Refine search
@Override public LoginContext login() throws LoginException { loginContext = new LoginContext(contextName, null, loginCallbackHandler, configuration); loginContext.login(); log.info("Successfully logged in."); return loginContext; }
public Subject getSubject() { Subject subject = new Subject(false, ImmutableSet.of(principal), emptySet(), emptySet()); try { LoginContext loginContext = new LoginContext("", subject, null, configuration); loginContext.login(); return loginContext.getSubject(); } catch (LoginException e) { throw new RuntimeException(e); } }
private Subject getServiceSubject( ClientLoginConfig loginConfig ) throws Exception { Set<Principal> princ = new HashSet<>( 1 ); princ.add( new KerberosPrincipal( this.principal ) ); Subject sub = new Subject( false, princ, new HashSet(), new HashSet() ); loginContext = new LoginContext( "", sub, null, loginConfig ); loginContext.login(); return loginContext.getSubject(); }
private synchronized LoginContext login(final String loginContextName) throws LoginException { if (loginContextName == null) { throw new LoginException("loginContext name (JAAS file section header) was null. " + "Please check your java.security.login.auth.config (=" + System.getProperty("java.security.login.auth.config") + ") and your " + ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY + "(=" + System.getProperty(ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY, "Client") + ")"); } LoginContext loginContext = new LoginContext(loginContextName, callbackHandler); loginContext.login(); LOG.info("successfully logged in."); return loginContext; }
LoginContext context = new LoginContext("", new Subject(), null, new Configuration() { @Override context.login(); return context.getSubject();
private synchronized LoginContext login(final String loginContextName) throws LoginException { if (loginContextName == null) { throw new LoginException("loginContext name (JAAS file section header) was null. " + "Please check your java.security.login.auth.config (=" + System.getProperty("java.security.login.auth.config") + ") and your " + getLoginContextMessage()); } LoginContext loginContext = new LoginContext(loginContextName,callbackHandler); loginContext.login(); LOG.info("{} successfully logged in.", loginContextName); return loginContext; }
LoginContext context = new LoginContext("", new Subject(), null, new Configuration() { @Override public AppConfigurationEntry[] getAppConfigurationEntry(String name) { context.login(); return context.getSubject();
private synchronized LoginContext login(final String loginContextName) throws LoginException { if (loginContextName == null) { throw new LoginException("loginContext name (JAAS file section header) was null. " + "Please check your java.security.login.auth.config (=" + System.getProperty("java.security.login.auth.config") + ") and your " + ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY + "(=" + System.getProperty(ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY, "Client") + ")"); } LoginContext loginContext = new LoginContext(loginContextName,callbackHandler); loginContext.login(); LOG.info("{} successfully logged in.", loginContextName); return loginContext; }
LoginContext context = new LoginContext("", new Subject(), null, new Configuration() { @Override context.login(); return context.getSubject();
private void initializeKerberosLogin() throws ServletException { String keytab; try { if (serverPrincipal == null || serverPrincipal.trim().length() == 0) { throw new ServletException("Principal not defined in configuration"); } keytab = serverKeytab; if (keytab == null || keytab.trim().length() == 0) { throw new ServletException("Keytab not defined in configuration"); } if (!new File(keytab).exists()) { throw new ServletException("Keytab does not exist: " + keytab); } Set<Principal> principals = new HashSet<Principal>(); principals.add(new KerberosPrincipal(serverPrincipal)); Subject subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>()); DruidKerberosConfiguration kerberosConfiguration = new DruidKerberosConfiguration(keytab, serverPrincipal); log.info("Login using keytab " + keytab + ", for principal " + serverPrincipal); loginContext = new LoginContext("", subject, null, kerberosConfiguration); loginContext.login(); log.info("Initialized, principal %s from keytab %s", serverPrincipal, keytab); } catch (Exception ex) { throw new ServletException(ex); } }
LoginContext context = new LoginContext("", new Subject(), null, new Configuration() { @Override context.login(); return context.getSubject();
new KerberosAuthenticator.DruidKerberosConfiguration(keytab, spnegoPrincipal); final LoginContext loginContext = new LoginContext("", serverSubject, null, kerberosConfiguration); try { loginContext.login();
private SSLEngine loadOpenSslEngine(ByteBufAllocator alloc, String realKeyStoreProvider, String realKeyStorePath, String realKeyStorePassword, String realTrustStoreProvider, String realTrustStorePath, String realTrustStorePassword) throws Exception { SslContext context = SSLSupport.createNettyClientContext(realKeyStoreProvider, realKeyStorePath, realKeyStorePassword, realTrustStoreProvider, realTrustStorePath, realTrustStorePassword, sslProvider, trustAll); Subject subject = null; if (kerb5Config != null) { LoginContext loginContext = new LoginContext(kerb5Config); loginContext.login(); subject = loginContext.getSubject(); verifyHost = true; } SSLEngine engine = Subject.doAs(subject, new PrivilegedExceptionAction<SSLEngine>() { @Override public SSLEngine run() { if (verifyHost) { return context.newEngine(alloc, sniHost != null ? sniHost : host, port); } else { return context.newEngine(alloc); } } }); return engine; }
/** * Re-login a principal. This method assumes that {@link #login()} has happened already. * @throws javax.security.auth.login.LoginException on a failure */ private void reLogin() throws LoginException { if (!isKrbTicket) { return; } if (loginContext == null) { throw new LoginException("Login must be done first"); } if (!hasSufficientTimeElapsed()) { return; } synchronized (KerberosLogin.class) { log.info("Initiating logout for {}", principal); // register most recent relogin attempt lastLogin = currentElapsedTime(); //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared loginContext.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) loginContext = new LoginContext(contextName(), subject, null, configuration()); log.info("Initiating re-login for {}", principal); loginContext.login(); } }
@Override public SecurityContext authenticate(String username, String password, X509Certificate[] certificates) throws SecurityException { SecurityContext result = null; JassCredentialCallbackHandler callback = new JassCredentialCallbackHandler(username, password); try { LoginContext lc = new LoginContext(jassConfiguration, callback); lc.login(); Subject subject = lc.getSubject(); result = new JaasSecurityContext(username, subject); } catch (Exception ex) { throw new SecurityException("User name [" + username + "] or password is invalid.", ex); } return result; } }
/** * Re-login a principal. This method assumes that {@link #login(String)} has happened already. * @throws javax.security.auth.login.LoginException on a failure */ // c.f. HADOOP-6559 private synchronized void reLogin() throws LoginException { if (!isKrbTicket) { return; } LoginContext login = getLogin(); if (login == null) { throw new LoginException("login must be done first"); } sleepUntilSufficientTimeElapsed(); LOG.info("Initiating logout for " + principal); synchronized (Login.class) { //clear up the kerberos state. But the tokens are not cleared! As per //the Java kerberos login module code, only the kerberos credentials //are cleared login.logout(); //login and also update the subject field of this instance to //have the new credentials (pass it to the LoginContext constructor) login = new LoginContext(loginContextName, getSubject()); LOG.info("Initiating re-login for " + principal); login.login(); setLogin(login); } } }
LoginContext loginContext = new LoginContext(kerb5Config); loginContext.login(); subject = loginContext.getSubject(); verifyHost = true;
login = new LoginContext(loginContextName, getSubject()); LOG.info("Initiating re-login for {}", principal); login.login(); setLogin(login);
LoginContext loginContext = new LoginContext("", null, null, new Configuration() loginContext.login(); Subject subject = loginContext.getSubject(); Principal clientPrincipal = subject.getPrincipals().iterator().next(); GSSCredential clientCredential = doAs(subject, () -> GSS_MANAGER.createCredential(
login = new LoginContext(loginContextName, getSubject()); LOG.info("Initiating re-login for " + principal); login.login(); setLogin(login);