public void updateOtherPartySubject(final Subject subject, final GSSName clientCred, final GSSCredential gssCred) { try { CallerPrincipalCallback pvCallback = new CallerPrincipalCallback(subject, new String(clientCred.export())); Callback[] callbacks = new Callback[]{pvCallback}; _handler.handle(callbacks); // adding the KerberosPrincipal to public credentials //TODO: check if this needs to be done in case of GF AccessController.doPrivileged(new PrivilegedAction() { public Object run() { KerberosPrincipal kerbPrincipal = new KerberosPrincipal(clientCred.toString()); subject.getPrincipals().add(kerbPrincipal); subject.getPublicCredentials().add(clientCred); if(gssCred != null){ subject.getPrivateCredentials().add(gssCred); } return null; // nothing to return } }); } catch (Exception e) { log.log(Level.SEVERE, "WSS0216.callbackhandler.handle.exception", new Object[]{"CallerPrincipalCallback"}); throw new XWSSecurityRuntimeException(e); } }
Key searchSessionKey(Subject subject) throws GSSException{ MIEName src = new MIEName(gssContext.getSrcName().export()); MIEName targ = new MIEName(gssContext.getTargName().export()); Iterator iter = subject.getPrivateCredentials(KerberosTicket.class).iterator(); while (iter.hasNext()) { KerberosTicket ticket = (KerberosTicket) iter.next(); MIEName client = new MIEName(gssContext.getMech(), ticket.getClient().getName()); MIEName server = new MIEName(gssContext.getMech(), ticket.getServer().getName()); if(src.equals(client)&&targ.equals(server)){ return ticket.getSessionKey(); } } return null; } public void dispose() throws GSSException {
Key searchSessionKey ( Subject subject ) throws GSSException { MIEName src = new MIEName(this.gssContext.getSrcName().export()); MIEName targ = new MIEName(this.gssContext.getTargName().export()); ASN1ObjectIdentifier mech = ASN1ObjectIdentifier.getInstance(this.gssContext.getMech().getDER()); for ( KerberosTicket ticket : subject.getPrivateCredentials(KerberosTicket.class) ) { MIEName client = new MIEName(mech, ticket.getClient().getName()); MIEName server = new MIEName(mech, ticket.getServer().getName()); if ( src.equals(client) && targ.equals(server) ) { return ticket.getSessionKey(); } } return null; }
Key searchSessionKey ( Subject subject ) throws GSSException { MIEName src = new MIEName(this.gssContext.getSrcName().export()); MIEName targ = new MIEName(this.gssContext.getTargName().export()); ASN1ObjectIdentifier mech = ASN1ObjectIdentifier.getInstance(this.gssContext.getMech().getDER()); for ( KerberosTicket ticket : subject.getPrivateCredentials(KerberosTicket.class) ) { MIEName client = new MIEName(mech, ticket.getClient().getName()); MIEName server = new MIEName(mech, ticket.getServer().getName()); if ( src.equals(client) && targ.equals(server) ) { return ticket.getSessionKey(); } } return null; }