congrats Icon
New! Announcing Tabnine Chat Beta
Learn More
Tabnine Logo
GSSName
Code IndexAdd Tabnine to your IDE (free)

How to use
GSSName
in
org.ietf.jgss

Best Java code snippets using org.ietf.jgss.GSSName (Showing top 20 results out of 918)

Refine searchRefine arrow

  • GSSContext
  • GSSManager
  • Oid
  • Subject
origin: apache/hbase

@Override
public String run() throws HttpAuthenticationException {
 GSSManager manager = GSSManager.getInstance();
 GSSContext gssContext = null;
 String serverPrincipal = SecurityUtil.getPrincipalWithoutRealm(httpUGI.getUserName());
 try {
  Oid kerberosMechOid = new Oid("1.2.840.113554.1.2.2");
  Oid spnegoMechOid = new Oid("1.3.6.1.5.5.2");
  Oid krb5PrincipalOid = new Oid("1.2.840.113554.1.2.2.1");
  GSSName serverName = manager.createName(serverPrincipal, krb5PrincipalOid);
  GSSCredential serverCreds = manager.createCredential(serverName,
    GSSCredential.DEFAULT_LIFETIME,
    new Oid[]{kerberosMechOid, spnegoMechOid},
  byte[] res = gssContext.acceptSecContext(inToken, 0, inToken.length);
  if(res != null) {
   outToken = Base64.getEncoder().encodeToString(res).replace("\n", "");
  return SecurityUtil.getUserFromPrincipal(gssContext.getSrcName().toString());
 } catch (GSSException e) {
  throw new HttpAuthenticationException("Kerberos authentication failed: ", e);
origin: apache/incubator-druid

GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName("HTTP@" + server, GSSName.NT_HOSTBASED_SERVICE);
  manager.createContext(serverName.canonicalize(mechOid), mechOid, null, GSSContext.DEFAULT_LIFETIME);
gssContext.requestMutualAuth(true);
gssContext.requestCredDeleg(true);
byte[] outToken = gssContext.initSecContext(inToken, 0, inToken.length);
gssContext.dispose();
origin: org.apache.jmeter/ApacheJMeter_http

  GSSContext createDelegatingGSSContext(final GSSManager manager, final Oid oid, final GSSName serverName,
      final GSSCredential gssCredential) throws GSSException {
    final GSSContext gssContext = manager.createContext(serverName.canonicalize(oid), oid, gssCredential,
        GSSContext.DEFAULT_LIFETIME);
    gssContext.requestMutualAuth(true);
    gssContext.requestCredDeleg(true);
    return gssContext;
  }
}
origin: wildfly/wildfly

public static String validateSecurityContext(Subject subject, final byte[] serviceTicket) throws GSSException {
  // Accept the context and return the client principal name.
  return Subject.doAs(subject, (PrivilegedAction<String>)() -> {
    try {
      // Identify the server that communications are being made
      // to.
      GSSManager manager = GSSManager.getInstance();
      GSSContext context = manager.createContext((GSSCredential) null);
      context.acceptSecContext(serviceTicket, 0, serviceTicket.length);
      return context.getSrcName().toString();
    } catch (Exception e) {
      log.error(Util.getMessage("Krb5TokenKerberosContextProcessingException"),e);
      return null;
    }
  });
}

origin: stackoverflow.com

byte[] token = (byte[]) Subject.doAs(subject, new PrivilegedExceptionAction() {
  @Override
  public Object run() throws PrivilegedActionException, GSSException {
    final GSSManager manager = GSSManager.getInstance();
    GSSName gssName = manager.createName(principalName, GSSName.NT_USER_NAME, KRB5_MECH_OID);
    GSSCredential gssCred = manager.createCredential(gssName.canonicalize(KRB5_MECH_OID),
        GSSCredential.DEFAULT_LIFETIME,
        KRB5_MECH_OID,
    logger.logInformation(className, methodName, "Client TGT obtained: " + gssCred.toString());
    GSSName gssServerName = manager.createName(servicePrincipal, GSSName.NT_USER_NAME);
    GSSContext clientContext = manager.createContext(gssServerName.canonicalize(SPNEGO_MECH_OID),
        SPNEGO_MECH_OID,
        gssCred,
        GSSContext.DEFAULT_LIFETIME);
    logger.logInformation(className, methodName, "Service ticket obtained: " + clientContext.toString());
    token = clientContext.initSecContext(token, 0, token.length);
    clientContext.dispose();
    return token;
origin: wildfly/wildfly

try {
  handler.handle(new Callback[]{nameCallback, passwordCallback, credentialCallback});
  Subject subject = new Subject();
    subject.getPrincipals().add(new KerberosPrincipal(gssName.toString()));
    subject.getPrincipals().add(new NamePrincipal(nameCallback.getName()));
origin: org.apache.cxf/cxf-rt-transports-http

GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName(spn, serviceNameType);
    .createContext(serverName.canonicalize(oid), oid, delegatedCred, GSSContext.DEFAULT_LIFETIME);
context.requestCredDeleg(isCredDelegationRequired(message));
  return context.initSecContext(token, 0, token.length);
  return Subject.doAs(subject, new CreateServiceTicketAction(context, token));
} catch (PrivilegedActionException e) {
  if (e.getCause() instanceof GSSException) {
origin: org.apache.cxf.fediz/fediz-idp-core

protected GSSContext createGSSContext() throws GSSException {
  Oid oid = new Oid("1.2.840.113554.1.2.2");
  GSSManager gssManager = GSSManager.getInstance();
  String spn = "bob@service.ws.apache.org";
  GSSName gssService = gssManager.createName(spn, null);
  return gssManager.createContext(gssService.canonicalize(oid),
                  oid, null, GSSContext.DEFAULT_LIFETIME);
}
origin: prestodb/presto

private Optional<Principal> authenticate(String token)
{
  GSSContext context = doAs(loginContext.getSubject(), () -> gssManager.createContext(serverCredential));
  try {
    byte[] inputToken = Base64.getDecoder().decode(token);
    context.acceptSecContext(inputToken, 0, inputToken.length);
    // We can't hold on to the GSS context because HTTP is stateless, so fail
    // if it can't be set up in a single challenge-response cycle
    if (context.isEstablished()) {
      return Optional.of(new KerberosPrincipal(context.getSrcName().toString()));
    }
    LOG.debug("Failed to establish GSS context for token %s", token);
  }
  catch (GSSException e) {
    // ignore and fail the authentication
    LOG.debug(e, "Authentication failed for token %s", token);
  }
  finally {
    try {
      context.dispose();
    }
    catch (GSSException e) {
      // ignore
    }
  }
  return Optional.empty();
}
origin: apache/cxf

Subject.doAs(serviceSubject, new ValidateServiceTicketAction(gssContext, serviceTicket));
GSSName srcName = gssContext.getSrcName();
if (srcName == null) {
  throw ExceptionUtils.toNotAuthorizedException(null, getFaultResponse());
String complexUserName = srcName.toString();
m.put(SecurityContext.class, createSecurityContext(simpleUserName, complexUserName, gssContext));
if (!gssContext.getCredDelegState()) {
  gssContext.dispose();
  gssContext = null;
origin: apache/directory-kerby

@Override
protected void onConnection(Transport.Connection conn) throws Exception {
  GSSName gssService = manager.createName(serverPrincipal, GSSName.NT_USER_NAME);
  Oid oid = new Oid(AppUtil.JGSS_KERBEROS_OID);
      manager.createCredential(gssService, GSSCredential.DEFAULT_LIFETIME, oid, GSSCredential.ACCEPT_ONLY);
    this.context = manager.createContext(credentials);
  } else {
    this.context = manager.createContext(gssService.canonicalize(oid),
                       oid, null, GSSContext.DEFAULT_LIFETIME);
  while (!context.isEstablished()) {
    token = conn.recvToken();
    token = context.acceptSecContext(token, 0, token.length);
    if (token != null) {
      conn.sendToken(token);
  context.dispose();
origin: apache/lens

private byte[] getToken(String spn, Oid oid) throws GSSException, LoginException {
 LoginContext lc = buildLoginContext();
 lc.login();
 Subject subject = lc.getSubject();
 GSSManager manager = GSSManager.getInstance();
 GSSName serverName = manager.createName(spn, null); // 2nd oid
 GSSContext context = manager
     .createContext(serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);
 final byte[] token = new byte[0];
 try {
  return Subject.doAs(subject, new CreateServiceTicketAction(context, token));
 } catch (PrivilegedActionException e) {
  if (e.getCause() instanceof GSSException) {
   throw (GSSException) e.getCause();
  }
  log.error("initSecContext", e);
  return null;
 }
}
origin: wildfly/wildfly-core

  GSSContextCredential gssCred = (GSSContextCredential) credential;
  try {
  user = new KerberosPrincipal(gssCred.getGssContext().getSrcName().toString());
  } catch (GSSException e) {
  return null;
addInetPrincipal(supplemental.getSubject().getPrincipals());
origin: com.jaeksoft/jcifs-krb5-jdk7

Key searchSessionKey(Subject subject) throws GSSException{
  MIEName src = new MIEName(gssContext.getSrcName().export());
  MIEName targ = new MIEName(gssContext.getTargName().export());
  Iterator iter = subject.getPrivateCredentials(KerberosTicket.class).iterator();
  while (iter.hasNext()) {
    KerberosTicket ticket = (KerberosTicket) iter.next();
    MIEName client = new MIEName(gssContext.getMech(), ticket.getClient().getName());
    MIEName server = new MIEName(gssContext.getMech(), ticket.getServer().getName());
    if(src.equals(client)&&targ.equals(server)){
      return ticket.getSessionKey();
    }
  }
  return null;
}
public void dispose() throws GSSException {
origin: org.apache.cxf/cxf-bundle-jaxrs

          Message message) throws GSSException, 
LoginException {
GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName(spn, serviceNameType);
    .createContext(serverName.canonicalize(oid), oid, delegatedCred, GSSContext.DEFAULT_LIFETIME);
context.requestCredDeleg(isCredDelegationRequired(message));
origin: dCache/dcache

  protected Subject createSubject() throws GSSException
  {
    Set<KerberosPrincipal> principals = Collections.singleton(new KerberosPrincipal(context.getSrcName().toString()));
    return new Subject(false, principals, Collections.emptySet(), Collections.emptySet());
  }
}
origin: wildfly/wildfly

switch (state) {
  case ACCEPTOR_STATE:
    assert gssContext.isEstablished() == false;
      byte[] response = gssContext.acceptSecContext(message, 0, message.length);
      if (gssContext.isEstablished()) {
        Oid actualMech = gssContext.getMech();
        saslGssapi.tracef("Negotiated mechanism %s", actualMech);
        if (KERBEROS_V5.equals(actualMech) == false) {
          throw saslGssapi.mechNegotiatedMechanismWasNotKerberosV5().toSaslException();
      String targetName = gssContext.getTargName().toString();
      String[] targetNameParts = targetName.split("[/@]");
      boundServerName = targetNameParts.length > 1 ? targetNameParts[1] : targetName;
      authenticationId = gssContext.getSrcName().toString();
    } catch (GSSException e) {
      throw saslGssapi.mechUnableToDeterminePeerName(e).toSaslException();
origin: org.jacorb/jacorb

public String getClientPrincipal()
{
  String principal = "";
  try
  {
    Oid krb5Oid = new Oid(KRB5MechOID.value.substring(4));
    GSSManager gssManager = GSSManager.getInstance();
    if (clientCreds == null)
    {
      clientCreds = gssManager.createCredential(null,
                           GSSCredential.INDEFINITE_LIFETIME,
                           krb5Oid,
                           GSSCredential.INITIATE_ONLY);
    }
    principal = clientCreds.getName().toString();
  }
  catch (Exception e)
  {
    logger.error("Error getting created principal: "+e);
  }
  return principal;
}
origin: wildfly/wildfly

Principal getPrincipal() {
  if (!isEstablished()) {
    throw new IllegalStateException("No established GSSContext to use for the Principal.");
  }
  if (principal == null) {
    try {
      principal = new KerberosPrincipal(gssContext.getSrcName().toString());
    } catch (GSSException e) {
      throw new IllegalStateException("Unable to create Principal", e);
    }
  }
  return principal;
}
origin: com.impetus.fabric/fabric-jdbc-driver-shaded

GSSContext createGSSContext(
    final GSSManager manager,
    final Oid oid,
    final GSSName serverName,
    final GSSCredential gssCredential) throws GSSException {
  final GSSContext gssContext = manager.createContext(serverName.canonicalize(oid), oid, gssCredential,
      GSSContext.DEFAULT_LIFETIME);
  gssContext.requestMutualAuth(true);
  return gssContext;
}
/**
org.ietf.jgssGSSName

Most used methods

  • toString
  • canonicalize
  • export
  • equals
  • isAnonymous
  • hashCode

Popular in Java

  • Reading from database using SQL prepared statement
  • orElseThrow (Optional)
    Return the contained value, if present, otherwise throw an exception to be created by the provided s
  • runOnUiThread (Activity)
  • setContentView (Activity)
  • Rectangle (java.awt)
    A Rectangle specifies an area in a coordinate space that is enclosed by the Rectangle object's top-
  • PrintStream (java.io)
    Fake signature of an existing Java class.
  • System (java.lang)
    Provides access to system-related information and resources including standard input and output. Ena
  • HashSet (java.util)
    HashSet is an implementation of a Set. All optional operations (adding and removing) are supported.
  • StringTokenizer (java.util)
    Breaks a string into tokens; new code should probably use String#split.> // Legacy code: StringTo
  • StringUtils (org.apache.commons.lang)
    Operations on java.lang.String that arenull safe. * IsEmpty/IsBlank - checks if a String contains
  • From CI to AI: The AI layer in your organization
Tabnine Logo
  • Products

    Search for Java codeSearch for JavaScript code
  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode
  • Company

    About UsContact UsCareers
  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now