmentActivity)
  • orElseThrow (Optional)
    Return the contained value, if present, otherwise throw an exception to be created by the provided s
  • startActivity (Activity)
  • ServerSocket (java.net)
    This class represents a server-side socket that waits for incoming client connections. A ServerSocke
  • URLConnection (java.net)
    A connection to a URL for reading or writing. For HTTP connections, see HttpURLConnection for docume
  • PriorityQueue (java.util)
    A PriorityQueue holds elements on a priority heap, which orders the elements according to their natu
  • ConcurrentHashMap (java.util.concurrent)
    A plug-in replacement for JDK1.5 java.util.concurrent.ConcurrentHashMap. This version is based on or
  • ExecutorService (java.util.concurrent)
    An Executor that provides methods to manage termination and methods that can produce a Future for tr
  • ZipFile (java.util.zip)
    This class provides random read access to a zip file. You pay more to read the zip file's central di
  • 14 Best Plugins for Eclipse
Tabnine Logo

  • Products

    Search for Java codeSearch for JavaScript code

  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimAtomGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode

  • Company

    About UsContact UsCareers

  • Resources

    FAQBlogTabnine AcademyStudentsTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now